This project is read-only.
1
Vote

Is BCrypt.Net patched for the 2014 OpenBSD bug?

description

BCrypt.Net still creates $2a$ hashes, but the latest version that is patched for the 256 character bug (http://undeadly.org/cgi?action=article&sid=20140224132743) in the OpenBSD implementation creates $2b$ hashes. Is this a secure version of the algorithm or is this not yet patched?

comments