ID: 48664
Comment by: sjoerd-php at linuxonly dot nl
Reported By: patrickdk at patrickdk dot com
Status: Open
Bug Type: Strings related
Operating System: linux 2.6.x
PHP Version: 5.2.10
New Comment:
Thank you for your bug report.
In your example, you use a salt beginning with $6$, which tells crypt
to use SHA512. However, this usage is not described in the PHP manual.
It does not seem to work correctly in PHP 5.2 and is does not seem to
work at all in PHP 5.3. I think crypt() does not support SHA256 or
SHA512, since it does not work correctly and is not in the manual.
Of course, it would still be nice if crypt() supported this or gave a
decent error message.
Previous Comments:
------------------------------------------------------------------------
[2009-06-23 16:23:58] patrickdk at patrickdk dot com
Description:
------------
Salts passed to the crypt function are truncated to 12 char lengths.
Reproduce code:
---------------
echo
crypt('test','$6$abcdefghijklmno$tQbBMthtllLykS8KyZiaZfkQjbTMyodcVype.b5CBDLWR5KYALlguf6YFXnE1H2I/LHQUA/3d4pc2XTCyaTPT/');
Expected result:
----------------
$6$abcdefghijklmno$tQbBMthtllLykS8KyZiaZfkQjbTMyodcVype.b5CBDLWR5KYALlguf6YFXnE1H2I/LHQUA/3d4pc2XTCyaTPT/
Actual result:
--------------
$6$abcdefghi$mZusigXFSGzFIySkaCAxY4PJrrBypV.jI7bF1LK0V.vNF2COAEzCQtWCI2noXXHUs6nUYgNURmoDVCLo6Eol//
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=48664&edit=1
