C# emulating php crypt

Question

I need to hash passwords with C# in a way that another software understands it . Originally php's crypt function is doing that. It has the following output

$6$rounds=1000$1f$yeKGQo0b8MqqMpocFla8uKLE6GOpEygSQUH4qMi4msJZsD50Eh00bU4GwoGGPEeLMdG6C17ehl/l8SrcOABdC0

I guess it is SHA512. . How can I achieve php's crypt functionality with C#

original php

$salt = '$6$rounds=1000$'.dechex(rand(0,15)).dechex(rand(0,15)).'$';
$crypted = crypt($password, $salt);

Do you have the php code that produces that output? If so, can you show it? — Lasse V. Karlsen, Sep 08 '15 at 10:01
According to the [docs](http://php.net/manual/en/function.crypt.php) `crypt` does something different depending on what is available on the machine. So to answer this we would need to know what its doing on *your* machine. — Jamiec, Sep 08 '15 at 10:04
A C# implementation of the PHP crypt function can be found here: https://gist.github.com/otac0n/1092558, see this post for futher details http://stackoverflow.com/questions/855103/problem-porting-php-crypt-function-to-c-sharp, — Alex, Sep 08 '15 at 10:10

score 1 · Answer 1 · answered Oct 01 '15 at 12:55

CryptSharp computes this for all common crypt variations.

Generating a SHA-512 salted hash (the default number of rounds for this algorithm is 5000):

using CryptSharp;
string hash = Crypter.SHA512.Crypt(password);

Using a custom number of rounds:

var saltOptions = new CrypterOptions() { { CrypterOption.Rounds, 10000 } };
string salt = Crypter.SHA512.GenerateSalt(saltOptions);
string hash = Crypter.SHA512.Crypt(password, saltOptions);

Verifying a hash:

bool matched = Crypter.CheckPassword(testPassword, hash);

On another note, that original PHP should really be secured. The salt is only 8 bit and generated with rand (use openssl_random_pseudo_bytes instead). The hash specifically chooses a fifth of the default number of rounds.

C# emulating php crypt

1 Answers1

Linked