I am migrating my PHP code to Google App Engine - Java.
Since I couldn't find an equivalent function of crypt in Java,
I can do without it if I find an equivalent function in actionscript.
Edit 1: Here is my php code for encrypting passwords :
$password = "test123";
$pwd = crypt($password,$password);
echo $pwd;
Output is (On Windows as well as a linux based server on HostMonser):
temjCCsjBECmU
as3crypto might be of help. It provides DES, and together with Base64, you should be able to recreate PHP's crypt function. OTOH, unless you really need the exact same behaviour, you might just as well take anything else the library offers.
greetz
back2dos
Don't think you'll find an exact analog. crypt() as exists in PHP is an artifact of its Unix heritage, and is usually just a wrapper around the base C library. It won't even behave identically between operating systems.
What you should do is define your password hashing practice clearly (e.g. SHA256 with 8 bytes of salt or something), and run it through a library providing the appropriate algorithm.
Google for com.adobe.crypto (pretty sure it's part of the as3corelib project), it has several cryptographic hash functions.
You can accomplish this same thing in Java as well (and probably better and faster), though I don't know any particular libraries off the top of my head, not having dealt much with Java.
Incidentally, you should probably read through these articles before going much further:
http://en.wikipedia.org/wiki/Cryptographic_hash_function
http://en.wikipedia.org/wiki/Crypt_(Unix)
http://en.wikipedia.org/wiki/Salt_(cryptography)
Related
Does anyone else had that issue?
In a php 5.4.9-4 environment when I call echo hash('tiger192,4','test'); I receive 14b5375c7b29cbf5f9e70a199a40e59dd4d5f1df218b5249 as response.
Now, in a php 5.3.10 environment when I call the SAME function I receive f5cb297b5c37b5149de5409a190ae7f949528b21dff1d5d4
I think is something with the tiger192 hash family because when using sha256, for example, it generates the same value.
I saw that in php 5.4 the tiger family is using big-endian byte ordering. Now, does anyone knows how to disable it to keep the compatibility?
Sadly there is no a compatibility setting for this, and you should not expect to be able to move between major versions of software without having to rework parts of your code.
If resetting the hashed data is not an option (but then i don't see why not? As inconvenient it may be, after that your hashes will be much more secure) then you could write your own function to do the hashing since algorithm is publicly available http://en.wikipedia.org/wiki/Tiger_(cryptography)#Algorithm.
I know PHP's mt_rand() should not be used for security purposes as its results are not cryptographically strong. Yet a lot of PHP code does just that, or uses it as a fallback if better sources of randomness are not available.
So how bad is it? What sources of randomness does mt_rand use for seeding? And are there other security problems with mt_rand for cryptographic applications?
In PHP 5.4, if mt_rand is automatically seeded the first time it's used (PHP source). The seed value is a function of the current timestamp, the PHP process PID and a value produced by PHP's internal LCG. I didn't check the source for previous versions of PHP, but the documentation implies that this seeding algorithm has been in use starting from PHP 5.2.1.
The RNG algorithm behind mt_rand is the Mersenne Twister. It doesn't really make sense to talk about "how bad" it is, because it's clearly documented (not on the PHP docs page, unfortunately) that it is entirely unsuitable for cryptographic applications. If you want crypto-strength randomness, use a documented crypto-strength generator.
Update: You might also want to look at this question from crypto.SE.
I was wondering if there is a python cognate to PHP's crypt() function that performs in a similar way, generating a random salt and embedding it within the saved string.
I have a table of hashed passwords that were created using the $5$ string key to setup a SHA256 based salted cryptogram. These hashes had some additional recorded entropy attached to both ends at a fixed interval, but splitting these characters off the string and getting the core hash is trivial and not a problem at all.
I've looked at the python documentation and can't find any methods in hashlib that seem to utilize the same syntax from php's crypt(). Is the approach utilized in PHP (the input format split with dollar signs between salt, algo and rounds) unique to the language?
Thanks.
EDIT:
It looks as though the revised version of python's own native crypt function is going to utilize procedures similar to that of PHP. From the 3.3 pre-release documentation:
http://docs.python.org/dev/library/crypt.html
EDIT:
Finally found Passlib, a library that provides this functionality in pure python.
http://packages.python.org/passlib/index.html
I realize that this question is old, however I found it while I was trying to implement a login algorithm in Python that was originally written in PHP. The crypt function in PHP uses any of a handful of somewhat insecure DES algorithms, including bcrypt. It depends on what you hash your string with. Passlib is pretty much your best bet for replicating the functionality your application is currently getting from PHP crypt. Take one of your hashed passwords, and look at the front of the string. You should see something like $2a$, $3$, $6$ (or similar). Note that if this string does not exist, you are more than likely using standard DES hashing.
