1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
<?php
/**
*
* @package phpBB3
* @copyright (c) 2013 phpBB Group
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
*
*/
namespace phpbb\passwords\driver;
/**
* @ignore
*/
if (!defined('IN_PHPBB'))
{
exit;
}
/**
* @package passwords
*/
class bcrypt extends \phpbb\passwords\driver\base
{
const PREFIX = '$2a$';
/**
* @inheritdoc
*/
public function get_prefix()
{
return self::PREFIX;
}
/**
* @inheritdoc
*/
public function hash($password, $salt = '')
{
// The 2x and 2y prefixes of bcrypt might not be supported
// Revert to 2a if this is the case
$prefix = (!$this->is_supported()) ? '$2a$' : $this->get_prefix();
if ($salt == '')
{
$salt = $prefix . '10$' . $this->get_random_salt();
}
$hash = crypt($password, $salt);
if (strlen($hash) < 60)
{
return false;
}
return $hash;
}
/**
* @inheritdoc
*/
public function check($password, $hash)
{
$salt = substr($hash, 0, 29);
if (strlen($salt) != 29)
{
return false;
}
if ($hash == $this->hash($password, $salt))
{
return true;
}
return false;
}
/**
* Get a random salt value with a length of 22 characters
*
* @return string Salt for password hashing
*/
protected function get_random_salt()
{
return $this->helper->hash_encode64($this->helper->get_random_salt(22), 22);
}
/**
* @inheritdoc
*/
public function get_settings_only($hash, $full = false)
{
if ($full)
{
$pos = stripos($hash, '$', 1) + 1;
$length = 22 + (strripos($hash, '$') + 1 - $pos);
}
else
{
$pos = strripos($hash, '$') + 1;
$length = 22;
}
return substr($hash, $pos, $length);
}
}
|
