2

I am hoping someone might shed some light on which library I might use if any are available to convert a PHP based application that has been using BCrypt $2a to a .Net based application, the current BCrypt C# Library I used I just realized is using $2y so I will not be able to seemlessly migrate users without causing mass password resets. Is there a $2a port to C# that is available or the inverse a $2y implementation in PHP that I might retro fit into the existing system and re-hash passwords. Ideally I would like to do zero coding in the PHP version and be able to migrate to .Net platform.

Thank you.

Improve this question

1 Answer 1

Reset to default
2

As for $2a$, it depends on how old your version of PHP bcrypt is.

Pre-2011, you will want to change $2a$ to $2x$. Post-2011, $2a$ and $2y$ are (except for sequences of 0xff which can't be produced by UTF-8 passwords) equivalent. All three are equivalent for ASCII passwords.

My library CryptSharp can do bcrypt in $2a$ (post-2011, $2y$ equivalent), $2x$, and $2y$ form.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Zer, could you paste a code sample up. I'm trying to use your library to create a hash for both $1$ as well as $2y$10 and it keeps giving me a argument exception for the salt value. I have an salt of length 8, e.g. 12345678. To that I then prepend "$1$" and append "$" making it a total of 12 characters (same format as PHP crypt) So the final string is "$1$12345678$", and no luck. Throws exception. What format should the salt be? The same for $2y$10. I need to replicate the PHP crypt functions for this.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.