What is the maximum string input in crypt () function?

Question

What is the maximum string input in crypt () function?

I think I have reached the crypt($string) limit of 72 characters. Here is the code:

 <?php $p = '0123456789abcdefghij0123456789abcdefghij0123456789abcdefghij0123456789++'; var_dump($p); $salt = '$2y$12$' . substr(str_replace('+', '.', base64_encode(sha1(microtime(true), true))), 0, 22); var_dump($salt); $hash = crypt($p, $salt); var_dump($hash); var_dump($hash === crypt($p, $hash)); var_dump($hash === crypt($p.'a', $hash)); var_dump($hash === crypt($p.'-or-anthing else beyond this...', $hash));

Exit:

 string(72) "0123456789abcdefghij0123456789abcdefghij0123456789abcdefghij0123456789++" string(29) "$2y$12$nLe2d618C6YN0FQ0vODGvz" string(60) "$2y$12$nLe2d618C6YN0FQ0vODGvutzCR5h0ngWmDSXtFdSt2dPAW5vgPd1e" bool(true) bool(true) bool(true)

Is the usual behavior that 72 char is the maximum input string?

+6

php php-5.3

Glavić Aug 3 '12 at 18:17

source share

1 answer

Madara uchiha · Accepted Answer · 2012-08-03T20:20:02+0000

Yes, after a little research, the bcrypt algorithm is limited to 72 characters. Everything that goes beyond this is truncated.

However, as a hashing algorithm designed to hash passwords, I doubt that you will ever have to worry about this limitation.

What is the maximum string input in crypt () function?

More articles: