Check password against known hashed password and salt
#!/usr/bin/perl | |
# Usage: read -s PASSWORD && ./bcrypt-password.pl | |
use Crypt::Eksblowfish::Bcrypt; | |
# Read password and salt from environment variables | |
$password = $ENV{PASSWORD}; | |
$salt = "lfVQ/T2N3dhFVvvPro2Hfu" | |
$encrypted = encrypt_password($password, $salt); | |
# Extract bcrypt version, cost, salt, and hashed password | |
$pattern = '(^\$2a\$\d{2}\$)(.{22})(.*)'; | |
($e_ver_cost, $e_salt, $e_hash) = ($encrypted =~ m!$pattern!); | |
print "ver+cost: $e_ver_cost\tsalt: $e_salt\n"; | |
print "new hashed password\t$e_hash\n"; | |
print "old hashed password\t4753yuwaNSwLePPlA9IS4YNdjHt93Gm\n"; | |
# Encrypt a password | |
sub encrypt_password { | |
my $password = shift; | |
my $salt = shift; | |
# Set the cost to 10 and append a NUL | |
my $settings = '$2a$10$'.$salt; | |
# Encrypt it | |
return Crypt::Eksblowfish::Bcrypt::bcrypt($password, $settings); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment