Have to decrpt a SHA1 password to Forgerock OpenIDM

Question

I have a requirement to decrypt the SHA1 user password from Active Directory to Forgerock OpenIDM, using below java script I am able to decrypt the password in base64.

if (source != null)
{
    var base64 = Packages.org.forgerock.util.encode.Base64url
    b64tO = new Packages.java.lang.String(base64.decode(source));
    logger.info("Decoded: {}", b64tO);
    target = b64tO;
}

Could you please help me

I am expecting to decrypt the password from SHA1 to plain text and store it in Forgerock OpenIDM.

SHA1 is a hash function, not an encryption method. There's nothing to "decrypt". — Gereon, Nov 10 '22 at 12:56

score 0 · Answer 1 · answered Nov 15 '22 at 16:05

Decrypting SHA1 is not possible because it is not an encryption, but a hashing algorithm.

But there are ways so sync a DS password to IDM in cleartext during it being changed. You can use the plugin documented here for that: https://backstage.forgerock.com/docs/idm/7/pwd-plugin-guide/chap-sync-dj.html

Have to decrpt a SHA1 password to Forgerock OpenIDM

1 Answers1