Take that info to this link:
http://pythonhosted.org/passlib/modular_crypt_format.html#mcf-identifiers
Then, match it up to the algorithm you need to implement in Python. The Scheme identifiers are links to the passlib documentation regarding that hashing algorithm. At this point, you should have all the info you need to complete your reimplementation.
It certainly looks very similar to FreeBSD's crypt (see "modular crypt" in the manpage). I don't really recall if it's the same way in Linux or other but this seems to indicate it's not unique.
There's no direct equivalent in Python as far as I know, but it shouldn't be too hard to roll your own since the encryption algorithms themselves should be supported in hashlib.
I decided to drop md5() as the password-encrypting algorithm when storing user passwords in DB, in favor of phpass library.
On the systems using md5, it was no problem to have a Production/Development dyad, as the resulting hash was the same. So, in case I created a test user in either one of them, the same password worked in the other environment.
From what I gather, this is not the same for other types of hashing algorithms, as phpass (or its internal php functions) creates platform-dependent hashes (I'm a hashing/encryption novice).
My question is, how should one approach this situation? Different database in prod/dev? But what if "upstairs" decided that we should move our web application (along with its DB) to another server - wouldn't the hashed passwords be now invalid - as phpass would create different hashes for the same (old) passwords?
Later edit:
Well, I didn't bother to check a dev hash to a production one. Even though they're different, their comparison results in "true", as in "they're quivalent". I thought, if hashes are different, they don't match (like md5).
A very simple solution to your problem: Always use the latest stable version of PHP. As of 5.3 PHP provides native implementations of crypt algorithms and thus isn't platform dependent anymore. Your hashes should thus be compatible.
Is there a particular reason why you decided to use the phpass library? You didn't elaborate on that point, but if you were simply looking for a more secure algorithm than MD5, take a look at hash() coupled with an algorithm like sha512.
Tiger algorithms in PHP
The Tiger192,4 algorithm is often recommended for hashing, however I've just discovered you can get different hash values on different machines.
Impossible! (you say)
Well it turns out PHP <5.4 implements Tiger with LSB first, while PHP 5.4+ implements Tiger with MSB first. Which is correct? I can't say (LSB matches testtiger while MSB matches the wikipedia examples) but the point is... don't use Tiger if hashes need to be portable or survive a PHP upgrade (a PHP 5.3->5.4 will break a Tiger hashed password table, which has significant maintainability implications).
To test...
echo hash("tiger192,3","The quick brown fox jumps over the lazy cog")."\n".
hash("tiger192,3","");
MSB: (PHP 5.4.5)
a8f04b0f7201a0d728101c9d26525b31764a3493fcd8458f
3293ac630c13f0245f92bbb1766e16167a4e58492dde73f3
LSB: (PHP 5.3.2)
d7a001720f4bf0a8315b52269d1c10288f45d8fc93344a76
24f0130c63ac933216166e76b1bb925ff373de2d49584e7a
(My solution? Use a different algorithm, and embed a known hash test in the unit test code)
I need to make a hash with JS and PHP but I need them to both work out to be the same hash.
I am just wondering what the best idea would be to go about it. it needs to be secure, but its not hashing sensitive data so doesn't need a huge amount of security around it.
could anyone give me some examples
Thank you.
You could use MD5: the php and the JS solution should work out to be the same given the same string input. http://pajhome.org.uk/crypt/md5/ has a list of hash implementations in javascript, and PHP implementations of md5 are documented here, and both have examples at hand.
You'll need to be careful that you use the exact same input to both functions, but otherwise it shouldn't be too painful.
Well don't forget that javascript is inherently insecure because it is client side, but if you're hashing for communication with say ajax, or you don't want to spend the money on a ssl certificate, then this could be the way to go.
The most common hashing algorithms are md5 and sha256. Now, because these are algorithms they don't need to be coded into the language (as they are in php), but can written with the language. Some very smart people have already done the hard work for you, and now you just need to get their source.
MD5: http://www.webtoolkit.info/javascript-md5.html
SHA256: http://www.bichlmeier.info/sha256.html
A more modern approach
In PHP, use:
$hash = hash('sha256', "here_is_my_input_string");
Then in JavaScript you can use the Web Crypto API:
function hashAsync(algo, str) {
return crypto.subtle.digest(algo, new TextEncoder("utf-8").encode(str)).then(buf => {
return Array.prototype.map.call(new Uint8Array(buf), x=>(('00'+x.toString(16)).slice(-2))).join('');
});
}
hashAsync("SHA-256", "here_is_my_input_string").then(outputHash => console.log(outputHash));
// prints: 4bb047046382f9c2aeb32ae6d2e43439f05d11bd74658f1d160755ff48114364 which also matches 3rd party site: https://emn178.github.io/online-tools/sha256.html
Thanks to https://stackoverflow.com/a/55926440/470749