|From:||Daniel Fone <daniel(at)fone(dot)net(dot)nz>|
|Subject:||pgcrypto support for bcrypt $2b$ hashes|
|Views:||Raw Message | Whole Thread | Download mbox | Resend email|
I've recently been working with a database containing bcrypt hashes generated by a 3rd-party which use the $2b$ prefix. This prefix was introduced in 2014 and has since been recognised by a number of bcrypt implementations. 
At the moment, pgcrypto’s `crypt` doesn’t recognise this prefix. However, simply `replace`ing the prefix with $2a$ allows crypt to validate the hashes. This patch simply adds recognition for the prefix and treats the hash identically to the $2a$ hashes.
Is this a reasonable change to pgcrypto? I note that the last upstream change brought into crypt-blowfish.c was in 2011, predating this prefix.  Are there deeper concerns or other upstream changes that need to be addressed alongside this? Is there a better approach to this?
At the moment, the $2x$ variant is supported but not mentioned in the docs, so I haven’t included any documentation updates.
|Next Message||Fujii Masao||2021-09-24 02:26:12||Re: pgbench bug candidate: negative "initial connection time"|
|Previous Message||Masahiko Sawada||2021-09-24 01:31:09||Re: Skipping logical replication transactions on subscriber side|