7 files changed, 77 insertions, 85 deletions
diff --git a/phpBB/phpbb/passwords/driver/bcrypt.php b/phpBB/phpbb/passwords/driver/bcrypt.php
index 2c2ab8e7b7..db41fe6b38 100644
--- a/phpBB/phpbb/passwords/driver/bcrypt.php
+++ b/phpBB/phpbb/passwords/driver/bcrypt.php
@@ -33,14 +33,6 @@ class phpbb_passwords_driver_bcrypt extends phpbb_passwords_driver_base
 	/**
 	* @inheritdoc
 	*/
-	public function get_type()
-	{
-		return get_class($this);
-	}
-
-	/**
-	* @inheritdoc
-	*/
 	public function hash($password, $salt = '')
 	{
 		// The 2x and 2y prefixes of bcrypt might not be supported
diff --git a/phpBB/phpbb/passwords/driver/bcrypt_2y.php b/phpBB/phpbb/passwords/driver/bcrypt_2y.php
index 9277414d13..5b0dbdd311 100644
--- a/phpBB/phpbb/passwords/driver/bcrypt_2y.php
+++ b/phpBB/phpbb/passwords/driver/bcrypt_2y.php
@@ -33,14 +33,6 @@ class phpbb_passwords_driver_bcrypt_2y extends phpbb_passwords_driver_bcrypt
 	/**
 	* @inheritdoc
 	*/
-	public function get_type()
-	{
-		return get_class($this);
-	}
-
-	/**
-	* @inheritdoc
-	*/
 	public function is_supported()
 	{
 		return (version_compare(PHP_VERSION, '5.3.7', '<')) ? false : true;
diff --git a/phpBB/phpbb/passwords/driver/interface.php b/phpBB/phpbb/passwords/driver/interface.php
index a019830cb4..a2088db81c 100644
--- a/phpBB/phpbb/passwords/driver/interface.php
+++ b/phpBB/phpbb/passwords/driver/interface.php
@@ -34,13 +34,6 @@ interface phpbb_passwords_driver_interface
 	public function get_prefix();
 
 	/**
-	* Returns the name of the hash type
-	*
-	* @return string	Hash type of driver
-	*/
-	public function get_type();
-
-	/**
 	* Hash the password
 	*
 	* @return string	Password hash
diff --git a/phpBB/phpbb/passwords/driver/phpass.php b/phpBB/phpbb/passwords/driver/phpass.php
index 14ba60f279..d52ce96d11 100644
--- a/phpBB/phpbb/passwords/driver/phpass.php
+++ b/phpBB/phpbb/passwords/driver/phpass.php
@@ -29,12 +29,4 @@ class phpbb_passwords_driver_phpass extends phpbb_passwords_driver_salted_md5
 	{
 		return self::PREFIX;
 	}
-
-	/**
-	* @inheritdoc
-	*/
-	public function get_type()
-	{
-		return get_class($this);
-	}
 }
diff --git a/phpBB/phpbb/passwords/driver/salted_md5.php b/phpBB/phpbb/passwords/driver/salted_md5.php
index b87daae4e3..6fa12948be 100644
--- a/phpBB/phpbb/passwords/driver/salted_md5.php
+++ b/phpBB/phpbb/passwords/driver/salted_md5.php
@@ -33,14 +33,6 @@ class phpbb_passwords_driver_salted_md5 extends phpbb_passwords_driver_base
 	/**
 	* @inheritdoc
 	*/
-	public function get_type()
-	{
-		return get_class($this);
-	}
-
-	/**
-	* @inheritdoc
-	*/
 	public function hash($password, $setting = '')
 	{
 		if ($setting != '')
diff --git a/phpBB/phpbb/passwords/helper.php b/phpBB/phpbb/passwords/helper.php
index 952f491669..d91edb90a1 100644
--- a/phpBB/phpbb/passwords/helper.php
+++ b/phpBB/phpbb/passwords/helper.php
@@ -26,20 +26,13 @@ class phpbb_passwords_helper
 	protected $manager;
 
