Smipple is shutting down Nov 30, 2017. Some features are currently disabled.
Profile image for Reznick Schenkov Reznick
This C code which show the translation of the 4 possible last characters of the encoded salt in bcrypt hashes to their corresponding binary values in the 16 byte binary salt.

It will help understand the following check performed in BF_fmt.valid():

if(BF_atoi64[ARCH_INDEX(ciphertext[28])] & 0xF)
{ return 0;
}

It basically checks that the least significant 4 bits of the last byte of the salt should be set to 0.
Language
C
Tags
bcrypt

Last Character in the encoded Salt in Bcrypt Hashes

1 /* Last Character in the Encoded salt can only be either, '.', 'e', 2 * 'O', 'u'. This code will show the corresponding integer and binary 3 * values they represent in the actual binary salt. 4 * BF_atoi64 array from BF_std.c by Solar Designer 5 * written by c0d3inj3cT 6 */ 7 8 # include <stdio.h> 9 10 #define ARCH_INDEX(x) ((unsigned int)(unsigned char)(x)) 11 12 int main(int argc, char * argv[]) 13 { 14 char salt[4]={'.','e','O','u'}; 15 int i=0; 16 unsigned char BF_atoi64[0x80] = { 17 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 18 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 19 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 0, 1, 20 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 64, 64, 64, 64, 64, 21 64, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 22 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 64, 64, 64, 64, 64, 23 64, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 24 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 64, 64, 64, 64, 64 25 }; 26 27 for(i=0;i<4;i++) 28 { 29 int num=BF_atoi64[ARCH_INDEX(*(salt+i))]; 30 printf("salt character: %c corresponds to %d and binary: %d\n",*(salt+i),num,int2bin(num)); 31 } 32 } 33 34 int int2bin(int num) 35 { 36 if(num==0){return 0;} 37 if(num==1){return 1;} 38 return num%2 + 10*int2bin(num/2); 39 }

Comments