Add support for Bcrypt algorithm version 2y (#12447)

crystal-lang · Sep 10, 2022 · 286a027 · 286a027
1 parent 2166a8b
commit 286a027
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/spec/std/crypto/bcrypt/password_spec.cr b/spec/std/crypto/bcrypt/password_spec.cr
@@ -55,6 +55,7 @@ describe "Crypto::Bcrypt::Password" do
     password2 = Crypto::Bcrypt::Password.new("$2$04$ZsHrsVlj.dsmn74Az1rjmeE/21nYRC0vB5LPjG7ySBfi6lRaO/P22")
     password2a = Crypto::Bcrypt::Password.new("$2a$04$ZsHrsVlj.dsmn74Az1rjmeE/21nYRC0vB5LPjG7ySBfi6lRaO/P22")
     password2b = Crypto::Bcrypt::Password.new("$2b$04$ZsHrsVlj.dsmn74Az1rjmeE/21nYRC0vB5LPjG7ySBfi6lRaO/P22")
+    password2y = Crypto::Bcrypt::Password.new("$2y$04$ZsHrsVlj.dsmn74Az1rjmeE/21nYRC0vB5LPjG7ySBfi6lRaO/P22")
 
     it "verifies password is incorrect" do
       (password.verify "wrong").should be_false
@@ -73,5 +74,8 @@ describe "Crypto::Bcrypt::Password" do
     it "verifies password version 2b is correct (#11584)" do
       (password2b.verify "secret").should be_true
     end
+    it "verifies password version 2y is correct" do
+      (password2y.verify "secret").should be_true
+    end
   end
 end
diff --git a/src/crypto/bcrypt/password.cr b/src/crypto/bcrypt/password.cr
@@ -15,7 +15,7 @@ require "../subtle"
 #
 # See `Crypto::Bcrypt` for hints to select the cost when generating hashes.
 class Crypto::Bcrypt::Password
-  private SUPPORTED_VERSIONS = ["2", "2a", "2b"]
+  private SUPPORTED_VERSIONS = ["2", "2a", "2b", "2y"]
 
   # Hashes a password.
   #