shaneMangudi / bcrypt-nodejs

Native implementation of bcrypt for NodeJS
Other
574 stars 69 forks source link

Comparing $2y$ hashes #24

Open kevinhikaruevans opened 10 years ago

kevinhikaruevans commented 10 years ago

I have some hashes in my database which were previously created with PHP's bcrypt function.

If I try to run bcrypt.compareSync with the PHP's $2y$ versioned hash, it errors with "Invalid salt revision". Would it be possible to support $2y$ hashes instead of just $2a$?

kalvish21 commented 8 years ago

I'm having same issue with django. Django has $2b$ hashes. Any reason for that not to be supported?

akoskm commented 7 years ago

Exactly the same error with PHP generated hashes. Using "bcrypt-nodejs": "^0.0.3".

japita-se commented 7 years ago

confirmed. same error

TaylorDale commented 6 years ago

Manipulate the PHP hash with the following

phphash = phphash.replace(/^\$2y(.+)$/i, '$2a$1');

Works for me. From https://stackoverflow.com/questions/23015043/verify-password-hash-in-nodejs-which-was-generated-in-php