In what specific way does the Spring PasswordEncoder incorporate salt into the plaintext?

After reviewing the documentation, I realized that the specific details are not mentioned. I am unsure about delving into the source code to understand this. However, it seems like a feasible solution.

I am currently facing the challenge of transferring a moderate-sized database containing username/password data from Spring framework to Remix.js.

The main obstacle I'm encountering lies in correctly salting passwords with hashing algorithms. I foresee having to experiment with various combinations, so I thought I'd seek some advice.

Here is an example of how the old hashes are generated: https://github.com/Parrit/Parrit/blob/master/src/main/java/com/parrit/controllers/ProjectController.java#L68

and here is a sample hash. In plaintext, this should be password

{sha256}{1htkE/1MXKL7uqfqhOC2SI39YzX2lEsd96BqJCHTUCs=}9f62dbe07df8ac7f049cdb1ae1291b02f2d1ea645c7f4df9a1235e93a0f213bd

My understanding is that this format represents {alg}{salt}hash

However, I encountered a mismatch when attempting to compute a hash in JavaScript

const compare_sha256 = (attempt: string, info: PasswordInfo): boolean => {
  let attemptHash;
  if (info.salt) {
    const saltedAttempt = attempt + info.salt;
    console.log("saltedAttempt", saltedAttempt);
    attemptHash = createHash("sha256").update(saltedAttempt).digest("hex");
  } else {
    attemptHash = createHash("sha256").update(attempt).digest("hex");
  }
  console.log({ attemptHash, actuallHash: info.hash });
  return attemptHash === info.hash;
};

Upon logging:

saltedAttempt password1htkE/1MXKL7uqfqhOC2SI39YzX2lEsd96BqJCHTUCs=
{
  attemptHash: 'ae192cbdfa2abf7b82bfdeec0168cc0cd7fd359ed49d7494daa88046ef025599',
  actuallHash: '9f62dbe07df8ac7f049cdb1ae1291b02f2d1ea645c7f4df9a1235e93a0f213bd'
}

I suspect there must be a delimiter separating the plaintext and salt. If I have overlooked something, please point it out to me.

typescriptspringcryptographysha256

Answer №1

To calculate the hash, you can utilize the MessageDigestPasswordEncoder. Combine the password and salt in that specific sequence. Remember to include the salt with the curly brackets and encode it in base64:

var crypto = require('crypto')
var hash = crypto.createHash('sha256')
    .update('password')
    .update('{1htkE/1MXKL7uqfqhOC2SI39YzX2lEsd96BqJCHTUCs=}')
    .digest('hex')
console.log(hash) // 9f62dbe07df8ac7f049cdb1ae1291b02f2d1ea645c7f4df9a1235e93a0f213bd

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Tips for utilizing the "??=" syntax in Typescript

let x; x ??= 'abc' console.log(x); // abc Running the code above in the browser console does not cause any issues. However, when attempting to run it in TypeScript, an error is thrown. SyntaxError: Unexpected token '??=' Here is my c ...

typescript

What is the best way to transfer attributes from a nested component to its parent in Angular 10?

Within my parent component, I have a {{title}} and a {{subtitle}} that should dynamically change based on the title and subtitle of my children components. These children are rendered inside a router-outlet, with each child providing its own unique title a ...

angulartypescriptasynchronous

Utilizing Zod for Recursive types and accurately inferring them

Here are my schemas: export const barSchema = z.object({ id: z.string(), foo: z.object(fooSchema), }); export const fooSchema = z.object({ id: z.string(), bar: z.object(barSchema), }); export type BarType = z.infer<typeof barSchema>; My ch ...

typescriptzod

"Although a generic type is compatible with a function argument for mapping, it may not work with

interface DataGeneric { value: number; } function transform<D extends DataGeneric>(data: DataGeneric[], get_value: (record: D) => number) { // No errors, works fine let values = data.map(get_value); // However, this line causes a ...

typescript

The ES6 reduce method is not giving the expected result

In Image 1, the output you will see if you log the final array from Snippet 1. My goal is to transform my array to match the format shown in Image 2. I attempted using lodash's _.uniqBy() method [Snippet 2], but the logged output of the reduce varia ...

javascripttypescriptecmascript-6

After saving the document, the newly added autocomplete items do not appear in the autocomplete list