 	/**
-	* @var phpbb_container
-	*/
-	protected $container;
-
-	/**
 	* Construct a phpbb_passwords_helper object
 	*
 	* @param phpbb_passwords_manager $manager Crypto manager object
-	* @param phpbb_container $container phpBB container object
 	*/
-	public function __construct($manager, $container)
+	public function __construct($manager)
 	{
 		$this->manager = $manager;
-		$this->container = $container;
 	}
 
 	/**
@@ -85,14 +78,22 @@ class phpbb_passwords_helper
 		$hash = $hash_settings[0];
 
 		// Put settings of current hash into data array
-		$stored_hash_type = $this->manager->get_hashing_algorithm($password_hash);
+		$stored_hash_type = $this->manager->detect_algorithm($password_hash);
 		$this->combine_hash_output($data, 'prefix', $stored_hash_type->get_prefix());
 		$this->combine_hash_output($data, 'settings', $stored_hash_type->get_settings_only($password_hash));
 
 		// Hash current hash with the defined types
 		foreach ($type as $cur_type)
 		{
-			$new_hash_type = $this->container->get($cur_type);
+			if (isset($this->manager->algorithms[$cur_type]))
+			{
+				$new_hash_type = $this->manager->algorithms[$cur_type];
+			}
+			else
+			{
+				return false;
+			}
+
 			$new_hash = $new_hash_type->hash(str_replace($stored_hash_type->get_settings_only($password_hash), '', $hash));
 			$this->combine_hash_output($data, 'prefix', $new_hash_type->get_prefix());
 			$this->combine_hash_output($data, 'settings', substr(str_replace('$', '\\', $new_hash_type->get_settings_only($new_hash, true)), 0));
diff --git a/phpBB/phpbb/passwords/manager.php b/phpBB/phpbb/passwords/manager.php
index da6d65c487..cf6eddd135 100644
--- a/phpBB/phpbb/passwords/manager.php
+++ b/phpBB/phpbb/passwords/manager.php
@@ -26,12 +26,19 @@ class phpbb_passwords_manager
 	protected $type = false;
 
 	/**
-	* Hashing algorithm types
+	* Hashing algorithm type map
+	* Will be used to map hash prefix to type
 	*/
 	protected $type_map = false;
 
 	/**
-	* Password convert flag. Password should be converted
+	* Service collection of hashing algorithms
+	* Needs to be public for passwords helper
+	*/
+	public $algorithms = false;
+
+	/**
+	* Password convert flag. Signals that password should be converted
 	*/
 	public $convert_flag = false;
 
@@ -48,20 +55,16 @@ class phpbb_passwords_manager
 	protected $config;
 
 	/**
-	* phpBB compiled container
-	* @var service_container
-	*/
-	protected $container;
-
-	/**
 	* Construct a passwords object
 	*
 	* @param phpbb_config $config phpBB configuration
+	* @param phpbb_di_service_collection $hashing_algorithms Hashing driver
+	*			service collection
+	* @param string $default Default driver name
 	*/
-	public function __construct($config, $container, $hashing_algorithms, $default)
+	public function __construct($config, $hashing_algorithms, $default)
 	{
 		$this->config = $config;
-		$this->container = $container;
 		$this->type = $default;
 
 		$this->fill_type_map($hashing_algorithms);
@@ -77,9 +80,14 @@ class phpbb_passwords_manager
 	{
 		foreach ($hashing_algorithms as $algorithm)
 		{
+			if (!isset($this->algorithms[$algorithm->get_name()]))
+			{
+				$this->algorithms[$algorithm->get_name()] = $algorithm;
+			}
+
 			if (!isset($this->type_map[$algorithm->get_prefix()]))
 			{
-				$this->type_map[$algorithm->get_prefix()] = $algorithm;
+				$this->type_map[$algorithm->get_prefix()] = $algorithm->get_name();
 			}
 		}
 	}
@@ -91,18 +99,38 @@ class phpbb_passwords_manager
 	{
 		if ($this->helper === null)
 		{
-			$this->helper = new phpbb_passwords_helper($this, $this->container);
+			$this->helper = new phpbb_passwords_helper($this);
 		}
 	}
 
