Implement BcryptSha Hashing & Harden Verification Checks

[padraic]

This PR, as discussed, implements several security improvements:

1. Offers a new Zend\Crypt\Password\BcryptSha class which is functionally identical to the Bcrypt class but will pre-hash incoming passwords using SHA256. This small step allows for passwords exceeding 72 bytes to have all 72 bytes utilised in a starting hash. At present, the use of Bcrypt will truncate any input to 72 bytes and effectively discard the remainder of the string. This is perfectly normal and valid behaviour in the bcrypt algorithm, but obviously not what users might expect when allowed to use long passwords.
2. It replaces the current set of identical comparisons with the pre-existing fixed time compare functionality to offset any risk of timing leaks about the hashes being compared.

Noting PR is against master at present.

[samsonasik]

2015

[weierophinney]

For the inevitable commenters who have read: http://blog.ircmaxell.com/2015/03/security-issue-combining-bcrypt-with.html — this patch follows the practices outlined in Anthony's post already. Hash::compute() takes up to three arguments, the last of which is $output, which is a constant indicating whether the returned hash should be in string or binary format. By default, string is used, which is equivalent to passing a boolean false to the hash() function's third argument, making the returned strings safe for re-hashing.

[weierophinney]

Merged to develop for release with 2.4; @padraic — please provide documentation in the zf2-documentation repo. :)