sha256 hash with NodeJs and Symfony2.8

Navigation
0

I'm trying to migrate my backend from Symfony 2.8 to NodeJs(ExpressJs) and right now I'm trying to use the same login and for that I need to compare the password encriptadas .

To get the password (encrypted) and be able to compare it with the database I do it in the following way with 'crypto' :

I pass the password and also the salt that I have generated since symfony , but when I return the password it has nothing to do with the one that generates symfony .

NodeJs code ('crypto') 

const getCompare = async function(req, res){
    const body = req.body;

    const salt = body.salt;
    const password = body.password;

    var sha256 = function(password, salt){
        var hash = crypto.createHmac('sha256',  salt); /** Hashing algorithm sha512 */
        hash.update(password);
        var value = hash.digest('hex');
        return {
            salt: salt,
            passwordHash:value
        };

    };
    var response = sha256(password, salt);

    return ReS(res, {response}, 200);
}

Symfony code 2.8 to create a user: 

 $encoder = new \Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder('sha256', true, 5000);
                $inputPassword0 = $this->request->get('password');
                $inputSalt = hash("sha256", uniqid(mt_rand(), true));
                $inputPassword = $encoder->encodePassword($inputPassword0, $inputSalt);
                $user->setPassword($inputPassword)
                    ->setSalt($inputSalt);

This is what I have in BD

I also tried to do the following I found a post that explained that symfony made 5000 iterations with sha512, but mine is sha256 and I do not know exactly how many iterations are, but the result still does not match: 

var encodePassword = function (raw, salt) {
        var salted = raw + '{'+salt+'}',
            hash = crypto.createHash('sha256').update(salted, 'utf-8');

        for (var i = 1; i < 5000 ; i++) {
            hash = crypto.createHash('sha256').update(hash.digest('binary')+salted);
        }
        var value = hash.digest('base64');

        return {
            salt: salt,
            passwordHash:value
        };
    };

Result: 

{
    "rest": {
        "salt": "acd31a1147d683554c32c51cffa2c8cf56f38d8d7e5ea5d6a475dc7478981a94",
        "passwordHash": "m2sLlhIYIQR4lghhqYRhY3BrmCQ7eQ/cF+tNTNO+1NU="
    },
    "success": true
}

Symfony configuration to encrypt: 

security:
    encoders:
        Edser\AppBundle\Entity\Users:
            algorithm: sha256
            encode-as-base64: true
            iterations: 5000

As you can see I use the same salt for both but the returned passwords are very different,

Thank you very much for the help.

    
asked by Sebas Bejenaru 11.08.2018 в 15:18
source

0 answers

iptables and my-domain.club Create filter with several Parameters