Hi,
I am running into this issue using an old ASP.NET project using Membership.
It has the password hashed with sha1 in the database and salt in the dbo.Membership table.
When trying to import an example using the user-import-export extension it still fails for some reason.
[{
"user_id": "12345",
"email": "test@example.com",
"email_verified": true,
"custom_password_hash": {
"algorithm": "sha1",
"hash": {
"value": "Bc0bbM6qEy5ymgnruvTUuNhnVKU=",
"encoding": "base64"
},
"salt": {
"value": "oVZDJPuCI5xuQ8k0jOeblQ==",
"position": "prefix",
"encoding": "base64"
},
"password": {
"encoding": "utf8"
}
}
}]
I could simple use the following c# code to verify that it works using SHA1.
public static void Main()
{
var encoded = EncodePassword("testing", "oVZDJPuCI5xuQ8k0jOeblQ==");
Console.WriteLine(encoded); // result output "Bc0bbM6qEy5ymgnruvTUuNhnVKU="
}
public static string EncodePassword(string pass, string salt)
{
byte[] bytes = Encoding.Unicode.GetBytes(pass);
byte[] numArray1 = Convert.FromBase64String(salt);
var hashAlgorithm = HashAlgorithm.Create("SHA1");
var buffer = new byte[numArray1.Length + bytes.Length];
Buffer.BlockCopy(numArray1, 0, buffer, 0, numArray1.Length);
Buffer.BlockCopy(bytes, 0, buffer, numArray1.Length, bytes.Length);
var inArray = hashAlgorithm.ComputeHash(buffer);
return Convert.ToBase64String(inArray);
}
yet when trying to configure the custom_password_hash using sha1 it imports correctly but the password “testing” fails when trying it out.
Am i missing a value anywhere or some decoding/encoding issue i forgot ?
