diff options
| author | Nils Adermann <naderman@naderman.de> | 2014-06-11 14:27:57 +0200 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2014-06-11 14:27:57 +0200 |
| commit | 694f8391c9d3a948159ea2564e6bf4c606eb4053 (patch) | |
| tree | a8aedc3999eb93513c7e6e8f1f83fbaa342feea5 /phpBB/phpbb/passwords/driver/bcrypt_wcf2.php | |
| parent | e1f371d14a0db43d4784bc047ad3929ec844697e (diff) | |
| parent | ac311e1b39f891ba3c137f6203981c491639bec3 (diff) | |
| download | forums-694f8391c9d3a948159ea2564e6bf4c606eb4053.tar forums-694f8391c9d3a948159ea2564e6bf4c606eb4053.tar.gz forums-694f8391c9d3a948159ea2564e6bf4c606eb4053.tar.bz2 forums-694f8391c9d3a948159ea2564e6bf4c606eb4053.tar.xz forums-694f8391c9d3a948159ea2564e6bf4c606eb4053.zip | |
Merge remote-tracking branch 'github-marc1706/ticket/12352' into develop-ascraeus
* github-marc1706/ticket/12352: (33 commits)
[ticket/12352] Do not check hashes that don't have the necessary length
[ticket/12352] Update file headers to fit new format
[ticket/12352] Use custom provider collection for auth providers
[ticket/12352] Add checks for existing user_pass_convert to migrations
[ticket/12352] Remove usages of user_pass_convert column
[ticket/12352] Update schema json file
[ticket/12352] Remove user_pass_convert column from database
[ticket/12352] Check each newly added passwords driver in manager_test
[ticket/12352] Add get_settings_only method to passwords driver base
[ticket/12352] Add passwords driver for xenforo 1.0, 1.1 passwords
[ticket/12352] Add tests for wcf1 and wcf2 drivers
[ticket/12352] Add driver for woltlab community framework 1 passwords
[ticket/12352] Add driver for woltlab community framework 2 passwords
[ticket/12352] Add missing $ to md5_mybb and md5_vb driver
[ticket/12352] Fix spacing in passwords tests
[ticket/12352] Add passwords driver for vB passwords
[ticket/12352] Use correct hashing method in md5_mybb driver
[ticket/12352] Add driver for myBB md5 passwords
[ticket/12352] Rename phpbb2_md5 driver to fit filenames of other drivers
[ticket/12352] Add passwords driver for sha1 password hashes
...
Diffstat (limited to 'phpBB/phpbb/passwords/driver/bcrypt_wcf2.php')
| -rw-r--r-- | phpBB/phpbb/passwords/driver/bcrypt_wcf2.php | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/phpBB/phpbb/passwords/driver/bcrypt_wcf2.php b/phpBB/phpbb/passwords/driver/bcrypt_wcf2.php new file mode 100644 index 0000000000..f706c7af69 --- /dev/null +++ b/phpBB/phpbb/passwords/driver/bcrypt_wcf2.php @@ -0,0 +1,84 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\passwords\driver; + +class bcrypt_wcf2 extends base +{ + const PREFIX = '$wcf2$'; + + /** @var \phpbb\passwords\driver\bcrypt */ + protected $bcrypt; + + /** @var phpbb\passwords\driver\helper */ + protected $helper; + + /** + * Constructor of passwords driver object + * + * @param \phpbb\passwords\driver\bcrypt $bcrypt Salted md5 driver + * @param \phpbb\passwords\driver\helper $helper Password driver helper + */ + public function __construct(\phpbb\passwords\driver\bcrypt $bcrypt, helper $helper) + { + $this->bcrypt = $bcrypt; + $this->helper = $helper; + } + + /** + * @inheritdoc + */ + public function get_prefix() + { + return self::PREFIX; + } + + /** + * @inheritdoc + */ + public function is_legacy() + { + return true; + } + + /** + * @inheritdoc + */ + public function hash($password, $user_row = '') + { + // Do not support hashing + return false; + } + + /** + * @inheritdoc + */ + public function check($password, $hash, $user_row = array()) + { + if (empty($hash) || strlen($hash) != 60) + { + return false; + } + else + { + $salt = substr($hash, 0, 29); + + if (strlen($salt) != 29) + { + return false; + } + // Works for standard WCF 2.x, i.e. WBB4 and similar + return $hash === $this->bcrypt->hash($this->bcrypt->hash($password, $salt), $salt); + } + } +} |