abesto · August 3, 2011 12:17
diff --git a/bcrypt.php b/bcrypt.php
 <?php
 // secure hashing of passwords using bcrypt, needs PHP 5.3+
 // see http://codahale.com/how-to-safely-store-a-password/
 // salt for bcrypt needs to be 22 base64 characters (but just [./0-9A-Za-z]), see http://php.net/crypt
 // 2a is the bcrypt algorithm selector, see http://php.net/crypt
 // 12 is the workload factor (around 300ms on a Core i7 machine), see http://php.net/crypt

 function bcrypt($message, $salt, $cost=12)
 {
    if (preg_match('~[./0-9A-Za-z]{22}~', $salt) === 0) throw new RuntimeException('bcrypt expects a salt of 22 digits of the alphabet [./0-9A-Za-z]');
    if ($cost < 4 || $cost > 31) throw new RuntimeException('bcrypt expects cost parameter between 04 and 31');
    return substr(crypt($message, '$2a$'.sprintf('%02d', $cost).'$'.$salt), 29);
 }
 ?>
	<?php
	// secure hashing of passwords using bcrypt, needs PHP 5.3+
	// see http://codahale.com/how-to-safely-store-a-password/
	// salt for bcrypt needs to be 22 base64 characters (but just [./0-9A-Za-z]), see http://php.net/crypt
	// 2a is the bcrypt algorithm selector, see http://php.net/crypt
	// 12 is the workload factor (around 300ms on a Core i7 machine), see http://php.net/crypt

	function bcrypt($message, $salt, $cost=12)
	{
	if (preg_match('~[./0-9A-Za-z]{22}~', $salt) === 0) throw new RuntimeException('bcrypt expects a salt of 22 digits of the alphabet [./0-9A-Za-z]');
	if ($cost < 4 \|\| $cost > 31) throw new RuntimeException('bcrypt expects cost parameter between 04 and 31');
	return substr(crypt($message, '$2a$'.sprintf('%02d', $cost).'$'.$salt), 29);
	}
	?>