Hey having a little trouble making password hashes made in Adonis work in Laravel an example is

// Adonis
> await Hash.make('password')
'$bcrypt$v=98$r=10$cIF1Ev2ATA6/iYv4kddXCQ$qcrDoGjsiB2eLq1/vCZWiAZ8bEs4 Qs'

// Laravel
>>> Hash::make('password')
=> "$2y$10$kV7kssmFuFOydBewIp9ele8GMkWGDPpte6jGGDAabpsBmxtzWxfZW"

So looking the hashes they both seem to use 10 rounds. The Adonis splits the salt and hash with a $

So I thought just extracting the salt hash and formatting in Laravels format. Then checking it in Laravel example

// Laravel
Hash::check('password', '$2y$10$cIF1Ev2ATA6/iYv4kddXCQqcrDoGjsiB2eLq1/vCZWiAZ8bEs4 Qs');

However its coming back false for no match.

Not sure where the problem is.

CodePudding user response：

The first hash is in the PHC string format:

$bcrypt$v=98$r=10$cIF1Ev2ATA6/iYv4kddXCQ$qcrDoGjsiB2eLq1/vCZWiAZ8bEs4 Qs

This format uses the standard base64 alphabet for encoding bytes in base64:

ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789 /

The second hash is in Modular Crypt Format:

$2y$10$kV7kssmFuFOydBewIp9ele8GMkWGDPpte6jGGDAabpsBmxtzWxfZW

This format does not use the standard Base64 alphabet, it instead uses Unix Crypt alphabet:

./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789

You need to decode the bytes using the typical Base64 alphabet, and then re-encode them using the Crypt alphabet, or find an implementation of BCrypt for Laravel that accepts the PHC format.