I need some help with a little problem I have with MD5 hashs.
I need to be able to convert existing MD5 hexdigests to raw digests. Is
this possible?
I'll explain.
If I do : Digest::MD5.digest('password'), I get a raw MD5 digest. Right.
Then if I do : Digest::MD5.digest('password').unpack("H*")[0], then I
get the same output that if I did Digest::MD5.hexdigest('password').
But how can I do the opposite in ruby? How can I go from an existing
hexdigested MD5 string to the raw form?
I'm writing a program that needs to get hexdigested MD5 passwords
strings from a database and need to be able to use these passwords as
LDAP passwords.
In LDAP, the MD5 passwords that are created by slappasswd are raw MD5s
that are then base64 encoded.
So in ruby if I do : Base.encode64(Digest::MD5.digest('password')), I
get the exact same string as with slappasswd.
But since I already have the hexdigested passwords, it would save me and
my users the burden of changing their passwords after the migration.
As an advice, it seems like your password storage scheme relies on
MD5-hashed passwords with no salt? If so, you should probably consider
to go for something more sophisticated since you are in a transition phase
now anyway. MD5 with no password is almost trivial to break these days.
If you don't believe me, google for '48bb6e862e54f2a795ffc4e541caed4d'.
See, you recovered a password in mere seconds
For something more secure, you could have a look at PBKDF2 as described in
