Skip to content

Commit

Permalink
Changed blowfish salt prefix to $2y$
Browse files Browse the repository at this point in the history
  • Loading branch information
@ADmad
ADmad committed Nov 19, 2013
1 parent 9618de1 commit e05215c
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 3 deletions.
1 change: 0 additions & 1 deletion Cake/Test/TestCase/Utility/SecurityTest.php
View file
Expand Up @@ -138,7 +138,6 @@ public function testHash() {
public function testHashBlowfish() {
Security::setCost(10);
$test = Security::hash('password', 'blowfish');
$this->skipIf(strpos($test, '$2a$') === false, 'Blowfish hashes are incorrect.');

$_hashType = Security::$hashType;

Expand Down
4 changes: 2 additions & 2 deletions Cake/Utility/Security.php
View file
Expand Up @@ -210,10 +210,10 @@ protected static function _salt($length = 22) {
protected static function _crypt($password, $salt = false) {
if ($salt === false) {
$salt = static::_salt(22);
$salt = vsprintf('$2a$%02d$%s', array(static::$hashCost, $salt));
$salt = vsprintf('$2y$%02d$%s', array(static::$hashCost, $salt));
}

if ($salt === true || strpos($salt, '$2a$') !== 0 || strlen($salt) < 29) {
if ($salt === true || strpos($salt, '$2y$') !== 0 || strlen($salt) < 29) {
throw new Error\Exception(__d(
'cake_dev',
'Invalid salt: %s for %s Please visit http://www.php.net/crypt and read the appropriate section for building %s salts.',
Expand Down

0 comments on commit e05215c

Please sign in to comment.