PHP and Bcrypt [duplicate]
I'm not sure how it's done but take a look at the source for Tank Auth, it uses bcrypt. I think it's smart enough to use the built in library if it's present on the system and falls back to an included version if necessary.
I think you can use the crypt function with the blowfish algorithm: http://php.net/manual/en/function.crypt.php
Another option is to use mcrypt: http://www.php.net/manual/en/ref.mcrypt.php
Edit: example
Here's what I would do:
$hashedPassword = crypt('password', '$2a$11$abcd');Use crypt like this:
hash = crypt(password, salt);$hashedPassword should now contain the hash.
Basically in order to use the blow fish alogrithm, the salt needs to be in this format: $2a$[2 digit cost parameter]$[22 digit alphanumeric string]
To determine if you have blowfish on yours server:
if (CRYPT_BLOWFISH == 1) { echo 'Blowfish: ' . crypt('rasmuslerdorf', '$2a$07$usesomesillystringforsalt$') . "\n";}