如何解析 Spring Security 散列的密码哈希？

Question

I want to migrate my users from my application to an external SSO. I want my users to keep their existing passwords, so I'd like to retrieve the hashed password and provide it to the SSO application. The algorithm is the same on both sides (pbkdf2-sha256) so it's supposed to work.

Thus I need to be able to retrieve the salt and hashed password from the entry in the database.

My application uses Spring Security.

It seems that I need to do this manually, as the interface PasswordEncoder, which Pbkdf2PasswordEncoder implements, does not provide a way to retrieve the initial elements from the stored value.

What would be the correct way to achieve this ?

Thanks

edit:

Here is my code

Pbkdf2PasswordEncoder encoder = new Pbkdf2PasswordEncoder("", 27500, 512);
String encoded = encoder.encode("password");
System.out.println(encoded); // prints the hex encoded hashed password: 2a319aaf0252d77e671cf1b074f149f7eed1b362afb47bef84e9b01a8140b26a733cd22df007d68668915c7bd51af9eefda1662216a184fa7eb034c176ce9518fc83f3fd935a2d3d
final byte[] digested = Hex.decode(encoded);
byte[] salt = EncodingUtils.subArray(digested, 0, 7);
byte[] password = EncodingUtils.subArray(digested, 8, digested.length);
System.out.println(new String(Base64.getEncoder().encode(salt))); // prints KjGarwJS134=
System.out.println(new String(Base64.getEncoder().encode(password))); // prints HPGwdPFJ9+7Rs2KvtHvvhOmwGoFAsmpzPNIt8AfWhmiRXHvVGvnu/aFmIhahhPp+sDTBds6VGPyD8/2TWi09

If I then go to this website and enter the following values:

• master password: password
• salt: KjGarwJS134=
• iteration: 27500
• dkLen: 512
• PBE Ciphers: sha256

Then I would expect the output to match the last output of my code, but this isn't the case.

Answer 1

You obviously cannot get the password back from the hash, but I don't think you're asking that. Here's how you would do it:

1. First check if it is base64. If so, take your string and base64-decode it, turning it into a byte array. (The default is just hex nibbles, ie option 2).
2. If it wasn't, then it's just hex nibbles. You can tell; if the entire thing consists solely of digits and the letters af, it's this, otherwise it's #1 (base64). Parsing hex nibbles back to a byte array is fairly trivial; toss every 2 characters through parseInt: Integer.parseInt(in.substring(x, x + 2), 0x10); - the 0x10 at the end is important.
3. The byte array obtained with this is the salt and the hash, concatenating, in that order. By default, the salt would be 8 bytes, but this is all configurable in spring. So, lop off the first 8 bytes from the array - that's your salt.
4. The rest is 'just' the raw hash.