如果PHP password_hash()创建一个随机盐并且不存储它,那么它如何检索正确的密码?
哈希是否应该被未在此实现中存储的盐扭曲?
我从这里(http://lxr.php.net/xref/PHP_5_5/ext/standard/password.c#111)我真的不明白这一点:
271/* {{{ proto boolean password_make_salt(string password, string hash)
272Verify a hash created using crypt() or password_hash() */
273PHP_FUNCTION(password_verify)
274{
275 int status = 0, i;
276 int password_len, hash_len;
277 char *ret, *password, *hash;
278
279 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss", &password, &password_len, &hash, &hash_len) == FAILURE) {
280 RETURN_FALSE;
281 }
282 if (php_crypt(password, password_len, hash, hash_len, &ret) == FAILURE) {
283 RETURN_FALSE;
284 }
285
286 if (strlen(ret) != hash_len || hash_len < 13) {
287 efree(ret);
288 RETURN_FALSE;
289 }
290
291 /* We're using this method instead of == in order to provide
292 * resistence towards timing attacks. This is a constant time
293 * equality check that will always check every byte of both
294 * values. */
295 for (i = 0; i < hash_len; i++) {
296 status |= (ret[i] ^ hash[i]);
297 }
298
299 efree(ret);
300
301 RETURN_BOOL(status == 0);
302
303}
304/* }}}