Allow all official forms of bcrypt supported by PHP
Tested with $2a$, $2b$, $2x$ and $2y$. Also tested $2a$ converted to $2x$, and $2b$ converted to $2y$. In addition, tested handling of short salt values (terminated with $), as supported by PHP as a hack (including PHP's bugs, as embodied in crypt_blowfish.c).
This commit is contained in:
Gregory A Lundberg
Gregory A Lundberg
parent
a3c46d3639
commit
0407ee40ac
1 changed files with 4 additions and 1 deletions
|
|
@ -181,7 +181,10 @@ bcrypt bcrypt::hash_pw(const std::string& password, bcrypt& salt)
|
|||
}
|
||||
|
||||
bool bcrypt::is_valid_prefix(const std::string& hash) {
|
||||
return hash.compare(0, 4, "$2y$") == 0;
|
||||
return ((hash.compare(0, 4, "$2a$") == 0)
|
||||
|| (hash.compare(0, 4, "$2b$") == 0)
|
||||
|| (hash.compare(0, 4, "$2x$") == 0)
|
||||
|| (hash.compare(0, 4, "$2y$") == 0));
|
||||
}
|
||||
|
||||
std::string bcrypt::get_salt() const
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue