mirror of
https://github.com/php/php-src.git
synced 2025-08-17 14:38:49 +02:00
462fef794f
This will cause an error in the case where invalid salts are provided for other algorithms. Currently, these invalid salts will silently fall back to STD_DES which is extremely weak. By detecting invalid DES salts, we can alert the user that there is a bug in their code. The error is currently E_DEPRECATED as this has potential to break currently working (yet insecure) code. In the future it should be changed to an E_WARNING and return *0
12 lines
302 B
PHP
12 lines
302 B
PHP
--TEST--
|
|
Test BCRYPT with invalid algorithm
|
|
--FILE--
|
|
<?php
|
|
var_dump(crypt("test", "$23$04$1234567890123456789012345"));
|
|
var_dump(crypt("test", "$20$04$1234567890123456789012345"));
|
|
var_dump(crypt("test", "$2g$04$1234567890123456789012345"));
|
|
?>
|
|
--EXPECTF--
|
|
string(2) "*0"
|
|
string(2) "*0"
|
|
string(2) "*0"
|