This cost me several hours last night, so I want to get it down somewhere that perhaps might save someone else some time in the future. If you are integrating to PeopleSoft (like say, from Java) and need to use it as an authentication store, it uses SHA-1 to hash it's passwords (the ones in PSOPRDEFN), but the trick is you have to use the "UTF-16LE" charset when converting your clear text password to a byte array for passing to the MessageDigest.update() method.
After that it works just like you would expect it to. I couldn't find that answer anywhere, although I did find several references to it using SHA-1, my hash using UTF-8 or US_ASCII came up wrong. Finally I just decided to try all the available charsets, and voila! it worked.
2 comments:
Thanks to Tim Ward for this PHP implementation:
echo base64_encode( sha1( mb_convert_encoding( $pass, 'UTF-16LE' ), true ) );
Sir, you are a life saver. Thank you for this!
Using Apache Commons libraries:
Base64.encodeBase64String(DigestUtils.sha(password.getBytes(StandardCharsets.UTF_16LE)))
Post a Comment