Because you can't "retrieve" a password from a one-way hash like SHA-512, the closest we can get is being able to generate the same hash from the same password and salt. Let's look at the Ruby code:
def self.hash_password( password, salt )
salted_password = password.insert 4, salt
digested_password = Digest::SHA512.hexdigest("#{salted_password}")
return digested_password
end
The only thing a bit "weird" here is the call to the .insert
method on the password string. It's basically splicing the salt right into the password, starting at the fourth character index. Normally salts are simply concatenated with the password.
We can replicate this using substr
:
function hash_password($password, $salt) {
$salted_password = substr($password, 0, 4) . $salt . substr($password, 4);
return hash('sha512', $salted_password);
}
I'm using the now-default hash extension here, as it's pretty much the most reliable way to generate a SHA-512 hash.
Using this code, you should be able to generate identical hashes for a given identical password and salt combination. I'm not sure what the behavior would be when the password is less than five characters long.
Yup, looks like it should work:
[charles@lobotomy ~]$ irb
irb(main):001:0> require 'digest/sha2'
=> true
irb(main):002:0> def hash_password( password, salt )
irb(main):003:1> salted_password = password.insert 4, salt
irb(main):004:1> digested_password = Digest::SHA512.hexdigest("#{salted_password}")
irb(main):005:1> return digested_password
irb(main):006:1> end
=> nil
irb(main):007:0* puts hash_password('password', 'salt')
92d3efdbf51d199b0930c427b77dc8d5cf41ac58b6fab5f89cc3f32d719a8f6ffcdff6211bdd0565a6e7b09925839e5dcce1fa5abf65eca87c6a883ab0b510b9
=> nil
irb(main):018:0> exit
[charles@lobotomy ~]$
[charles@lobotomy ~]$ php -a
Interactive shell
php > function hash_password($password, $salt) {
php { $salted_password = substr($password, 0, 4) . $salt . substr($password, 4);
php { return hash('sha512', $salted_password);
php { }
php > echo hash_password('password', 'salt');
92d3efdbf51d199b0930c427b77dc8d5cf41ac58b6fab5f89cc3f32d719a8f6ffcdff6211bdd0565a6e7b09925839e5dcce1fa5abf65eca87c6a883ab0b510b9
php >