How can I convert a sha-512 /etc/shadow hash to base64?

abefroman · 09-13-2013, 05:12 PM

How can I convert a sha-512 /etc/shadow hash to base64?

Example here is the base64 of the unsalted hash of 1234:
{SHA512}1ARVn2Auq2/WAqx2gNrL+q3RNjAzXpUfCXrzkA6d4Xa22yhRLy4AC50E+6UTPoscbo31nbOoq51gvkuXzJ6B2w==

In /etc/shadow the hash of 1234 with a random salt of ZjXUzK2H is:
$6$ZjXUzK2H$08jUtpo6jck5fswOU3b0SoZhB8m4dfFU8hJ1WGoR8fUtmfXOZ/3DRX/W1AQii4C.kgGn6R9CPdrlwE0TIfMRN.

Here is a base64 of a salted sha512 hash of 1234, with a random salt:
{SSHA512}9ThBtv7S4b7CGM6i0Q5suNqL2OscjutP5xeyGX7Kh6QEwqzc3V6ieO+OGZFS9xIDWOlsUOYeytjCFBRliG0BLEdLXEM =

How can I get the /etc/shadow hash compatible with the base64 format?

TIA!

ntubski · 09-15-2013, 10:47 AM

According to wikipedia:

Quote:

A base 64 encoding is used to store password hashes computed with crypt in the /etc/passwd. Its alphabet starts with '.' for zero, then '/' for one, followed by 0-9, A-Z and a-z. Padding is not used.

To translate to standard base64 you can use tr:

Code:

% echo '08jUtpo6jck5fswOU3b0SoZhB8m4dfFU8hJ1WGoR8fUtmfXOZ/3DRX/W1AQii4C.kgGn6R9CPdrlwE0TIfMRN.' | tr ./0-9A-Za-z A-Za-z0-9+/
CKvg510IvowHr48agFnCe0ltNKyGprRgKtVDiS0dKrg5yrjalBFPdjBiDMcuuGOAwsSzIdLObp3x8QCfUrYdZA

Then you have to add padding, which will always be "==" for sha512 (3 - (512/8) mod 3 => 2).