3

Crypt is generating different hashes with the same input data, and the [following] previously functional hash generator/check is no longer working for authenticating users:

public static function blowfish($password, $storedpass = false) {
    //if encrypted data is passed, check it against input ($info) 
      if ($storedpass) { 
            if (substr($storedpass, 0, 60) == crypt($password, "$2y$08$".substr($storedpass, 60))) { 
                return true; 
            }  else { 
                return false; 
            } 
      }  else { 
          //make a salt and hash it with input, and add salt to end 
          $salt = ""; 
          for ($i = 0; $i < 22; $i++) { 
            $salt .= substr("./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", mt_rand(0, 63), 1); 
          } 
          //return 82 char string (60 char hash & 22 char salt) 
          return crypt($password, "$2y$08$".$salt).$salt; 
     }
}

I'm banging my head against the wall and have found no answers in differences between Zend's internal algorithms vs PHP vs operating system algorithms; or variations between PHP 5.3.8 vs earlier...

EDIT: My question is technically answered, and it is my fault I didn't ask properly. I've implemented:

$salt = substr(bin2hex(openssl_random_pseudo_bytes(22)), 0, 22);
          //for ($i = 0; $i < 22; $i++) { 
            //$salt .= substr("./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", mt_rand(0, 63), 1); 
          //}

My real question is; why are the following functions returning differently?

print(substr($storedpass, 0, 60)."<br />");

returns: $2y$08$43f053b1538df81054d4cOJyrO5/j7NtZBCw6LrFof29cLBs7giK6

print(crypt($password, "$2a$08$".substr($storedpass, 60)));

returns: $2a$08$43f053b1538df81054d4cOPSGh/LMc0PZx6RC6PlXOSc61BKq/F6.

KneeSkrap3r
  • 103
  • 9
  • As a sidenote: Use a crypto PRNG to generate the salt, not a badly seeded mersenne twister – CodesInChaos Aug 15 '12 at 17:31
  • @CodesInChaos Fair enough, what is the best [PHP] function to use for this? mt_rand()? – KneeSkrap3r Aug 15 '12 at 17:41
  • I'm not a php dev, but `mcrypt_create_iv(size, MCRYPT_DEV_URANDOM)` might be a good choice. Or you could directly read from `/dev/urandom` on linux http://stackoverflow.com/a/1551064/445517 or [`openssl_random_pseudo_bytes`](http://php.net/manual/en/function.openssl-random-pseudo-bytes.php) – CodesInChaos Aug 15 '12 at 18:07
  • @CodesInChaos after further research I've come to the same conclusion - since I'm alternating dev environments with different teams I cannot use /dev/random so I'll still with mcrypt_create_iv(size, MCRYPT_DEV_URANDOM). Thanks! – KneeSkrap3r Aug 15 '12 at 18:25

1 Answers1

1

Because you are creating the salt with the help of random numbers,

The function mt_rand() will create random number each time when you are calling, optionally with min, max parameters. Usually for strong cryptography password hashing, Salt should be generated using a Cryptographically Secure Pseudo-Random Number Generator (CSPRNG).

Then come to your problem, i assume there will be no difference in algorithm between ZEND and php. Because zend is a framework wrapping around the core php, and make use of it.

To verify the password, how the crypt check work is

crypt($password, $stored_hash) == $stored_hash;

Once you stored the hash when you hash first, it will be easy to verify by this.

That is what actually happens here, if you pass the hash as second parameter to the function blowfish, it will return the verification by a bool value, regardless of the salt.

if (substr($storedpass, 0, 60) == crypt($password, "$2y$08$".substr($storedpass, 60))) { 
    return true; 
}  else { 
    return false; 
}

for your information about hashing and security read this

Hope this helps

code-jaff
  • 9,230
  • 4
  • 35
  • 56
  • I guess the code originally "worked" because in older versions of php the PRNG behind `mt_rand` wasn't seeded automatically. – CodesInChaos Aug 15 '12 at 18:15
  • So you both are saying that using a CSPRNG instead of my mt_rand should work? I've implemented $salt = bin2hex(openssl_random_pseudo_bytes(22)) instead and am experiencing the same issue... – KneeSkrap3r Aug 15 '12 at 19:35
  • Even pseudo RNG's are usually seeded with "true" random data. – Maarten Bodewes Aug 16 '12 at 01:01