For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

alpacatastic_20's avatar
alpacatastic_20
Icon for Nimbostratus rankNimbostratus
Jun 29, 2015

SHA512 iRule to create the same hash as used in the local user database

Hi, I'm scratching my head here having run out of avenues to go down. I am trying to write an iRule which will take the BASIC auth password from an HTTPS request and create a hash to compare against ...
application delivery
deployment
design
devops
iRules
LTM
TMSH
Ronald_van_der3's avatar
Ronald_van_der3
Icon for Nimbostratus rankNimbostratus
Jun 29, 2015

You have generated a single SHA512 hash from the password (and salt). However the OS uses (by default) 5000 rounds to generate the password.

 

alpacatastic_20's avatar
alpacatastic_20
Icon for Nimbostratus rankNimbostratus
Jun 30, 2015
Thanks for answering my query Ronald. I have presumed that the SHA512 hash function carries out the 5000 rounds by default for me before returning the hash but I will experiment with a loop to simulate the rounds. I think a related issue that I have is that the base64 encode is different on the F5 passwords to the standard b64encode in the iRule. The hash from the standard b64encode seems to use a '/' and a '+' as the extra 2 characters whereas the password hashes stored on the F5 use a '/' and a '.' instead.