I am working on migrating all our databases from MS SQL server to Postgres. In this process, I am working on writing equivalent code in Postgres to yield the same hashed texts obtained in MS SQL.
Following is my code in MS SQL:
DECLARE @HashedText nvarchar(50)
DECLARE @InputText nvarchar(50) = 'password'
DECLARE @HashedBytes varbinary(20) -- maximum size of SHA1 output
SELECT @HashedBytes = HASHBYTES('SHA1', @InputText)
SET @HashedText = CONVERT(nvarchar(50), @HashedBytes, 2)
SELECT @HashedText
This is yielding the value E8F97FBA9104D1EA5047948E6DFB67FACD9F5B73
Following is equivalent code written in Postgres:
DO
$$
DECLARE v_InputText VARCHAR = 'password';
DECLARE v_HashedText VARCHAR;
DECLARE v_HashedBytes BYTEA;
BEGIN
SELECT
ENCODE(DIGEST(v_InputText, 'SHA1'), 'hex')
INTO
v_HashedBytes;
v_HashedText := CAST(v_HashedBytes AS VARCHAR);
RAISE INFO 'Hashed Text: %', v_HashedText;
END;
$$;
This yields the value 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8.
After spending some time I understood that replacing the datatype 'NVARCHAR' with 'VARCHAR' in MS SQL yields the same result as Postgres.
Now the problem is in MS SQL we already have passwords hashed and stored in database as shown above. I am unable to convert hashed text in MS SQL to Postgres and also unable to generate same hashed text in Postgres as Postgres doesn't support UTF-16 unicode.
So, I just want to know if there is any possibility of following solutions?
- Convert hexadecimal value generated in MS SQL to hex value equivalent to that generated by using VARCHAR datatype (which is same value in Postgres)
- Convert UTF8 texts to UTF16 texts in Postgres (even by any kind of extensions) and generate hex values which would be equivalent to values generated in MS SQL
SHA1annymore especially without salt and or pepper because off large existingSHA1rainbow tables which can "decrypt" theSHA1hashes within seconds.. BesidesSHA1algorithm is a fast algorithm on CPU's but also on GPU's makes it possible to do 1 million+ geusses per second with ease on modern GPU hardware..varbinary(20)or as avarchar? BTWVARCHARwithout a length doesn't mean arbitrary length. I think the default lenght is 30. You may be truncating the hash already