I am working on an application in java , which creates or edit the entry values in the LDAP server. When the user submits a "Reset PIN" request, the existing certificate with the UID is removed and a new PIN is generated. The pin is encrypted as DigestUtil.sha(dn+pin) [ An excryption done for string formed ]
pin = code
byte digest = DigestUtils.sha(dn + pin);
The encryption is done and the encrypted value is set as the pin attribute in the LDAP. A one way hashcode is generated when the attribute is set.
I have another application in perl where the user would download the new certificate by providing the PIN.
when the user submits for new certificate, the same kind of encrytion happens, it then compares to the hash code generated in the above applicaiton and replies back.
My issue is that, This is working fine for most of the dn values, But for some dn, the hash codes values generated for the same pin and dn are different from both the applications.
So the user is not able to download the certificate, saying incorrect password or authentication failed.
Please let me know how can I fix it ? is there any bug in DigestUtils encryption ?