http://www.perlmonks.org?node_id=11104465


in reply to use Crypt::Eksblowfish::Bcrypt to create a password the same as password_hash in PHP

Give this a shot. The algorithm version is faked/copied in the Perl to match the PHP… Don’t know how this is going to play with apache auth…

use strictures; use feature "say"; use Crypt::Eksblowfish::Bcrypt "en_base64", "de_base64", "bcrypt_hash" +; my $pass = shift || "passw0rd"; my $php_pass = qx{php -r 'echo password_hash($pass, PASSWORD_BCRYPT);' +}; my ( $algorithm, $cost, $salt_pass ) = grep length, split /\$/, $php_p +ass; my $salt = substr $salt_pass, 0, 22; my $perl_hash = en_base64( bcrypt_hash({ cost => $cost, key_nul => 1, salt => de_base64($salt) }, $pass ) ); my $perl_pass = sprintf '$%s$%d$%s%s', $algorithm, $cost, $salt, $perl +_hash; say " PHP $pass -> ", $php_pass; say "Perl $pass -> ", $perl_pass;
PHP passw0rd -> $2y$10$ThWGjh5Jly8qP6FMQApQ3OQElLLuwN03jlZMFdQngphJw7 +U5NCukG Perl passw0rd -> $2y$10$ThWGjh5Jly8qP6FMQApQ3OQElLLuwN03jlZMFdQngphJw7 +U5NCukG
  • Comment on Re: use Crypt::Eksblowfish::Bcrypt to create a password the same as password_hash in PHP
  • Select or Download Code