 	/**
-	* Get the hash type from the supplied hash
+	* Get the algorithm specified by a specific prefix
 	*
-	* @param string $hash Password hash that should be checked
+	* @param string $prefix Password hash prefix
 	*
 	* @return object The hash type object
 	*/
-	public function get_hashing_algorithm($hash)
+	protected function get_algorithm($prefix)
+	{
+		if (isset($this->type_map[$prefix]) && isset($this->algorithms[$this->type_map[$prefix]]))
+		{
+			return $this->algorithms[$this->type_map[$prefix]];
+		}
+		else
+		{
+			return false;
+		}
+	}
+
+	/**
+	* Detect the hash type of the supplied hash
+	*
+	* @param string $hash Password hash that should be checked
+	*
+	* @return object|bool The hash type object or false if the specified
+	*			type is not supported
+	*/
+	public function detect_algorithm($hash)
 	{
 		/*
 		* preg_match() will also show hashing algos like $2a\H$, which
@@ -112,7 +140,7 @@ class phpbb_passwords_manager
 		*/
 		if (!preg_match('#^\$([a-zA-Z0-9\\\]*?)\$#', $hash, $match))
 		{
-			return $this->type_map['$H$'];
+			return $this->get_algorithm('$H$');
 		}
 
 		// Be on the lookout for multiple hashing algorithms
@@ -123,32 +151,27 @@ class phpbb_passwords_manager
 			$return_ary = array();
 			foreach ($hash_types as $type)
 			{
-				if (isset($this->type_map["\${$type}\$"]))
+				// we do not support the same hashing
+				// algorithm more than once
+				if (isset($return_ary[$type]))
 				{
-					// we do not support the same hashing
-					// algorithm more than once
-					if (isset($return_ary[$type]))
-					{
-						return false;
-					}
-					$return_ary[$type] = $this->type_map["\${$type}\$"];
+					return false;
 				}
-				else
+
+				$return_ary[$type] = $this->get_algorithm("\${$type}\$");
+
+				if (empty($return_ary[$type]))
 				{
+
 					return false;
 				}
 			}
 			return $return_ary;
 		}
 
-		if (isset($this->type_map[$match[0]]))
-		{
-			return $this->type_map[$match[0]];
-		}
-		else
-		{
-			return false;
-		}
+		// get_algorithm() will automatically return false if prefix
+		// is not supported
+		return $this->get_algorithm($match[0]);
 	}
 
 	/**
@@ -169,7 +192,14 @@ class phpbb_passwords_manager
 			return $this->helper->combined_hash_password($password, $type);
 		}
 
-		$hashing_algorithm = $this->container->get($type);
+		if (isset($this->algorithms[$type]))
+		{
+			$hashing_algorithm = $this->algorithms[$type];
+		}
+		else
+		{
+			return false;
+		}
 
 		// Do not support 8-bit characters with $2a$ bcrypt
 		// Also see http://www.php.net/security/crypt_blowfish.php
@@ -181,7 +211,7 @@ class phpbb_passwords_manager
 			}
 		}
 
-		return $this->container->get($type)->hash($password);
+		return $hashing_algorithm->hash($password);
 	}
 
 	/**
@@ -195,7 +225,7 @@ class phpbb_passwords_manager
 	public function check_hash($password, $hash)
 	{
 		// First find out what kind of hash we're dealing with
-		$stored_hash_type = $this->get_hashing_algorithm($hash);
+		$stored_hash_type = $this->detect_algorithm($hash);
 		if ($stored_hash_type == false)
 		{
 			return false;