diff options
| -rw-r--r-- | phpBB/config/passwords.yml | 8 | ||||
| -rw-r--r-- | phpBB/phpbb/passwords/driver/bcrypt_wcf2.php | 91 | ||||
| -rw-r--r-- | tests/passwords/drivers_test.php | 1 | ||||
| -rw-r--r-- | tests/passwords/manager_test.php | 1 |
4 files changed, 101 insertions, 0 deletions
diff --git a/phpBB/config/passwords.yml b/phpBB/config/passwords.yml index 52a1bd7e5a..56bbd39917 100644 --- a/phpBB/config/passwords.yml +++ b/phpBB/config/passwords.yml @@ -22,6 +22,14 @@ services: tags: - { name: passwords.driver } + passwords.driver.bcrypt_wcf2: + class: phpbb\passwords\driver\bcrypt_wcf2 + arguments: + - @passwords.driver.bcrypt + - @passwords.driver_helper + tags: + - { name: passwords.driver } + passwords.driver.salted_md5: class: phpbb\passwords\driver\salted_md5 arguments: diff --git a/phpBB/phpbb/passwords/driver/bcrypt_wcf2.php b/phpBB/phpbb/passwords/driver/bcrypt_wcf2.php new file mode 100644 index 0000000000..636fe74789 --- /dev/null +++ b/phpBB/phpbb/passwords/driver/bcrypt_wcf2.php @@ -0,0 +1,91 @@ +<?php +/** +* +* @package phpBB3 +* @copyright (c) 2014 phpBB Group +* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* +*/ + +namespace phpbb\passwords\driver; + +/** +* @package passwords +*/ +class bcrypt_wcf2 extends base +{ + const PREFIX = '$wcf2$'; + + /** @var \phpbb\passwords\driver\bcrypt */ + protected $bcrypt; + + /** @var phpbb\passwords\driver\helper */ + protected $helper; + + /** + * Constructor of passwords driver object + * + * @param \phpbb\passwords\driver\bcrypt $bcrypt Salted md5 driver + * @param \phpbb\passwords\driver\helper $helper Password driver helper + */ + public function __construct(\phpbb\passwords\driver\bcrypt $bcrypt, helper $helper) + { + $this->bcrypt = $bcrypt; + $this->helper = $helper; + } + + /** + * @inheritdoc + */ + public function get_prefix() + { + return self::PREFIX; + } + + /** + * @inheritdoc + */ + public function is_legacy() + { + return true; + } + + /** + * @inheritdoc + */ + public function hash($password, $user_row = '') + { + // Do not support hashing + return false; + } + + /** + * @inheritdoc + */ + public function check($password, $hash, $user_row = array()) + { + if (empty($hash)) + { + return false; + } + else + { + $salt = substr($hash, 0, 29); + + if (strlen($salt) != 29) + { + return false; + } + // Works for standard WCF 2.x, i.e. WBB4 and similar + return $hash === $this->bcrypt->hash($this->bcrypt->hash($password, $salt), $salt); + } + } + + /** + * @inheritdoc + */ + public function get_settings_only($hash, $full = false) + { + return false; + } +} diff --git a/tests/passwords/drivers_test.php b/tests/passwords/drivers_test.php index 6861e5f805..0254db2016 100644 --- a/tests/passwords/drivers_test.php +++ b/tests/passwords/drivers_test.php @@ -34,6 +34,7 @@ class phpbb_passwords_helper_test extends \phpbb_test_case 'passwords.driver.md5_vb' => new \phpbb\passwords\driver\md5_vb($config, $this->driver_helper), ); $this->passwords_drivers['passwords.driver.md5_phpbb2'] = new \phpbb\passwords\driver\md5_phpbb2($request, $this->passwords_drivers['passwords.driver.salted_md5'], $phpbb_root_path, $php_ext); + $this->passwords_drivers['passwords.driver.bcrypt_wcf2'] = new \phpbb\passwords\driver\bcrypt_wcf2($this->passwords_drivers['passwords.driver.bcrypt'], $this->driver_helper); } public function data_helper_encode64() diff --git a/tests/passwords/manager_test.php b/tests/passwords/manager_test.php index c6ae7db036..91e1035791 100644 --- a/tests/passwords/manager_test.php +++ b/tests/passwords/manager_test.php @@ -40,6 +40,7 @@ class phpbb_passwords_manager_test extends \phpbb_test_case 'passwords.driver.md5_vb' => new \phpbb\passwords\driver\md5_vb($config, $this->driver_helper), ); $this->passwords_drivers['passwords.driver.md5_phpbb2'] = new \phpbb\passwords\driver\md5_phpbb2($request, $this->passwords_drivers['passwords.driver.salted_md5'], $phpbb_root_path, $php_ext); + $this->passwords_drivers['passwords.driver.bcrypt_wcf2'] = new \phpbb\passwords\driver\bcrypt_wcf2($this->passwords_drivers['passwords.driver.bcrypt'], $this->driver_helper); $this->helper = new \phpbb\passwords\helper; // Set up passwords manager |