Bcrypt in java and php does not match

2

I have a Php application that registers a person and when the person poe the password, the password is stored in the database in hash form, with the following code

password_hash($password, PASSWORD_BCRYPT)

Then, I have an application in Java and wanted to check a password with the hash that is in the database, I put the following code

BCrypt.hashpw(passTxt.getText(),BCrypt.gensalt())

The problem is that the hashes do not match. I have already been told that it may be from SALT that it has to be the same, but how do I do it for the same SALT?

    
asked by anonymous 16.06.2017 / 15:23

1 answer

0

in php

<?php
    /**
     * Note that the salt here is randomly generated.
 * Never use a static salt or one that is not randomly generated.
 *
 * For the VAST majority of use-cases, let password_hash generate the salt randomly for you
 */
    $options = [
        'cost' => 11,
        'salt' => mcrypt_create_iv(22, MCRYPT_DEV_URANDOM),
    ];
echo password_hash("rasmuslerdorf", PASSWORD_BCRYPT, $options)."\n";
?>

in java jBCrypt // Hash a password for the first time String hashed = BCrypt.hashpw(password, BCrypt.gensalt());

// gensalt's log_rounds parameter     // the work factor is 2 ** log_rounds, and the default is 10     String hashed = BCrypt.hashpw (password, BCrypt.gensalt (12));

// Check that an unencrypted password matches one that has
// previously been hashed
  if (BCrypt.checkpw(candidate, hashed))
System.out.println("It matches");

else     System.out.println ("It does not match");

It may be different salt so I'm putting how to change the salt of 2.
source English stack


Normal bcrypt will not work as natively but jBcrypt can bring you a look at the stack in English and brings you the rest of the answer.

    
16.06.2017 / 15:38