Hi William, It's been a while since I've looked at this. You could double-check against how the kazoo client is handling encoding -> https://github.com/python-zk/kazoo/blob/master/kazoo/security.py#L61 .
Does this help? -Brian On Wed, Jul 18, 2018 at 7:36 AM, William Jardine <williamjardin...@gmail.com > wrote: > Hey guys, > > I'm using ZooKeeper and am curious about how it stores its ACL identities > created with the digest scheme, and am a bit confused by the website. > Hoping you can help me. > > For example, if I do:# > > - addauth digest testuser1:password1 > - setAcl /testnode auth:testuser1:password1:w > > This stores the following as the ACL identity for testnode: > 'testuser1:AWB1i+VKSJP/aUdT1QXi+A4j32o= > > My question is, what is this hash? The website ( > https://zookeeper.apache.org/doc/r3.1.2/zookeeperProgrammers.html#sc_ > ZooKeeperAccessControl) > talks about both MD5 and SHA1; I'm confused as to which it's using. > > I'm also a bit confused about which part it's hashing. I believe it's one > of the following combinations: > > - base64(sha1sum("username:password") > - base64(sha1sum("password") > - base64(md5sum("username:password") > - base64(md5sum("password") > > But I'm unable to replicate the hash given above. I want to verify my > passwords are stored in ZK as securely as possible. Are you able to give me > some more info on how this process works and what scheme it uses? Is it > doing some salting as well? Any info would be much appreciated. > > Cheers, > William >