使用nodejs检查symfony,fos-user加密密码

时间:2018-01-04 07:33:21

标签: php node.js symfony

我需要从AWS Lambda函数验证Symfony 3.3 / FriendsOfSymfony UserBundle 1.3应用程序中的密码。

Symfony中的相关密码哈希码在https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Core/Encoder/MessageDigestPasswordEncoder.php#L52

但是,即使在第一行,代码也不会产生相同的哈希值。

在使用password = test的Symfony中,salt = asLZCFQJ5flTtOWdphjKtpngthjK6h2FtMRSIZZ2bus 

    $salted = $this->mergePasswordAndSalt($raw, $salt);
    $digest = hash($this->algorithm, $salted, true);

    //base64_encode($digest) == '2QhirHmPwt0O5MrtTdfWsWKCCeOQO/y02Di04/aUIJxWhdNDQSGCaUuL1ONLUasdsD88CBSIzGwsePqGTCcQmA=='

    // "stretch" hash
    for ($i = 1; $i < $this->iterations; ++$i) {
        $digest = hash($this->algorithm, $digest.$salted, true);
    }

在nodejs中有相同的细节我得到:

    var pass='test';
    var salt='asLZCFQJ5flTtOWdphjKtpngthjK6h2FtMRSIZZ2bus';

    var salted = pass + '{' + salt + '}';

    var digest = sha512.update(salted).digest('binary');

    //new Buffer(digest).toString('base64') == 'w5kIYsKsecKPw4LDnQ7DpMOKw61Nw5fDlsKxYsKCCcOjwpA7w7zCtMOYOMK0w6PDtsKUIMKcVsKFw5NDQSHCgmlLwovDlMOjS1HCqx3CsD88CBTCiMOMbCx4w7rChkwnEMKY'
    for (var i = 1; i < 5000; ++i) {
        digest = require('crypto').createHash('sha512').update(digest + salted).digest('binary');

        process.stdout.write(new Buffer(digest).toString('base64')+"\n");
    }

或者这是一个字符编码问题?二进制哈希的前3个字符在调试器中看起来非常相似。

PHPStorm的屏幕截图

Screenshot from PHPStorm

WebStorm的截图

Screenshot from WebStorm

2 个答案:

答案 0 :(得分:0)

我已通过将加密方法切换为bcrypt来解决此问题。此答案介绍了如何检查生成的密码:https://stackoverflow.com/a/26643637/123594

答案 1 :(得分:0)

终于搞明白了,希望以后能帮到大家。问题出在人物接触上。

./middleware/passwordEncode.js:
const cryptoLib = require('crypto');
const  encryptPassword = (password:any, salt:any) => {
    let salted = password + '{' + salt + '}';
    if (!salt){
        salted = password;
    }
    let digest = cryptoLib.createHash('sha512').update(salted).digest('binary');
    for (let i = 1; i < 5000; i++){
        digest = cryptoLib.createHash('sha512').update( Buffer.concat([Buffer.from(digest, 'binary'), Buffer.from(salted, 'utf8')]) ).digest('binary');
    }
    return ( Buffer.from(digest, 'binary')).toString('base64');
}
module.exports.encryptPassword = encryptPassword;



./middleware/passwordDecode.js:
const passwordEncode = require('../middleware/passwordEncode')
const verifyPassword = (password:any, salt:any, encoded:any) => {
    return encoded === passwordEncode.encryptPassword(password,salt);
}
module.exports.verifyPassword = verifyPassword
相关问题
最新问题