javascript - Replicating Rails/AuthLogic Scrypt Hash Comparison on Node/Express Server -


i'm working on migrating older ruby-on-rails site node/express/react/redux, , i've run smack wall on authenticating users' existing passwords. site using authlogic(scrypt) authentication/password hashing, older account passwords still hashed sha512 authlogic algorithm.

i can't life of me figure out how replicate authlogic's scrypt algorithm in node. i've reviewed ruby source incantations authlogic , underlying scrypt package, gave me clues.

i'm using latest version of npm scrypt package (i've tried few others without discernable differences).

the stored hash looks this: 400$8$1d$3fbb0d3688d9da6d$5dd919ace6bdf946d48946e9dd61f0afc5116986433633e24e58809c12b5ce9a

the database stores unique salt parameter: fbmqa7ehfp5tdohnst

based on scrypt gem source, looks $ delimited segments cost factor , salt: n, r, p = args[0].split('$').map{ |x| x.to_i(16) } scrypt gem scrypt.rb source.

based on code, looks first 3 $ delimited bits "cost" factor scrypt , last 1 salt. have no idea why salt differs salt stored in database, or how should plugging them in. led me try: 

    const n = parseint("400", 16)     const r = parseint("8", 16);     const p = parseint("1d", 16)     const result = scrypt.hashsync("[my password]",{"n":n,"r":r,"p":p}, 32, 3fbb0d3688d9da6d);

the result of different hash database store, @ least right length. 80e302f9f8942ec9d81fe217c03730b5b8256b22cd91ad2dd2a448ec588ec390

so tried comparison:

     const comparision = scrypt.verifykdfsync(     "5dd919ace6bdf946d48946e9dd61f0afc5116986433633e24e58809c12b5ce9a",      "[mypassword]");

but fails, telling me data not scrypt-hashed data. tried adding various bits of cost factor , salt, , without $ delimiters hash, no avail. tried turning hash buffer object, no avail. trying kdfsync above options failed (error computing derived key). online tools don't recognize stored hash scrypt hash.

help me ruby magicians (or else cyrptographic chops), you're hope(s).


Comments

Post a Comment

Popular posts from this blog

Is there a better way to structure post methods in Class Based Views -

i'm using class based views in django , never specify url in ajax calls , omit action parameter in form because know these requests go through post method of class based view. notice view - profile page make many requests depending on user updating on page - post method become convoluted , if/else mess example: def post(self, request, *args, **kwargs): # handle user changing available date if request.post.get('availabledate') != none: self.updateavailabledate(request) return jsonresponse({'result':'success'}) if request.post.get('newprojectname') != none: creative_user = creativeuserprofile.objects.get(id = request.user.id) project = project.create_project(creative_user, request.post['newprojectname']) project.save() return jsonresponse({'projectid': project.id }) if request.post.get('projectimage') != none , request.files['file']: proj
Read more

performance - Why is XCHG reg, reg a 3 micro-op instruction on modern Intel architectures? -

i'm doing micro-optimization on performance critical part of code , came across sequence of instructions (in at&t syntax): add %rax, %rbx mov %rdx, %rax mov %rbx, %rdx i thought had use case xchg allow me shave instruction , write: add %rbx, %rax xchg %rax, %rdx however, dimay found agner fog's instruction tables , xchg 3 micro-op instruction 2 cycle latency on sandy bridge, ivy bridge, broadwell, haswell , skylake. 3 whole micro-ops , 2 cycles of latency! 3 micro-ops throws off 4-1-1-1 cadence , 2 cycle latency makes worse original in best case since last 2 instructions in original might execute in parallel. now... cpu might breaking instruction micro-ops equivalent to: mov %rax, %tmp mov %rdx, %rax mov %tmp, %rdx where tmp anonymous internal register , suppose last 2 micro-ops run in parallel latency 2 cycles. given register renaming occurs on these micro-architectures, though, doesn't make sense me done way. why wouldn't register renamer
Read more

jquery - Responsive Navbar with Sub Navbar -

good day, forgive me nav vocabulary not best. if question confusing apologize. i'm working on navigation bar needs centered on page @ 768px , above. items in nav open (or perhaps toggle) subnav lives directly below. these nav should appear centered on page. i have been able work through responsive portion of nav bar, having main items align vertically , sub nav menu of each item roll out below, , gave them indent separation. working well. however, issue not responsive side, behavior @ width greater 768px. happens toggling menu's sub navigation pushes other main items down page below sub nav. here's code: $(document).ready(function () { //stick in fixed 100% height behind navbar don't wrap $('#slide-nav.navbar-inverse').after($('<div class="inverse" id="navbar-height-col"></div>')); $('#slide-nav.navbar-default').after($('<div id="navbar-height-col"></d
Read more