blob: 12400cf3767e6e43c990f3c1a1ba54e84dd5b82e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
<?php
/**
*
* @package phpBB3
* @copyright (c) 2013 phpBB Group
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
*
*/
/**
* @ignore
*/
if (!defined('IN_PHPBB'))
{
exit;
}
/**
* @package crypto
*/
class phpbb_crypto_driver_bcrypt extends phpbb_crypto_driver_base
{
const PREFIX = '$2a$';
/**
* @inheritdoc
*/
public function get_prefix()
{
return self::PREFIX;
}
/**
* @inheritdoc
*/
public function get_type()
{
return get_class($this);
}
/**
* @inheritdoc
*/
public function hash($password, $salt = '')
{
// The 2x and 2y prefixes of bcrypt might not be supported
// Revert to 2a if this is the case
$prefix = (!$this->is_supported()) ? '$2a$' : $this->get_prefix();
if ($salt == '')
{
$salt = $prefix . '10$' . $this->get_random_salt();
}
$hash = crypt($password, $salt);
return $hash;
}
/**
* @inheritdoc
*/
public function check($password, $hash)
{
$salt = substr($hash, strpos($hash, '$', 4) + 1, 22);
var_dump('bcrypt salt: ' . $salt . ' with length ' . strlen($salt));
if (strlen($salt) != 22)
{
return false;
}
if ($hash == $this->hash($password, $salt))
{
return true;
}
return false;
}
/**
* Get a random salt value with a length of 22 characters
*
* @return string Salt for password hashing
*/
protected function get_random_salt()
{
return substr(str_replace('+', '.', bin2hex(openssl_random_pseudo_bytes(22))), 0, 22);
}
}
|
