Date: Mon, 6 Oct 2014 15:06:47 +0100 From: Leigh <leight@...il.com> To: crypt-dev@...ts.openwall.com Subject: BCrypt $2b$ support in PHP Hi list, I've submitted a patch to the PHP project to support revision 'b' of bcrypt. Due diligence demands I seek consultation from others on crypto-related changes, and Anthony Ferarra suggested mailing crypto-dev in the interest of open communication, and on the off-chance anyone is able to review the patch. PHPs key-expansion is currently performed using an 18 x 4 nested loop, rather than explicitly assigning the key length anywhere, which I am assuming sidesteps the 8-bit length wrapping issue altogether. The crypt 1.3 release states: Version 1.3 adds support for the $2b$ prefix introduced in OpenBSD 5.5+, which behaves exactly the same as crypt_blowfish's $2y$. As PHP already supports the 'y' revision, I again making an assumption that supporting 'b' is as simple as using the same code path as 'y'. Comments and/or review are both welcome and very much appreciated. The patch is on github: https://github.com/php/php-src/pull/868 Thanks and kind regards, Leigh.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