Alexander
Reputation: 387
php blowfish hashing with crypt(): the CLI result differs from webserver's one
When I use php function crypt() using Blowfish algorithm with web-server:
<?php
echo crypt('SAD123', sprintf('$2a$10$%s', '7711cbpe58dfpogiu049857f011werb0'));
I get this result:
$2a$10$7711cbpe58dfpogiu0498u5Vh773A3qx.3LE3ro3NX7F9c9N7.pOm
But if I'm using PHP interpretor with command line:
php -r "echo crypt('SAD123', sprintf('$2a$10$%s', '7711cbpe58dfpogiu049857f011werb0'));"
I'm getting another result:
a0SqNHxQ8/2mA
Do you have any ideas?
The system is: Apache/2.2.3 (CentOS), PHP Version 5.4.26
Upvotes: 3
Views: 172
Answers (1)
Quasdunk
Reputation: 15222
This is because the dollar-signs with the following digits in your command-string are also interpreted as positional parameters in bash.
When you escape them, it will work as expected:
$ php -r "echo crypt('SAD123', sprintf('\$2a\$10$%s', '7711cbpe58dfpogiu049857f011werb0'));"
So when you want to tinker with some PHP in your comman line, you should just run it interactively:
$ php -a
php > echo crypt('SAD123', sprintf('$2a$10$%s', '7711cbpe58dfpogiu049857f011werb0'));
Upvotes: 4
Related Questions
- Crypt for password hashing. Blowfish produces weird output
- Why does my PHP Blowfish encryption produce such weird results?
- Blowfish encryption - hash is created but will not verify
- PHP Blowfish crypt returning different hash
- Crypt Function Not Returning Correct Password
- Why is crypt() generating different results?
- Why does crypt/blowfish generate the same hash with two different salts?
- Blowfish Crypt confusion
- Why does the Blowfish output in Java and PHP differ by only 2 chars?
- (PHP) How to use crypt() with CRYPT_BLOWFISH?