When using hashpass with own salt, the salt is not truncated to 128 bits

[mbaeuerle]

When using own salt, the salt is not truncated to 128 bits. This leads to different hashes between this implementation and say PHP (if you leave aside the $2y$ at the beginning).
It's best shown by example:

iex(2)> Comeonin.Bcrypt.hashpass("test", "$2b$10$1234567899123456789012")
"$2b$10$1234567899123456789012.OtL1A1eGK5wmvBKUDYKvuVKI7h2XBu"

Notice how in the resulting hash the salt ends with a 2:
"$2b$10$1234567899123456789012.OtL1A1eGK5wmvBKUDYKvuVKI7h2XBu"

Doing the same in PHP:

>>> crypt("test", "$2y$10$1234567899123456789012")
=> "$2y$10$123456789912345678901u.OtL1A1eGK5wmvBKUDYKvuVKI7h2XBu"

"$2y$10$123456789912345678901u.OtL1A1eGK5wmvBKUDYKvuVKI7h2XBu"
Here the last character is truncated to an u because of the 128 bit length of the salt.
See this Question on Security.Stackexchange.

I think there is no problem with the open bsd bcrypt module itself because both versions are valid:

iex(5)> Comeonin.Bcrypt.checkpw("test", "$2b$10$1234567899123456789012.OtL1A1eGK5wmvBKUDYKvuVKI7h2XBu")
true
iex(6)> Comeonin.Bcrypt.checkpw("test", "$2b$10$123456789912345678901u.OtL1A1eGK5wmvBKUDYKvuVKI7h2XBu")
true

It's rather a problem with the return value from hashpass/2: https://github.com/riverrun/comeonin/blob/master/lib/comeonin/bcrypt.ex#L197
Here the salt is just returned as given by the user, and I think this should be truncated to 128 bits.

[riverrun]

Thanks for raising the issue. I'll look into it further and get back to you as soon as possible.

[mbaeuerle]

Thanks for the fast fix! 🎉