This particular sample appears to function correctly until it is saved. While using "Untitled-1" everything works as expected, but once saved as "test.py", the item does not get added to the autocomplete list. Despite running "npm install" in the directory ...

typescriptvisual-studio-code

Retrieve the status callback function from the service

Can anybody show me how to set up a call-back function between a component and a service? I apologize for my lack of experience with Angular and TypeScript. getDiscount(){ let getDisc = []; getDisc.push({ price: Number(this.commonService.getP ...

angulartypescriptcallback

Saving an Entity with a Null Object in Hibernate: Step-by-Step Guide

I am looking to incorporate the Null Object pattern into a Hibernate Entity. Consider a scenario where we have a Person entity with an Address field. In some cases, the Address of the Person must be defined, while in others it may not be necessary. @Enti ...

javaspringhibernatejpaspring-data

Is there a way to retrieve the keys from an object that is combined as shared union?

As an illustration When the Type is placed in keyof, it results in never. type T = { items?: string[] | undefined; 'items.0.kind'?: string[] | undefined; 'items.0.institution'?: string[] | undefined; &a ...

typescript

How can we implement a TypeScript interface that includes a constructor?

Currently, I am exploring an angular maps library that provides the following interface: export interface LatLng { constructor(lat: number, lng: number): void; lat(): number; lng(): number; } To utilize this interface and create an object for API ...

angulargoogle-mapstypescript

Issue: Module 'typescript' not found in Ionic application

As a beginner in the world of Ionic framework, I encountered a problem while attempting to build my app using "ionic serve" - I received the error message "cannot find module 'typescript'". I believed I had resolved the issue by installing Ty ...

cordovatypescriptionic-frameworkionic2ionic3

Error encountered during unit testing: The function _reactRouterDom.useHistory.mockReturnValue is not a valid function

I'm having trouble writing unit tests for a React component implemented in TypeScript. I encountered an error when trying to mock some hook functions. Here is my current unit test implementation: import React from 'react'; import { useHisto ...

reactjstypescriptunit-testingreact-routerreact-router-dom

An issue arises when trying to update state using useState in TypeScript

In our system, we have a state that contains an array of objects: interface Product { id: number; status: boolean; color: string; price: number; } const productList: Product[] = [ { id: 1, status: true, color: 'yellow', ...

reactjstypescriptreact-hooksuse-state

Ways to initiate a fresh API request while utilizing httpClient and shareReplay

I have implemented a configuration to share the replay of my httpClient request among multiple components. Here is the setup: apicaller.service.ts import { Injectable } from '@angular/core'; import { HttpClient } from '@angular/common/http& ...

angulartypescriptrxjs

How can I automatically reset the input value within a formGroup in Angular 10?

Utilizing the angular form, I have created a search bar on the "search page" ("/search"). I've noticed that when I search for something, like "testing word", then navigate to the home page ("/") and return to the search page, the input in the search b ...

angulartypescriptangular-material

Fundamentals of Angular 2

It's not just an inconvenience, but something that truly frustrates me. Could someone please clarify the following: Why does Angular load these scripts in HTML directly from node_modules https://i.sstatic.net/D8UrG.png Why am I unable to simply imp ...

javascriptnode.jstypescriptangular

The folder creation in the 'outDir' directory by TSC continues to grow

Hello! Currently, I am engaged in a small TypeScript project where I need to utilize two separate tsconfig.json files, both of which inherit from my main tsconfig.base.json file. Unfortunately, I encountered an issue with the compiler creating unnecessar ...

jsontypescripttsctsconfig

Consuming NATS Jetstream with multiple threads

My TypeScript application consists of multiple projects, each with its own set of microservices: server: A REST API that publishes messages to NATS for other services to update a (mongo) DB synchronizer: A process that consumes NATS messages and updates t ...

typescriptmicroservicesnats-jetstream

Search for words in a given string that begin with the symbol $ using Angular 2

I am trying to locate words that begin with $. var str = "$hello, this is a $test $john #doe"; var re = /(?:^|\W)\$(\w+)(?!\w)/g, match, results = []; while (match = re.exec(str)) { results.push(match[1]); } The regular expression a ...

regexangulartypescript

Troubleshooting a useContext error in Next.js with TypeScript

I've been working on an app using next.js for the frontend, and I encountered an issue while trying to stringify an object. Here's a snippet of the error message: Argument of type '{ auth: dataObject; }' is not assignable to parameter o ...

reactjstypescriptnext.js