generates

generates

关注
发信
创建菜单像AngularJs材质网站
类型“AbstractControl"Angular 4 上不存在属性“控件"
更改 AngularJS md-tabs 的索引根本没有效果
在我的服务工厂中,我查找了一个大型数据集 - 我想保留它并检查它是否存在以避免再次调用它
过滤器不起作用 ng-repeat
只有在登录页面设置SSL页面
Ruby - 词法范围与继承
什么对Facebook的图形API批处理请求限制?
使用 Bootstrap for Angular 和 Material design for Angular
如何点击窗体的取消按钮后跳过验证
IBM工作灯6.2 - 在StoragePlugin错误
向每个团队成员发送成功自动构建的通知
无法将Neo4j Shell连接到本地服务器
Terraform HCL - 将列表转换为对象地图?
Tomcat6拒绝在Eclipse中启动

比较PHP和NodeJS之间的BCrypt哈希

扫码查看
本文介绍了比较PHP和NodeJS之间的BCrypt哈希的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

对于我正在开发的应用,nodejs需要验证PHP创建的哈希,反之亦然.

For an app I'm working on, nodejs needs to verify hashes created by PHP and vice-versa.

问题是,在node.js中进行测试时,PHP中生成的哈希(通过Laravel的Hash类,该类仅使用PHP的password_hash函数)返回false.

The problem is, the hashes generated in PHP (via Laravel's Hash class, which just uses PHP's password_hash function) return false when tested in node.js.

以下node.js脚本:

The following node.js script:

var bcrypt = require('bcrypt');

var password = 'password';

var phpGeneratedHash  = '$2y$10$jOTwkwLVn6OeA/843CyIHu67ib4RixMa/N/pTJVhOjTddvrG8ge5.';
var nodeGeneratedHash = '$2a$10$ZiBH5JtTDtXqDajO6f4EbeBIXGwtcGg2MGwr90xTH9ki34SV6rZhO';

console.log(
  bcrypt.compareSync(password, phpGeneratedHash)  ? 'PHP passed' : 'PHP failed',
  bcrypt.compareSync(password, nodeGeneratedHash) ? 'nodejs passed' : 'nodejs failed'
);

输出:'PHP失败的nodejs通过',而以下PHP脚本:

outputs: 'PHP failed nodejs passed', whereas the following PHP script:

<?php

$password = 'password';

$phpGeneratedHash  = '$2y$10$jOTwkwLVn6OeA/843CyIHu67ib4RixMa/N/pTJVhOjTddvrG8ge5.';
$nodeGeneratedHash = '$2a$10$ZiBH5JtTDtXqDajO6f4EbeBIXGwtcGg2MGwr90xTH9ki34SV6rZhO';

print password_verify($password, $phpGeneratedHash)  ? 'PHP passed' : 'PHP failed';
print password_verify($password, $nodeGeneratedHash) ? 'nodejs passed' : 'nodejs failed';

输出"PHP传递的nodejs传递的信息".

outputs 'PHP passed nodejs passed'.

我已经在Ubuntu 14.04.1中使用PHP 5.5.18,node.js v0.10.32和npm bcrypt模块运行了测试.

I've run the tests in Ubuntu 14.04.1 using PHP 5.5.18, node.js v0.10.32 and the npm bcrypt module.

推荐答案

此操作失败,因为从php和node生成的bcrypt哈希类型不同. Laravel生成$2y$,而节点生成$2a$.但是好消息是2a2y之间的唯一区别是它们的前缀.

This fails because the types of bcrypt hashes being generated from php and node are different. Laravel generates the $2y$ while node generates the $2a$. But the good news is the only difference between 2a and 2y are their prefixes.

因此,您可以做的是使其中一个前缀与另一个相似.喜欢:

So what you can do is make one of the prefix similar to the other. Like:

$phpGeneratedHash  = '$2y$10$jOTwkwLVn6OeA/843CyIHu67ib4RixMa/N/pTJVhOjTddvrG8ge5.';
$nodeGeneratedHash = '$2a$10$ZiBH5JtTDtXqDajO6f4EbeBIXGwtcGg2MGwr90xTH9ki34SV6rZhO';

类似:

$phpGeneratedHash  = '$2y$10$jOTwkwLVn6OeA/843CyIHu67ib4RixMa/N/pTJVhOjTddvrG8ge5.';
$nodeGeneratedHash = '$2y$10$ZiBH5JtTDtXqDajO6f4EbeBIXGwtcGg2MGwr90xTH9ki34SV6rZhO';

请注意,我将节点哈希的$2a$替换为$2y$.您可以使用以下方法简单地做到这一点:

Notice that I replaced the $2a$ of the node hash to $2y$. You can simply do this with:

$finalNodeGeneratedHash = str_replace("$2a$", "$2y$", $nodeGeneratedHash);

节点

finalNodeGeneratedHash = nodeGeneratedHash.replace('$2a$', '$2y$');

然后将phpGeneratedHashfinalNodeGeneratedHash进行比较.

这篇关于比较PHP和NodeJS之间的BCrypt哈希的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-26 03:25
查看更多
Powered by LMLPHP ©2025 generates 0.030132