PHP function password_hash saline length 21 or 22?


echo password_hash("stackoverflow", PASSWORD_DEFAULT, ['salt' => 'twenty-one-characters'] );



Warning: password_hash(): Provided salt is too short: 21 expecting 22 



echo password_hash("stackoverflow", PASSWORD_DEFAULT, ['salt' => 'twenty-one-charactersA'] );






echo password_hash("stackoverflow", PASSWORD_DEFAULT, ['salt' => 'twenty-one-charactersB'] );




As you can see, by adding A and B to the 21 character strings, we created two different salts of 22 characters, but HASH is the same! Is the 22nd character being ignored? If he is ignored, then why is he asking salt 22 salt?


source to share

2 answers

BCrypt waits salt of the alphabet ./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz

. As you can see that "-" is not in it and why your salt is invalid. In the actual salt, you can see the plaintext in the hash value.

In most cases, it is best to skip the salt parameter. Without this parameter, the function will generate a cryptographically secure salt from a random operating system source.

password_hash("stackoverflow", PASSWORD_DEFAULT);


However, you are correct when you say that BCrypt does not use the full 22 characters. It looks like BCrypt only uses 126 bits of salt instead of the 128 bits you get with 22 base64 encoded characters. For more information you can look at this discussion Why crypt / blowfish generate the same hash ... .



First, please do not provide your salt. You are not going to do a better job than the library does. And using static salts (as you did in the example) will compromise security. Just let it generate its salt (by the way, I think letting salt is the biggest mistake I've made with this API).

As for 21 versus 22 characters, give this answer a read.

Basically the salt is base64 encoded. This means that every 6 bits of salt are encoded into 8 bits. Thus, each byte of the coded salt is 6 bits.

21 characters - 126 bits. This means that only a portion of the 22nd symbol (first 2 decoded bits) is used. The reason you get the same hash with A

and B

is because the leading 2 bits are the same for both characters.

In fact, there are only 4 unique hashes for the 22nd byte.



All Articles