|
24 | 24 | |bcrypt-a |2a |bug compatible | |
25 | 25 | |bcrypt-x |2x |bug compatible | |
26 | 26 | |bcrypt-y |2y |historic alias for 2b| |
| 27 | + |yescrypt |y | | |
27 | 28 |
|
28 | 29 | The third argument to this function is the salt to use. For bcrypt-type hashes, |
29 | 30 | the first two characters of the salt represent a strength parameter, with a value |
|
54 | 55 | 'bcrypt' => { prefix: '2b', salt: %r{^(0[4-9]|[12][0-9]|3[01])\$[./A-Za-z0-9]{22}} }, |
55 | 56 | 'bcrypt-a' => { prefix: '2a', salt: %r{^(0[4-9]|[12][0-9]|3[01])\$[./A-Za-z0-9]{22}} }, |
56 | 57 | 'bcrypt-x' => { prefix: '2x', salt: %r{^(0[4-9]|[12][0-9]|3[01])\$[./A-Za-z0-9]{22}} }, |
57 | | - 'bcrypt-y' => { prefix: '2y', salt: %r{^(0[4-9]|[12][0-9]|3[01])\$[./A-Za-z0-9]{22}} } |
| 58 | + 'bcrypt-y' => { prefix: '2y', salt: %r{^(0[4-9]|[12][0-9]|3[01])\$[./A-Za-z0-9]{22}} }, |
| 59 | + 'yescrypt' => { prefix: 'y', salt: %r{^[./A-Za-z0-9]+\$[./A-Za-z0-9]{,86}} } |
58 | 60 | } |
59 | 61 |
|
60 | 62 | raise ArgumentError, 'pw_hash(): first argument must be a string' unless args[0].is_a?(String) || args[0].nil? |
|
76 | 78 |
|
77 | 79 | # handle weak implementations of String#crypt |
78 | 80 | # dup the string to get rid of frozen status for testing |
79 | | - if RUBY_PLATFORM == 'java' && !args[1].downcase.start_with?('bcrypt') |
| 81 | + if RUBY_PLATFORM == 'java' && !['bcrypt', 'bcrypt-a', 'bcrypt-x', 'bcrypt-y', 'yescrypt'].include?(args[1].downcase) |
80 | 82 | # puppetserver bundles Apache Commons Codec |
81 | 83 | org.apache.commons.codec.digest.Crypt.crypt(password.to_java_bytes, salt) |
82 | 84 | elsif (+'test').crypt('$1$1') == '$1$1$Bp8CU9Oujr9SSEw53WV6G.' |
|
0 commit comments