Permalink
Browse files

Fix for the issue #2524

  • Loading branch information...
1 parent 9e9022f commit 7bd71ae97a045e4eee07d78a1b9e09a481901d5c @ezimuel committed Oct 2, 2012
Showing with 43 additions and 1 deletion.
  1. +27 −1 library/Zend/Crypt/Password/Bcrypt.php
  2. +16 −0 tests/ZendTest/Crypt/Password/BcryptTest.php
@@ -34,6 +34,11 @@ class Bcrypt implements PasswordInterface
* @var string
*/
protected $salt;
+
+ /**
+ * @var boolean
+ */
+ protected $backwardCompatibility = false;
/**
* Constructor
@@ -83,7 +88,7 @@ public function create($password)
* Check for security flaw in the bcrypt implementation used by crypt()
* @see http://php.net/security/crypt_blowfish.php
*/
- if (version_compare(PHP_VERSION, '5.3.7') >= 0) {
+ if ((version_compare(PHP_VERSION, '5.3.7') >= 0) && !$this->backwardCompatibility) {
$prefix = '$2y$';
} else {
$prefix = '$2a$';
@@ -173,4 +178,25 @@ public function getSalt()
{
return $this->salt;
}
+
+ /**
+ * Set the backward compatibility $2a$ instead of $2y$ for PHP 5.3.7+
+ *
+ * @param boolean $value
+ */
+ public function setBackwardCompatibility($value)
+ {
+ $this->backwardCompatibility = (boolean) $value;
+ return $this;
+ }
+
+ /**
+ * Get the backward compatibility
+ *
+ * @return boolean
+ */
+ public function getBackwardCompatibility()
+ {
+ return $this->backwardCompatibility;
+ }
}
@@ -139,4 +139,20 @@ public function testPasswordWith8bitCharacter()
$output = $this->bcrypt->create($password);
}
}
+
+ public function testSetBackwardCompatibility()
+ {
+ $result = $this->bcrypt->setBackwardCompatibility(true);
+ $this->assertTrue($result instanceof Bcrypt);
+ $this->assertTrue($this->bcrypt->getBackwardCompatibility());
+ }
+
+ public function testBackwardCompatibility()
+ {
+ $this->bcrypt->setSalt($this->salt);
+ $this->bcrypt->setBackwardCompatibility(true);
+ $password = $this->bcrypt->create($this->password);
+ $this->assertEquals('$2a$', substr($password, 0, 4));
+ $this->assertEquals(substr($password, 4), substr($this->bcryptPassword, 4));
+ }
}

0 comments on commit 7bd71ae

Please sign in to comment.