Reputation: 21513
bcrypt cost 1 blank hash?
i want the crypt-formatted bcrypt hash for a blank password with cost 1, but the api i'm using to hash these passwords refuse to generate a hash with a cost below 4 (for obvious reasons), what does a cost 1 password look like?
for completeness, here's a blank password with the salt being 22x A with cost 4, it's the closest i've got so far: $2a$04$AAAAAAAAAAAAAAAAAAAAA.lvvkzzqrMPdnab8Xxl8zf7j6C1s84c6
and that was generated with the php code crypt("",'$2a$04$AAAAAAAAAAAAAAAAAAAAAA') (but php refuse to create hashes below cost 4)
Upvotes: 0
Views: 269
Answers (1)
Reputation: 21513
for password=(emptystring) cost=1 and salt=AAAAAAAAAAAAAAAAAAAAA the hash is:
$2a$01$AAAAAAAAAAAAAAAAAAAAA.9/Ai1w9JdKxud1gCb2hYi1hHz9IYr0m
it's also possible to use 0 iterations, in which the hash is
$2a$00$AAAAAAAAAAAAAAAAAAAAA.xQIqw.yJbZDA8V.ef0psIHmBBBaQfhy
here is output from a modified php where the minimum cost is removed:
root@x2ratma:/temp/php-src# sapi/cli/php -r 'var_dump(crypt("",'\''$2a$04$AAAAAAAAAAAAAAAAAAAAAA'\''));'
string(60) "$2a$04$AAAAAAAAAAAAAAAAAAAAA.lvvkzzqrMPdnab8Xxl8zf7j6C1s84c6"
root@x2ratma:/temp/php-src# sapi/cli/php -r 'var_dump(crypt("",'\''$2a$03$AAAAAAAAAAAAAAAAAAAAAA'\''));'
string(60) "$2a$03$AAAAAAAAAAAAAAAAAAAAA.TCFhOtNOtk2Oeef1z4xP561tW1AQOMW"
root@x2ratma:/temp/php-src# sapi/cli/php -r 'var_dump(crypt("",'\''$2a$02$AAAAAAAAAAAAAAAAAAAAAA'\''));'
string(60) "$2a$02$AAAAAAAAAAAAAAAAAAAAA.C43gUGAZorcHKVYot1kaRPwCYWt2Ehm"
root@x2ratma:/temp/php-src# sapi/cli/php -r 'var_dump(crypt("",'\''$2a$01$AAAAAAAAAAAAAAAAAAAAAA'\''));'
string(60) "$2a$01$AAAAAAAAAAAAAAAAAAAAA.9/Ai1w9JdKxud1gCb2hYi1hHz9IYr0m"
root@x2ratma:/temp/php-src# sapi/cli/php -r 'var_dump(crypt("",'\''$2a$00$AAAAAAAAAAAAAAAAAAAAAA'\''));'
string(60) "$2a$00$AAAAAAAAAAAAAAAAAAAAA.xQIqw.yJbZDA8V.ef0psIHmBBBaQfhy"
the changes made to php-src was:
root@x2ratma:/temp/php-src# git diff --patch
diff --git a/ext/standard/crypt_blowfish.c b/ext/standard/crypt_blowfish.c
index 3806a290ae..f72cfb51df 100644
--- a/ext/standard/crypt_blowfish.c
+++ b/ext/standard/crypt_blowfish.c
@@ -647,7 +647,7 @@ static const unsigned char flags_by_subtype[26] =
static char *BF_crypt(const char *key, const char *setting,
char *output, int size,
BF_word min)
-{
+{min=0;
struct {
BF_ctx ctx;
BF_key expanded_key;
diff --git a/ext/standard/password.c b/ext/standard/password.c
index a19266d214..3c7e1d6926 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -192,7 +192,7 @@ static zend_string* php_password_bcrypt_hash(const zend_string *password, zend_a
cost = zval_get_long(zcost);
}
- if (cost < 4 || cost > 31) {
+ if (cost < 0 || cost > 31) {
zend_value_error("Invalid bcrypt cost parameter specified: " ZEND_LONG_FMT, cost);
return NULL;
}
... unfortunately php's password_verify() (incorrectly?) returns bool(false) for hashes below cost 4...
Upvotes: 0
Related Questions
- Optimal bcrypt work factor
- What is MAX allowed cost in php password_hash?
- How Bcrypt makes decryption slow?
- What is the role and mechanism of "cost" in bcrypt?
- Is it really not required to generate salts for bcrypt?
- Security of bcrypt iterations/cost parameter
- Why does my bcrypt password hash always start with $2y$05$
- bcrypt salt for a password and cost
- Password can't be blank, Bcrypt
- When using PHP's crypt() function to create a bcrypt hash, do I need a salt?