Hi all
Could someone show me an example how to use Blowfish with crypt?
$password = crypt($_POST["password"], '$2a$07$0k5ls4mbfakdl2mbk5lo9dkr$');Looks strange as well as the output.
Pytho
0
Light Poster
Recommended Answers
Jump to Posthttp://php.net/manual/en/function.crypt.php
You check to see if it's available - see example#3 in the link above.
I don't understand what you need. This is a one-way hash. The output is meant to …
All 3 Replies
diafol
http://php.net/manual/en/function.crypt.php
You check to see if it's available - see example#3 in the link above.
I don't understand what you need. This is a one-way hash. The output is meant to look strange.
FROM THE PHP MANUAL:
CRYPT_BLOWFISH - Blowfish hashing with a salt as follows: "$2a$", a two digit cost parameter, "$", and 22 digits from the alphabet "./0-9A-Za-z". Using characters outside of this range in the salt will cause crypt() to return a zero-length string. The two digit cost parameter is the base-2 logarithm of the iteration count for the underlying Blowfish-based hashing algorithmeter and must be in range 04-31, values outside this range will cause crypt() to fail.
So the Blowfish salt in the example:
$2a$07$usesomesillystringforsalt$PARTS:
$2a$
07 - the 2 digit cost (04-31)
$
usesomesillystringfors - the 22 digits
alt$ - excess digits (don't do anything)
Pytho
0
Light Poster
Yea, I know those can't be decrypted without brute forcing. But I was wondering in what format the salt should be given.
diafol
I was wondering in what format the salt should be given.
Didn't I just give you the run down?
usesomesillystringfors - the 22 digits
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.