Hey there Martin,
You should be able to set the value to a normal string, IE:
$user['password_sha'] = hash('sha256', $salt . $pass . $salt);
or if you really want sha1 and you absolutely can't use sha256
$user['password_sha'] = hash('sha1', $salt . $pass . $salt);
or
$user['password_sha'] = sha1($salt . $pass . $salt);
You should be able to use the string value directly without having to encode it.
On 23 March 2011 13:24, Martin Hewitt <mar...@thenoi.se> wrote:
> Looks like just using the raw string value works. Not sure if I mis-read the
> documentation or if it's something to do with PHP's native JSON conversion...
>
> Martin
>
> On 23 Mar 2011, at 13:13, Stefan Matheis wrote:
>
>> Hey again,
>>
>> just wondering about the following lines
>>
>>> $salt = "qwertyuiop";
>>> $user['salt'] = bin2hex($salt);
>>
>> is that really, what you want to do / what couch requires you to do?
>>
>> $ php -r 'var_dump("qwertyuiop", bin2hex("qwertyuiop"));'
>> string(10) "qwertyuiop"
>> string(20) "71776572747975696f70"
>>
>> could find no step in any couch-related document about that
>> requirement, you're refering to which one Martin?
>>
>> Regards
>> Stefan
>>
>> On Wed, Mar 23, 2011 at 1:53 PM, Martin Hewitt <mar...@thenoi.se> wrote:
>>> Hi all,
>>>
>>> Just wondering if anyone has done this successfully in PHP and could offer
>>> advice?
>>>
>>> My code is currently:
>>>
>>> $user = array();
>>> $user['_id'] = "org.couchdb.user:".$newUser;
>>> $user['type'] = "user";
>>> $user['name'] = $newUser;
>>> $user['roles'] = "numpty";
>>>
>>> $salt = "qwertyuiop";
>>> $newPassword = "test";
>>>
>>> $user['password_sha'] = sha1($newPassword.$salt);
>>> $user['salt'] = bin2hex($salt);
>>>
>>> And I can't login through Futon.
>>>
>>> Any help greatly appreciated!
>>>
>>> Martin
>>>
>>> On 23 Mar 2011, at 08:40, Stefan Matheis wrote:
>>>
>>>> Martin,
>>>>
>>>> based on
>>>> http://wiki.apache.org/couchdb/Security_Features_Overview#Generating_password_sha
>>>> what's wrong about php's sha1() function?
>>>>
>>>> $ php -r "echo sha1('foobar');"
>>>> 8843d7f92416211de9ebb963ff4ce28125932878
>>>>
>>>> it's the same result as stated there for erlang, ruby & python :)
>>>>
>>>> Regards
>>>> Stefan
>>>>
>>>> On Wed, Mar 23, 2011 at 4:33 AM, Martin Hewitt <mar...@thenoi.se> wrote:
>>>>> Hi all,
>>>>>
>>>>> I'm writing a build process in Phing, part of which involves creating a
>>>>> new CouchDB user. I'm having trouble logging in as the created user and
>>>>> have an inkling that it's down to the SHA1 encryption of the password and
>>>>> salt, as the Security wiki page is quite specific about what SHA1s work
>>>>> and which ones don't.
>>>>>
>>>>> My question is - does anyone know if there's a way to generate a
>>>>> CouchDB-friendly SHA1 hash in PHP?
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Martin
>>>
>>>
>
>
--
David Coallier
