pythonhashldaphashlib

Python: make a ldap password from a preexisting md5 checksum


I have a database of passwords stored as md5 checksums, and I want to populate an ldap directory with it.

I know how to create a ldap password from plain text passwords, but haven't found a way to do this from a md5 password hash.

import base64
import hashlib
from passlib.hash import ldap_md5

password = 'strongpassword'
md5sum = 'f93fc10472a31bb3061aa0b45e228c5a'

ldap1 = ldap_md5.hash(password) # correct

md5 = hashlib.md5(password.encode())
ldap2 = '{MD5}' + base64.b64encode(md5.digest()).decode() # correct

ldap3 = '{MD5}' + base64.b64encode(md5sum.encode()).decode() # incorrect

print(ldap1) # {MD5}+T/BBHKjG7MGGqC0XiKMWg==
print(ldap2) # {MD5}+T/BBHKjG7MGGqC0XiKMWg==
print(ldap3) # {MD5}ZjkzZmMxMDQ3MmEzMWJiMzA2MWFhMGI0NWUyMjhjNWE=
print()
print('I need to transform those bytes:')
print(md5sum.encode()) # b'f93fc10472a31bb3061aa0b45e228c5a'
print()
print('into whatever this is:')
print(md5.digest())    # b'\xf9?\xc1\x04r\xa3\x1b\xb3\x06\x1a\xa0\xb4^"\x8cZ'

Solution

  • All I needed was the function bytearray.fromhex() or bytes.fromhex().

    import base64
    import hashlib
    from passlib.hash import ldap_md5
    
    password = 'strongpassword'
    md5sum = 'f93fc10472a31bb3061aa0b45e228c5a'
    
    ldap1 = ldap_md5.hash(password) # correct
    
    md5 = hashlib.md5(password.encode())
    ldap2 = '{MD5}' + base64.b64encode(md5.digest()).decode() # correct
    
    ldap3 = '{MD5}' + base64.b64encode(bytearray.fromhex(md5sum)).decode() # correct
    
    ldap4 = '{MD5}' + base64.b64encode(bytes.fromhex(md5sum)).decode() # correct
    
    print(ldap1) #{MD5}+T/BBHKjG7MGGqC0XiKMWg==
    print(ldap2) #{MD5}+T/BBHKjG7MGGqC0XiKMWg==
    print(ldap3) #{MD5}+T/BBHKjG7MGGqC0XiKMWg==
    print(ldap4) #{MD5}+T/BBHKjG7MGGqC0XiKMWg==