seafile pbkdf2 hash php

Question

i'm trying to generate a random password for user everytime he needs to login on my seafile server. seafile use: - PBKDF2 with SHA256 - 10000 iterations - 32 bytes salt

The code i use is this:

<?php   
  $salt = random_bytes(32);
  $salt = bin2hex($salt);
  $iterations = 10000;
  echo "GENERATED SALT: " . $salt . "<br>" . "<br>";

  $hash =  hash_pbkdf2 ("sha256" , "weirdone" , $salt , $iterations);
  echo "GENERATED HASH: " . $hash . "<br>" . "<br>";

  echo "FINAL RESULT: PBKDF2SHA256$" . $iterations . "$" . $salt . "$" . $hash . "<br>" . "<br>";

?>

the problem is that even with the same salt i get different output Example:

SALT: 09d095a396852b525ce7f5408fe7d314a2632a19bfc8c495c8e79bd4e6aebfed
PASSWORD: weirdone

  seafile output:
  PBKDF2SHA256$10000$09d095a396852b525ce7f5408fe7d314a2632a19bfc8c495c8e79bd4e6aebfed$45145c60802f1fdce581a550b5e23f8027ba6ff0720c81f2efaa73025bd465ca

  my output:
  PBKDF2SHA256$10000$09d095a396852b525ce7f5408fe7d314a2632a19bfc8c495c8e79bd4e6aebfed$007c599ba2d0076e19589bb90303155efa2df8a2f6b49d845902c075bc5f5492

if the algorithm, the salt, the password and the iterations are the same why they do not match?

the goal is to generate the new password, insert it in the database and give that to the user so he can login.

Thanks

Answer 1

You're passing in the hex-encoded $salt, need to pass in the raw bytes $salt to hash_pbkdf2().