Passwords: BCRYPT changed to default algorithm

dg · dg · commit bc0f81d34099 · 2018-07-11T15:38:19.000+02:00
diff --git a/src/Security/Passwords.php b/src/Security/Passwords.php
@@ -28,7 +28,7 @@ public static function hash(string $password, array $options = []): string
 			throw new Nette\InvalidArgumentException("Cost must be in range 4-31, $options[cost] given.");
 		}
 
-		$hash = password_hash($password, PASSWORD_BCRYPT, $options);
+		$hash = password_hash($password, PASSWORD_DEFAULT, $options);
 		if ($hash === false || strlen($hash) < 60) {
 			throw new Nette\InvalidStateException('Hash computed by password_hash is invalid.');
 		}
@@ -50,6 +50,6 @@ public static function verify(string $password, string $hash): bool
 	 */
 	public static function needsRehash(string $hash, array $options = []): bool
 	{
-		return password_needs_rehash($hash, PASSWORD_BCRYPT, $options);
+		return password_needs_rehash($hash, PASSWORD_DEFAULT, $options);
 	}
 }

Original file line number	Diff line number	Diff line change
`@@ -28,7 +28,7 @@ public static function hash(string $password, array $options = []): string`
`28`	`28`	`throw new Nette\InvalidArgumentException("Cost must be in range 4-31, $options[cost] given.");`
`29`	`29`	`}`
`30`	`30`
`31`		`- $hash = password_hash($password, PASSWORD_BCRYPT, $options);`
	`31`	`+ $hash = password_hash($password, PASSWORD_DEFAULT, $options);`
`32`	`32`	`if ($hash === false \|\| strlen($hash) < 60) {`
`33`	`33`	`throw new Nette\InvalidStateException('Hash computed by password_hash is invalid.');`
`34`	`34`	`}`
`@@ -50,6 +50,6 @@ public static function verify(string $password, string $hash): bool`
`50`	`50`	`*/`
`51`	`51`	`public static function needsRehash(string $hash, array $options = []): bool`
`52`	`52`	`{`
`53`		`- return password_needs_rehash($hash, PASSWORD_BCRYPT, $options);`
	`53`	`+ return password_needs_rehash($hash, PASSWORD_DEFAULT, $options);`
`54`	`54`	`}`
`55`	`55`	`}`