Is it possible to convert a 40-character SHA1 hash to a 20-character SHA1 hash?

Posted by ewitch on Stack Overflow See other posts from Stack Overflow or by ewitch
Published on 2010-03-17T22:45:31Z Indexed on 2010/03/17 22:51 UTC
Read the original article Hit count: 405

Filed under:
|
|
|
|

My problem is a bit hairy, and I may be asking the wrong questions, so please bear with me...

I have a legacy MySQL database which stores the user passwords & salts for a membership system. Both of these values have been hashed using the Ruby framework - roughly like this:

hashedsalt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--")

hashedpassword = Digest::SHA1.hexdigest("#{hashedsalt}:#{password}")

So both values are stored as 40-character strings (varchar(40)) in MySQL.

Now I need to import all of these users into the ASP.NET membership framework for a new web site, which uses a SQL Server database. It is my understanding that the the way I have ASP.NET membership configured, the user passwords and salts are also stored in the membership database (in table aspnet_Membership) as SHA1 hashes, which are then Base64 encoded (see here for details) and stored as nvarchar(128) data.

But from the length of the Base64 encoded strings that are stored (28 characters) it seems that the SHA1 hashes that ASP.NET membership generates are only 20 characters long, rather than 40. From some other reading I have been doing I am thinking this has to do with the number of bits per character/character set/encoding or something related.

So is there some way to convert the 40-character SHA1 hashes to 20-character hashes which I can then transfer to the new ASP.NET membership data table? I'm pretty familiar with ASP.NET membership by now but I feel like I'm just missing this one piece. However, it may also be known that SHA1 in Ruby and SHA1 in .NET are incompatible, so I'm fighting a losing battle...

Thanks in advance for any insight.

© Stack Overflow or respective owner

Related posts about sha1

Related posts about ruby