Check password against known hashed password and salt
| #!/usr/bin/perl | |
| # Usage: read -s PASSWORD && ./bcrypt-password.pl | |
| use Crypt::Eksblowfish::Bcrypt; | |
| # Read password and salt from environment variables | |
| $password = $ENV{PASSWORD}; | |
| $salt = "lfVQ/T2N3dhFVvvPro2Hfu" | |
| $encrypted = encrypt_password($password, $salt); | |
| # Extract bcrypt version, cost, salt, and hashed password | |
| $pattern = '(^\$2a\$\d{2}\$)(.{22})(.*)'; | |
| ($e_ver_cost, $e_salt, $e_hash) = ($encrypted =~ m!$pattern!); | |
| print "ver+cost: $e_ver_cost\tsalt: $e_salt\n"; | |
| print "new hashed password\t$e_hash\n"; | |
| print "old hashed password\t4753yuwaNSwLePPlA9IS4YNdjHt93Gm\n"; | |
| # Encrypt a password | |
| sub encrypt_password { | |
| my $password = shift; | |
| my $salt = shift; | |
| # Set the cost to 10 and append a NUL | |
| my $settings = '$2a$10$'.$salt; | |
| # Encrypt it | |
| return Crypt::Eksblowfish::Bcrypt::bcrypt($password, $settings); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment