Skip to content
Permalink
Browse files

Changed blowfish salt prefix to $2y$

  • Loading branch information...
ADmad committed Nov 19, 2013
1 parent 9618de1 commit e05215c33190d6d16586684b2e2c97b2f3ca5100
Showing with 2 additions and 3 deletions.
  1. +0 −1 Cake/Test/TestCase/Utility/SecurityTest.php
  2. +2 −2 Cake/Utility/Security.php
@@ -138,7 +138,6 @@ public function testHash() {
public function testHashBlowfish() {
Security::setCost(10);
$test = Security::hash('password', 'blowfish');
$this->skipIf(strpos($test, '$2a$') === false, 'Blowfish hashes are incorrect.');
$_hashType = Security::$hashType;
@@ -210,10 +210,10 @@ protected static function _salt($length = 22) {
protected static function _crypt($password, $salt = false) {
if ($salt === false) {
$salt = static::_salt(22);
$salt = vsprintf('$2a$%02d$%s', array(static::$hashCost, $salt));
$salt = vsprintf('$2y$%02d$%s', array(static::$hashCost, $salt));
}
if ($salt === true || strpos($salt, '$2a$') !== 0 || strlen($salt) < 29) {
if ($salt === true || strpos($salt, '$2y$') !== 0 || strlen($salt) < 29) {
throw new Error\Exception(__d(
'cake_dev',
'Invalid salt: %s for %s Please visit http://www.php.net/crypt and read the appropriate section for building %s salts.',

0 comments on commit e05215c

Please sign in to comment.
You can’t perform that action at this time.