php – 在BCrypt中使用2x前缀?
作者:互联网
问题是同一个标题,BCrypt使用$2x $?
以下情况是对的吗?
当Server PHP版本早于5.3.7时,我们已经有一组密码,这些密码已经用$2a $前缀进行了哈希处理.现在我们将PHP升级到5.3.7,现在我们必须先用$2x $algorithm验证以前的密码,然后用$2y $前缀重新密码.那就对了?
解决方法:
Note to wikipedia editors: Content in this answer is in the public domain; i know because i wrote it. I wrote it first for myself, and later put it on Stackoverflow. I also know it because everything on Stackoverflow is copyleft. And even if it wasn’t, anyone is free to use it anywhere, at any time, for any reason, by anyone. How do i know? Because i wrote it and i just said so. That includes the Bcrypt entry on Wikipedia. In Wikipedia parlance: I donate it.
So stop claiming copyright violations when you don’t know what you’re talking about.
BCrypt变种
$2 $
BCrypt是由OpenBSD人员设计的.它被设计为在OpenBSD密码文件中散列存储密码.散列密码与前缀一起存储,以标识所使用的算法. BCrypt获得前缀$2 $.
这与其他算法前缀形成对比:
> $1 $:MD5
> $5 $:SHA-256
> $6 $:SHA-512
$2A $
原始BCrypt规范没有定义如何处理非ASCII字符,或者如何处理空终止符.修改了规范以指定散列字符串时:
>字符串必须是UTF-8编码的
>必须包含null终止符
$2x $,$2y $(2011年6月)
在crypt_blowfish 标签:crypt,php,bcrypt
来源: https://codeday.me/bug/20191004/1853478.html