问题是同一个标题,BCrypt使用$2x $?
以下情况是对的吗?
当Server PHP版本早于5.3.7时,我们已经有一组密码,这些密码已经用$2a $前缀进行了哈希处理.现在我们将PHP升级到5.3.7,现在我们必须先用$2x $algorithm验证以前的密码,然后用$2y $前缀重新密码.那就对了?
解决方法:
Note to wikipedia editors: Content in this answer is in the public domain; i know because i wrote it. I wrote it first for myself, and later put it on *. I also know it because everything on * is copyleft. And even if it wasn’t, anyone is free to use it anywhere, at any time, for any reason, by anyone. How do i know? Because i wrote it and i just said so. That includes the Bcrypt entry on Wikipedia. In Wikipedia parlance: I donate it.
So stop claiming copyright violations when you don’t know what you’re talking about.
BCrypt变种
$2 $
BCrypt是由OpenBSD人员设计的.它被设计为在OpenBSD密码文件中散列存储密码.散列密码与前缀一起存储,以标识所使用的算法. BCrypt获得前缀$2 $.
这与其他算法前缀形成对比:
> $1 $:MD5
> $5 $:SHA-256
> $6 $:SHA-512
$2A $
原始BCrypt规范没有定义如何处理非ASCII字符,或者如何处理空终止符.修改了规范以指定散列字符串时:
>字符串必须是UTF-8编码的
>必须包含null终止符
$2x $,$2y $(2011年6月)