4 Replies Latest reply: Aug 8, 2012 7:32 AM by DachFlach RSS

    bcrypt blowfish as3crypto usage

    DachFlach Community Member

      I am looking for an example of proper usage to utilze as3crypto or other tool to encypt a string and salt.

      Ultimately, this is to Match an existing hash froma  database that was created in php.

       

      I have seen some incomplete attempts at demonstrating, please only send Working examples.

        • 1. Re: bcrypt blowfish as3crypto usage
          A.Liebscher Community Member

          Did you try looking at http://code.google.com/p/as3crypto/? It has working examples there

           

          Best Regards

           

          Alex Liebscher

          • 2. Re: bcrypt blowfish as3crypto usage
            DachFlach Community Member

            Thanks Alex but I am unable to get it to work.

            Do you have an example of using the BlowFishKey?

            I suspect it is a simple call to the BlowFishKey.as  but I see not how to pass a str and a salt to encrypt.

            Any leads appreciated.

            • 3. Re: bcrypt blowfish as3crypto usage
              A.Liebscher Community Member

              Im sorry, I deleted my encryption project. If you scan through the source code on Google docs, I'm sure you could get an idea of how it works. I believe there is a public function called encrypt, and you give that either a string or byte array.

               

              I wish I could help more, I happen to be busy at the moment.

               

              Best of luck,

              Alex LIebscher

              • 4. Re: bcrypt blowfish as3crypto usage
                DachFlach Community Member

                I was able to gte it to work but unable to get it to match the encryption used in PHP.

                 

                I create a hash made from both a password and a salt. The salt is prefixed with $2a$13$ to set the rounds used in the encryption.

                I see no way to do this in this library.

                Therefore I get a different result than that created in PHP.

                 

                The reason I am trying to do this is so that the hash can be recreated offline ( using this library ).

                 

                Scenario: A person signs up and creates a hash(password) within PHP as described above. Then the person uses the software which stores the hash locally. The the person attempts to access the software Offline - which requires them to recreate the Hash and if it matches - they are able to use it.

                 

                Is there a way to set the rounds of encryption with this library? Sorry if that is not the correct term.