Re: calculating the MD5 hash of role passwords in C

On Thu, Jan 23, 2020 at 05:15:37PM +0100, Christoph Moench-Tegeder wrote:
> ## Matthias Apitz (guru(at)unixarea(dot)de):
>
> > > The documentation on pg_authid has the details:
> > > "The MD5 hash will be of the user's password concatenated to their user name."
> > > https://www.postgresql.org/docs/12/catalog-pg-authid.html
> >
> > This is still not exactly what I was looking for. But has an interesting
> > detail (salting the role password by adding the role name to it). An
> > implementation with UNIX crypt(3) for MD5 would need an additional salt
> > like '$1$salt' to encrypt 'sisis123sisis'.
>
> It's not crypt(3). It's "the MD5 hash of the user's password concatenated
> to their user name".
> Try:
> perl -MDigest::MD5 -e 'print("md5" . Digest::MD5::md5_hex("sisis123" . "sisis") . "\n");'

FYI, this is documented:

https://www.postgresql.org/docs/12/protocol-flow.html#id-1.10.5.7.3
AuthenticationMD5Password

The frontend must now send a PasswordMessage containing the password
(with user name) encrypted via MD5, then encrypted again using the
4-byte random salt specified in the AuthenticationMD5Password message.
If this is the correct password, the server responds with an
AuthenticationOk, otherwise it responds with an ErrorResponse. The
actual PasswordMessage can be computed in SQL as concat('md5',
--> md5(concat(md5(concat(password, username)), random-salt))). (Keep in
mind the md5() function returns its result as a hex string.)

--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ As you are, so once was I. As I am, so you will be. +
+ Ancient Roman grave inscription +