Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Play! hash password returns bad result

Tags:

passwords

hash

md5

playframework

I'm using Play 1.2.1. I want to hash my users password. I thought that Crypto.passwordHash will be good, but it isn't. passwordHash documentation says it returns MD5 password hash. I created some user accounts in fixture, where I put md5 password hash:

  ...
User(admin):
  login: admin
  password: f1682b54de57d202ba947a0af26399fd
  fullName: Administrator
  ...

The problem is, when I try to log in, with something like this:

user.password.equals(Crypto.passwordHash(password))

and it doesn't work. So I put a log statement in my autentify method:

Logger.info("\nUser hashed password is %s " +
                    "\nPassed password is %s " +
                    "\nHashed passed password is %s",
                    user.password, password, Crypto.passwordHash(password));

And the password hashes are indeed different, but hey! The output of passwordHash method isn't even an MD5 hash:

15:02:16,164 INFO  ~
User hashed password is f1682b54de57d202ba947a0af26399fd
Passed password is <you don't have to know this :P>
Hashed passed password is 8WgrVN5X0gK6lHoK8mOZ/Q==

How about that? How to fix it? Or maybe I have to implement my own solution?

like image 651
jjczopek Avatar asked Jun 08 '11 13:06

jjczopek

People also ask

What are the disadvantages of hashing passwords?

Disadvantages of hashing As hashing is a one-way operation, then any code which attempts to decrypt the user's password will fail. On occasion such code can exist for legitimate purposes such as validating if the user is providing their current password, however this cannot be supported in 7.1. 0 and above.

Why is SHA256 bad for passwords?

You should not write your own password hashing function. SHA256 and SHA512 are message digests, they were never meant to be password-hashing (or key-derivation) functions. (Although a message digest could be used a building block for a KDF, such as in PBKDF2 with HMAC-SHA256.)

Can a hash password be hacked?

Depending on how good the hashing algorithm is and/or how much available time and computational resources the programmer has, yes, your hacker could figure out how to log onto at least some of the accounts of the site - and potentially the other accounts of that user, too, if they tend to reuse passwords and usernames.

What are the problems associated with hashing?

One way function: the output cannot be reversed using an efficient algorithm. Maps data of variable length to data of fixed length: meaning that the input message space can be “infinite”, but the output space is not. This has the implication that 2 or more input messages can have the same hash.

3 Answers

Crypto.passwordHash returns base64-encoded password hash, while you are comparing to hex-encoded.

like image 154
Nickolay Olshevsky Avatar answered Oct 08 '22 16:10

Nickolay Olshevsky

MD5 outputs a sequence of 16 bytes, each byte having (potentially) any value between 0 and 255 (inclusive). When you want to print the value, you need to convert the bytes to a sequence of "printable characters". There are several possible conventions, the two main being hexadecimal and Base64.

In hexadecimal notation, each byte value is represented as two "hexadecimal digits": such a digit is either a decimal digit ('0' to '9') or a letter (from 'a' to 'f', case is irrelevant). The 16 bytes thus become 32 characters.

In Base64 encoding, each group of three successive bytes is encoded as four characters, taken in a list of 64 possible characters (digits, lowercase letters, uppercase letters, '+' and '/'). One or two final '=' signs may be added so that the encoded string consists in a number of characters which is multiple of 4.

Here, '8WgrVN5X0gK6lHoK8mOZ/Q==' is the Base64 encoding of a sequence of 16 bytes, the first one having value 241, the second one 104, then 43, and so on. In hexadecimal notation, the first byte would be represented by 'f1', the second by '68', the third by '2b'... and the hexadecimal notation of the complete sequence of 16 bytes is then 'f1682b54de57d202ba947a0af26399fd', the value that you expected.

The play.libs.Codec class contains methods for decoding and encoding Base64 and hexadecimal notations. It also contains Codec.hexMD5() which performs MD5 hashing and returns the value in hexadecimal notation instead of Base64.

like image 38
Thomas Pornin Avatar answered Oct 08 '22 16:10

Thomas Pornin

as Nickolay said you are comparing Hex vs Base-64 strings. Also, I would recommend using BCrypt for that, not the Crypto tool of Play.

like image 37
Pere Villega Avatar answered Oct 08 '22 15:10

Pere Villega
Sign in to Comment

Related questions

Better way to convert several instance variables into hash with ruby?
How to design a latest recently used cache?
std::unordered_set<Foo> as member of class Foo
Implementing a hash table
Advantage of deriving external class from IEqualityComparer<> over overriding GetHashCode and Equals
How to write this better in perl
Fastest method for fingerprinting an array (calculating a unique hash from an array of data)
Hash function for 64 bit to 10 bits
Compile Time Hashing C++0x
Get SHA1 binary base64 hash of a file on C#
Create new hashes grouped by common key value in Ruby
Durandal JS: typing url without hash give HTTP Error 404.0 - Not Found
Equivalent of Ruby Hash in Java
hash function for a vector of pair<int, int>
Generating Hashes using .NET Core
How to hash int/long using hashlib in Python?
Using an object's id() as a hash value
Is there a "good enough" hash function for the average programmer?
Using hash of password with SSL
ruby hash memory leak after key deletion

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!