Zend\Crypt\Password\Bcrypt throws exception "Error during the bcrypt generation" when "create" method is called.
I work with Zend Server that uses version "5.3.8-ZS5.5.0" of PHP. I think maybe the wrong salt prefix ($2y$) is selected because the exception is not thrown if I force the code to use "$2a$" as prefix.
(Originally posted by: ezimuel on 08/12/12)
This is odd because the "$2y$" prefix should be used instead of "$2a$" starting from PHP 5.3.7+ (for more details: http://www.php.net/security/crypt_blowfish.php). Can you show me the snippet code that you are trying to execute?
(Originally posted by: neeckeloo on 08/12/12)
I use the ZfcUser module of Evan Coury that provide authentication feature. The "$hash" variable of \Zend\Crypt\Password\Bcrypt::create method has always a length of 13.
This issue was ported from the ZF2 Jira Issue Tracker at
Known GitHub users mentioned in the original message or comment:
Fix for the issue #2524
I added the setBackwardCompatibility() to set the $2a$ for the crypt() function. By default the backward compatibility flag is set to false. In your case you have to set it to true. I checked with Zend Server 5.5 and I found the same issue. The bug has been fixed with Zend Server 5.6.
This new methods will be released with ZF 2.1.0.
Thank for your feedback.
Fix for the issue zendframework/zendframework#2524