bcrypt.js compare 方法如何知道 salting 轮数?
How bcrypt.js compare method knows the number of salting rounds?
作为 bcrypt documentation 地址,为了将散列与纯文本进行比较,我们必须像这样实现 compare 函数:
bcrypt.compare(myPlaintextPassword, hash).then(function(result) { //do stuff });
但是似乎没有办法告诉函数加盐的次数。函数如何获得该数字?
bcrypt 输出如下所示:a$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy
它指定成本参数为 10,表示 2^10 轮密钥扩展。
盐是 N9qo8uLOickgx2ZMRZoMye,密码哈希是 IjZAgcfl7p92ldGxad68LJZdL17lhWy。
所有需要的信息都输入到 hash 参数中。
The prefix "a$" or "b$" (or "y$") in a hash string in a shadow
password file indicates that hash string is a bcrypt hash in modular
crypt format. The rest of the hash string includes the cost
parameter, a 128-bit salt (Radix-64 encoded as 22 characters), and 184
bits of the resulting hash value (Radix-64 encoded as 31
characters).The Radix-64 encoding uses the unix/crypt alphabet,
and is not 'standard' Base-64. The cost parameter specifies a
key expansion iteration count as a power of two, which is an input to
the crypt algorithm.
For example, the shadow password record
a$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy specifies
a cost parameter of 10, indicating 2^10 key expansion rounds. The salt
is N9qo8uLOickgx2ZMRZoMye and the resulting hash is
IjZAgcfl7p92ldGxad68LJZdL17lhWy. Per standard practice, the user's
password itself is not stored.
有一个完整的维基百科条目:https://en.wikipedia.org/wiki/Bcrypt
作为 bcrypt documentation 地址,为了将散列与纯文本进行比较,我们必须像这样实现 compare 函数:
bcrypt.compare(myPlaintextPassword, hash).then(function(result) { //do stuff });
但是似乎没有办法告诉函数加盐的次数。函数如何获得该数字?
bcrypt 输出如下所示:a$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy
它指定成本参数为 10,表示 2^10 轮密钥扩展。
盐是 N9qo8uLOickgx2ZMRZoMye,密码哈希是 IjZAgcfl7p92ldGxad68LJZdL17lhWy。
所有需要的信息都输入到 hash 参数中。
The prefix "a$" or "b$" (or "y$") in a hash string in a shadow password file indicates that hash string is a bcrypt hash in modular crypt format. The rest of the hash string includes the cost parameter, a 128-bit salt (Radix-64 encoded as 22 characters), and 184 bits of the resulting hash value (Radix-64 encoded as 31 characters).The Radix-64 encoding uses the unix/crypt alphabet, and is not 'standard' Base-64. The cost parameter specifies a key expansion iteration count as a power of two, which is an input to the crypt algorithm.
For example, the shadow password record a$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy specifies a cost parameter of 10, indicating 2^10 key expansion rounds. The salt is N9qo8uLOickgx2ZMRZoMye and the resulting hash is IjZAgcfl7p92ldGxad68LJZdL17lhWy. Per standard practice, the user's password itself is not stored.
有一个完整的维基百科条目:https://en.wikipedia.org/wiki/Bcrypt