CODEWITHSUNDEEP
phpnode.jscrypt
Sebastien
Sebastien

Reputation: 115

How to verify hash created with php-crypt in node.js

I must migrate my backend from php to node. We used php crypt (with default random salt) to hash the passwords. For instance, for the password 'd1692fab28b8a56527ae329b3d121c52', I have the following crypted pw in my base (depending if I used either md5 or sha512, as the $i$ specify) :

$1$7JxJYjJK$oFtCGyVvflspPtxB7YrWP.
$6$CVx6KL5l$wzk3YXlqUaz42Kb9r2lmEJhx/FBUXPRoLWN.20/XMBbgQrhp3vSHkEDF3bJEtpM3M96VZ.AMKatLGSKYZZKNH/

And in php I can verify them with crypt :

echo crypt('d1692fab28b8a56527ae329b3d121c52', '$1$7JxJYjJK$oFtCGyVvflspPtxB7YrWP.');
echo "\n";
echo crypt('d1692fab28b8a56527ae329b3d121c52', '$6$CVx6KL5l$wzk3YXlqUaz42Kb9r2lmEJhx/FBUXPRoLWN.20/XMBbgQrhp3vSHkEDF3bJEtpM3M96VZ.AMKatLGSKYZZKNH/');
echo "\n";

Which returns the correct crypted pw.

I did not manage to obtain such results with any node function. I tried stuff like :

require("crypto").createHmac("md5", "7JxJYjJK").update("d1692fab28b8a56527ae329b3d121c52").digest("base64");

And many others, but without any success. Can someone please help me to do this ? I abolutely need the MD5 version ($1$) ; the sha512 would be somewhat nice (I know it's horrifying, but it's the md5 version that was used on the prod server, and the sha512 that was used on the test server...).

Upvotes: 4

Views: 1785

Answers (1)

BlaM
BlaM

Reputation: 28858

I just converted the original crypt_md5() (as used in PHP) to JavaScript for one of my projects. You can find it here:

https://github.com/BlaM/cryptMD5-for-javascript

(Supports only $1$, but that's at least a part of what you are looking for.)

Upvotes: 1

Related Questions