javascript - Validating SHA512 hashes from PHP in node.js -

i'm trying port legacy password hashing scheme php javascript (node.js), i'm missing in process.

---

original, working php version

here "original", working code:

function create_hash($password) {     $salt = uniqid();     $algorithm = '6'; // crypt_sha512     $rounds = '1234';      // "salt" string give crypt().     $cryptsalt = '$' . $algorithm . '$rounds=' . $rounds . '$' . $salt;      $hashedpassword = crypt($password, $cryptsalt);      return $hashedpassword;  }  function hash_is_valid($password, $hash) {     return (crypt($password, $hash) == $hash); } 

working test above php functions:

echo $password = 'secret'; echo '<br /><br />';  echo $hash = create_hash($password); echo '<br /><br />';  echo 'should true: '; $valid1 = hash_is_valid($password, $hash); var_dump($valid1); // outputs "bool(true)" echo '<br /><br />';  echo 'should false: '; $valid2 = hash_is_valid('wrong_pass', $hash); var_dump($valid2); // outputs "bool(false)" echo '<br /><br />'; 

javascript version (broken)

here's i've got far, isn't quite there

function hash_is_valid(password, hash, cb) {      // hash format:     // $[algorithm]$[number_of_rounds]$[salt]$[hashed_password]     let hashparts = hash.split('$')     console.log(hashparts)     let salt = hashparts[3]     let numrounds = parseint(hashparts[2].substr(7)) // string rounds=1234     let originalhashresult = hashparts[4]      let salted = password + '{' + salt + '}'     let processedhash = crypto.createhash('sha512').update(salted, 'utf-8');      (let = 1; < numrounds ; i++) {       processedhash = crypto.createhash('sha512').update(processedhash.digest('binary') + salted);     }      processedhash = processedhash.digest('base64')      // capture result     let hashverified = (processedhash === originalhashresult)      // call callback result     cb(hashverified)  }  hash_is_valid('secret', '$6$rounds=1234$56ab50921c460$p4bgd3kmx2xywjtdoyadow.jsxis2tarujw4bxifgm4czraoidflqz5ii50glikwytjwwn6wrtg82omqes0ck0', (passed) => {   console.log((passed) ? 'password good' : 'password no good') }) 

javascript based on answer question how validate symfony2 sha512 passwords using nodejs

the javascript version using test values:

password: secret

hash: $6$rounds=1234$56ab50921c460$p4bgd3kmx2xywjtdoyadow.jsxis2tarujw4bxifgm4czraoidflqz5ii50glikwytjwwn6wrtg82omqes0ck0

you can use crypt3 npm package accomplish this:

var crypt = require('crypt3'),     password = 'secret',     hash = '$6$rounds=1234$56abadac833a5$fqiaug/da/kqljc5dzciym/pl.zhedw5vozsw7mofkm.3ae2rz/rjdcczymrbj1v3rf6lzjo7dr1wod2znc6o.';  function hash_is_valid(password, hash) {   return hash === crypt(password, hash); }  console.log(hash_is_valid(password, hash)); // true 

both php's crypt function , npm's crypt3 package delegate crypt(3) given identical data, should produce same result.