My colleague has a database that stores account information; SHA256 is the account's head password and the value of salt is stored in the column as raw binary data (Blobs).
Using PHP (PHP) is used (indicates true raw output):
hash ("sha256", $ salt. $ Password, true); I am trying to implement authentication on a node .js server which has the same head back password that is stored in the database from php, it does not seem to be :
/ ** * By agreeing with the hashed password stored in the database, validates the passwords sent by an end user. Node.js uses crypto libraries. * * @Param password passwords sent by end user. * @Hosted password stored in the ultimate dbPassword database. * @ Ultimate dbSalt encryption stored in the salt database. * / Function valid password (password, db password, dbset) {// What should be a buffer, hex, base 64, or what dBST? Var hmac = crypto.createHmac ("SHA256", dbSalt); Var Hashed = Hmac.update (password). August ('base64'); Console.log ("hazard user password:" + hashed); Console.log ("database password:" + dbPassword.toString ('base64')); Grab a return === dbPassword; }
With so many experiments, I found a solution. Encrypt a password using
/ ** * sha256 and a salt. Password * for @passam password hash * @ salt value for hash with absolute salt * / function SHA256 encrypt (password, salt) {var salty password = salt + password; Var sha256 = crypto.createHash ('sha256'); Sha256.update (saltedpassword); Return sha256.digest ('base64'); } / ** * Is stored in the database * Hashead accepts the passwords sent by the end user by comparing it with the password. * * @Param password passwords sent by end user. * Hashed password is stored in Base DBpassword database, encoded in base 64. * @ Ultimate dbSalt encryption stored in the salt database. It should be a raw block. * / Function valid password (password, dbPassword, dbSalt) {var hashed = SHA256 encrypt (password, dbSalt.toString ('binary')); Grab a return === dbPassword; } Thanks to Traviso, however, he kept me on the right track.
No comments:
Post a Comment