blob: 0eee98d7b7b02fd24ce36d441b478a5ceec14ccc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
namespace phpbb\passwords\driver;
class bcrypt_wcf2 extends base
{
const PREFIX = '$wcf2$';
/** @var \phpbb\passwords\driver\bcrypt */
protected $bcrypt;
/** @var \phpbb\passwords\driver\helper */
protected $helper;
/**
* Constructor of passwords driver object
*
* @param \phpbb\passwords\driver\bcrypt $bcrypt Salted md5 driver
* @param \phpbb\passwords\driver\helper $helper Password driver helper
*/
public function __construct(\phpbb\passwords\driver\bcrypt $bcrypt, helper $helper)
{
$this->bcrypt = $bcrypt;
$this->helper = $helper;
}
/**
* {@inheritdoc}
*/
public function get_prefix()
{
return self::PREFIX;
}
/**
* {@inheritdoc}
*/
public function is_legacy()
{
return true;
}
/**
* {@inheritdoc}
*/
public function hash($password, $user_row = '')
{
// Do not support hashing
return false;
}
/**
* {@inheritdoc}
*/
public function check($password, $hash, $user_row = array())
{
if (empty($hash) || strlen($hash) != 60)
{
return false;
}
else
{
$salt = substr($hash, 0, 29);
if (strlen($salt) != 29)
{
return false;
}
// Works for standard WCF 2.x, i.e. WBB4 and similar
return $this->helper->string_compare($hash, $this->bcrypt->hash($this->bcrypt->hash($password, $salt), $salt));
}
}
}
|
