Bugzilla – Attachment 2870 Details for
Bug 2611
Add support for $2b$ prefixed hashes
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch to add support
0001-support-2b-scheme-id.patch (text/plain), 6.07 KB, created by
David Carlson
on 2016-09-07 03:19:03 AEST
(
hide
)
Description:
patch to add support
Filename:
MIME Type:
Creator:
David Carlson
Created:
2016-09-07 03:19:03 AEST
Size:
6.07 KB
patch
obsolete
>From a3b8a7677f74c8c52cc633a49a0d9ff6f2c5b2f3 Mon Sep 17 00:00:00 2001 >From: David Carlson <dcarlson@squareup.com> >Date: Tue, 6 Sep 2016 12:01:48 -0400 >Subject: [PATCH] support $2b$ scheme id New scheme represents that the hash > was generated with a library that is not vulnerable to a wrap-around bug: see > http://www.openwall.com/lists/oss-security/2012/01/02/4 > >--- > src/org/mindrot/jbcrypt/BCrypt.java | 4 +- > test/org/mindrot/jbcrypt/TestBCrypt.java | 76 ++++++++++++++++---------------- > 2 files changed, 40 insertions(+), 40 deletions(-) > >diff --git a/src/org/mindrot/jbcrypt/BCrypt.java b/src/org/mindrot/jbcrypt/BCrypt.java >index 9e1effd..9d42654 100644 >--- a/src/org/mindrot/jbcrypt/BCrypt.java >+++ b/src/org/mindrot/jbcrypt/BCrypt.java >@@ -661,7 +661,7 @@ public class BCrypt { > off = 3; > else { > minor = salt.charAt(2); >- if (minor != 'a' || salt.charAt(3) != '$') >+ if (!(minor == 'a' || minor == 'b') || salt.charAt(3) != '$') > throw new IllegalArgumentException ("Invalid salt revision"); > off = 4; > } >@@ -716,7 +716,7 @@ public class BCrypt { > > random.nextBytes(rnd); > >- rs.append("$2a$"); >+ rs.append("$2b$"); > if (log_rounds < 10) > rs.append("0"); > if (log_rounds > 30) { >diff --git a/test/org/mindrot/jbcrypt/TestBCrypt.java b/test/org/mindrot/jbcrypt/TestBCrypt.java >index aa0f5a8..89bb3e7 100644 >--- a/test/org/mindrot/jbcrypt/TestBCrypt.java >+++ b/test/org/mindrot/jbcrypt/TestBCrypt.java >@@ -25,62 +25,62 @@ import junit.framework.TestCase; > public class TestBCrypt extends TestCase { > String test_vectors[][] = { > { "", >- "$2a$06$DCq7YPn5Rq63x1Lad4cll.", >- "$2a$06$DCq7YPn5Rq63x1Lad4cll.TV4S6ytwfsfvkgY8jIucDrjc8deX1s." }, >+ "$2b$06$DCq7YPn5Rq63x1Lad4cll.", >+ "$2b$06$DCq7YPn5Rq63x1Lad4cll.TV4S6ytwfsfvkgY8jIucDrjc8deX1s." }, > { "", >- "$2a$08$HqWuK6/Ng6sg9gQzbLrgb.", >- "$2a$08$HqWuK6/Ng6sg9gQzbLrgb.Tl.ZHfXLhvt/SgVyWhQqgqcZ7ZuUtye" }, >+ "$2b$08$HqWuK6/Ng6sg9gQzbLrgb.", >+ "$2b$08$HqWuK6/Ng6sg9gQzbLrgb.Tl.ZHfXLhvt/SgVyWhQqgqcZ7ZuUtye" }, > { "", >- "$2a$10$k1wbIrmNyFAPwPVPSVa/ze", >- "$2a$10$k1wbIrmNyFAPwPVPSVa/zecw2BCEnBwVS2GbrmgzxFUOqW9dk4TCW" }, >+ "$2b$10$k1wbIrmNyFAPwPVPSVa/ze", >+ "$2b$10$k1wbIrmNyFAPwPVPSVa/zecw2BCEnBwVS2GbrmgzxFUOqW9dk4TCW" }, > { "", >- "$2a$12$k42ZFHFWqBp3vWli.nIn8u", >- "$2a$12$k42ZFHFWqBp3vWli.nIn8uYyIkbvYRvodzbfbK18SSsY.CsIQPlxO" }, >+ "$2b$12$k42ZFHFWqBp3vWli.nIn8u", >+ "$2b$12$k42ZFHFWqBp3vWli.nIn8uYyIkbvYRvodzbfbK18SSsY.CsIQPlxO" }, > { "a", >- "$2a$06$m0CrhHm10qJ3lXRY.5zDGO", >- "$2a$06$m0CrhHm10qJ3lXRY.5zDGO3rS2KdeeWLuGmsfGlMfOxih58VYVfxe" }, >+ "$2b$06$m0CrhHm10qJ3lXRY.5zDGO", >+ "$2b$06$m0CrhHm10qJ3lXRY.5zDGO3rS2KdeeWLuGmsfGlMfOxih58VYVfxe" }, > { "a", >- "$2a$08$cfcvVd2aQ8CMvoMpP2EBfe", >- "$2a$08$cfcvVd2aQ8CMvoMpP2EBfeodLEkkFJ9umNEfPD18.hUF62qqlC/V." }, >+ "$2b$08$cfcvVd2aQ8CMvoMpP2EBfe", >+ "$2b$08$cfcvVd2aQ8CMvoMpP2EBfeodLEkkFJ9umNEfPD18.hUF62qqlC/V." }, > { "a", >- "$2a$10$k87L/MF28Q673VKh8/cPi.", >- "$2a$10$k87L/MF28Q673VKh8/cPi.SUl7MU/rWuSiIDDFayrKk/1tBsSQu4u" }, >+ "$2b$10$k87L/MF28Q673VKh8/cPi.", >+ "$2b$10$k87L/MF28Q673VKh8/cPi.SUl7MU/rWuSiIDDFayrKk/1tBsSQu4u" }, > { "a", >- "$2a$12$8NJH3LsPrANStV6XtBakCe", >- "$2a$12$8NJH3LsPrANStV6XtBakCez0cKHXVxmvxIlcz785vxAIZrihHZpeS" }, >+ "$2b$12$8NJH3LsPrANStV6XtBakCe", >+ "$2b$12$8NJH3LsPrANStV6XtBakCez0cKHXVxmvxIlcz785vxAIZrihHZpeS" }, > { "abc", >- "$2a$06$If6bvum7DFjUnE9p2uDeDu", >- "$2a$06$If6bvum7DFjUnE9p2uDeDu0YHzrHM6tf.iqN8.yx.jNN1ILEf7h0i" }, >+ "$2b$06$If6bvum7DFjUnE9p2uDeDu", >+ "$2b$06$If6bvum7DFjUnE9p2uDeDu0YHzrHM6tf.iqN8.yx.jNN1ILEf7h0i" }, > { "abc", >- "$2a$08$Ro0CUfOqk6cXEKf3dyaM7O", >- "$2a$08$Ro0CUfOqk6cXEKf3dyaM7OhSCvnwM9s4wIX9JeLapehKK5YdLxKcm" }, >+ "$2b$08$Ro0CUfOqk6cXEKf3dyaM7O", >+ "$2b$08$Ro0CUfOqk6cXEKf3dyaM7OhSCvnwM9s4wIX9JeLapehKK5YdLxKcm" }, > { "abc", >- "$2a$10$WvvTPHKwdBJ3uk0Z37EMR.", >- "$2a$10$WvvTPHKwdBJ3uk0Z37EMR.hLA2W6N9AEBhEgrAOljy2Ae5MtaSIUi" }, >+ "$2b$10$WvvTPHKwdBJ3uk0Z37EMR.", >+ "$2b$10$WvvTPHKwdBJ3uk0Z37EMR.hLA2W6N9AEBhEgrAOljy2Ae5MtaSIUi" }, > { "abc", >- "$2a$12$EXRkfkdmXn2gzds2SSitu.", >- "$2a$12$EXRkfkdmXn2gzds2SSitu.MW9.gAVqa9eLS1//RYtYCmB1eLHg.9q" }, >+ "$2b$12$EXRkfkdmXn2gzds2SSitu.", >+ "$2b$12$EXRkfkdmXn2gzds2SSitu.MW9.gAVqa9eLS1//RYtYCmB1eLHg.9q" }, > { "abcdefghijklmnopqrstuvwxyz", >- "$2a$06$.rCVZVOThsIa97pEDOxvGu", >- "$2a$06$.rCVZVOThsIa97pEDOxvGuRRgzG64bvtJ0938xuqzv18d3ZpQhstC" }, >+ "$2b$06$.rCVZVOThsIa97pEDOxvGu", >+ "$2b$06$.rCVZVOThsIa97pEDOxvGuRRgzG64bvtJ0938xuqzv18d3ZpQhstC" }, > { "abcdefghijklmnopqrstuvwxyz", >- "$2a$08$aTsUwsyowQuzRrDqFflhge", >- "$2a$08$aTsUwsyowQuzRrDqFflhgekJ8d9/7Z3GV3UcgvzQW3J5zMyrTvlz." }, >+ "$2b$08$aTsUwsyowQuzRrDqFflhge", >+ "$2b$08$aTsUwsyowQuzRrDqFflhgekJ8d9/7Z3GV3UcgvzQW3J5zMyrTvlz." }, > { "abcdefghijklmnopqrstuvwxyz", >- "$2a$10$fVH8e28OQRj9tqiDXs1e1u", >- "$2a$10$fVH8e28OQRj9tqiDXs1e1uxpsjN0c7II7YPKXua2NAKYvM6iQk7dq" }, >+ "$2b$10$fVH8e28OQRj9tqiDXs1e1u", >+ "$2b$10$fVH8e28OQRj9tqiDXs1e1uxpsjN0c7II7YPKXua2NAKYvM6iQk7dq" }, > { "abcdefghijklmnopqrstuvwxyz", >- "$2a$12$D4G5f18o7aMMfwasBL7Gpu", >- "$2a$12$D4G5f18o7aMMfwasBL7GpuQWuP3pkrZrOAnqP.bmezbMng.QwJ/pG" }, >+ "$2b$12$D4G5f18o7aMMfwasBL7Gpu", >+ "$2b$12$D4G5f18o7aMMfwasBL7GpuQWuP3pkrZrOAnqP.bmezbMng.QwJ/pG" }, > { "~!@#$%^&*() ~!@#$%^&*()PNBFRD", >- "$2a$06$fPIsBO8qRqkjj273rfaOI.", >- "$2a$06$fPIsBO8qRqkjj273rfaOI.HtSV9jLDpTbZn782DC6/t7qT67P6FfO" }, >+ "$2b$06$fPIsBO8qRqkjj273rfaOI.", >+ "$2b$06$fPIsBO8qRqkjj273rfaOI.HtSV9jLDpTbZn782DC6/t7qT67P6FfO" }, > { "~!@#$%^&*() ~!@#$%^&*()PNBFRD", >- "$2a$08$Eq2r4G/76Wv39MzSX262hu", >- "$2a$08$Eq2r4G/76Wv39MzSX262huzPz612MZiYHVUJe/OcOql2jo4.9UxTW" }, >+ "$2b$08$Eq2r4G/76Wv39MzSX262hu", >+ "$2b$08$Eq2r4G/76Wv39MzSX262huzPz612MZiYHVUJe/OcOql2jo4.9UxTW" }, > { "~!@#$%^&*() ~!@#$%^&*()PNBFRD", >- "$2a$10$LgfYWkbzEvQ4JakH7rOvHe", >- "$2a$10$LgfYWkbzEvQ4JakH7rOvHe0y8pHKF9OaFgwUZ2q7W2FFZmZzJYlfS" }, >+ "$2b$10$LgfYWkbzEvQ4JakH7rOvHe", >+ "$2b$10$LgfYWkbzEvQ4JakH7rOvHe0y8pHKF9OaFgwUZ2q7W2FFZmZzJYlfS" }, > { "~!@#$%^&*() ~!@#$%^&*()PNBFRD", > "$2a$12$WApznUOJfkEGSmYRfnkrPO", > "$2a$12$WApznUOJfkEGSmYRfnkrPOr466oFDCaj4b6HY3EXGvfxm43seyhgC" }, >-- >2.8.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2870">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2611
: 2870