From 78a83691738a2bcd0e6cb27b5dcbda8809a5d615 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 15 Jun 2013 10:11:05 +0200
Subject: [PATCH] [feature/passwords] Add basic bcrypt drivers for $2a$ & $2y$
 prefix

The $2a$ prefix is the basic implementation with the $2y$ prefix extending
that class. However, the default hashes for phpBB should be generated with
$2y$ unless the PHP version is older than 5.3.7.

PHPBB3-11610
---
 phpBB/includes/crypto/driver/bcrypt.php    | 87 ++++++++++++++++++++++
 phpBB/includes/crypto/driver/bcrypt_2y.php | 48 ++++++++++++
 2 files changed, 135 insertions(+)
 create mode 100644 phpBB/includes/crypto/driver/bcrypt.php
 create mode 100644 phpBB/includes/crypto/driver/bcrypt_2y.php

diff --git a/phpBB/includes/crypto/driver/bcrypt.php b/phpBB/includes/crypto/driver/bcrypt.php
new file mode 100644
index 0000000000..8fe9b91ab8
--- /dev/null
+++ b/phpBB/includes/crypto/driver/bcrypt.php
@@ -0,0 +1,87 @@
+<?php
+/**
+*
+* @package phpBB3
+* @copyright (c) 2013 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
+/**
+* @package crypto
+*/
+class phpbb_crypto_driver_bcrypt extends phpbb_crypto_driver_base
+{
+	const PREFIX = '$2a$';
+
+	/**
+	* @inheritdoc
+	*/
+	public function get_prefix()
+	{
+		return self::PREFIX;
+	}
+
+	/**
+	* @inheritdoc
+	*/
+	public function get_type()
+	{
+		return get_class($this);
+	}
+
+	/**
+	* @inheritdoc
+	*/
+	public function hash($password, $salt = '')
+	{
+		// The 2x and 2y prefixes of bcrypt might not be supported
+		// Revert to 2a if this is the case
+		$prefix = (!$this->is_supported()) ? '$2a$' : self::PREFIX;
+
+		if ($salt == '')
+		{
+			$salt = $prefix . '10$' . $this->get_random_salt();
+		}
+
+		$hash = crypt($password, $salt);
+		return $hash;
+	}
+
+	/**
+	* @inheritdoc
+	*/
+	public function check($password, $hash)
+	{
+		$salt = substr($hash, strpos($hash, '$', 4) + 1, 22);
+		var_dump('bcrypt salt: ' . $salt . ' with length ' . strlen($salt));
+		if (strlen($salt) != 22)
+		{
+			return false;
+		}
+
+		if ($hash == $this->hash($password, $salt))
+		{
+			return true;
+		}
+		return false;
+	}
+
+	/**
+	* Get a random salt value with a length of 22 characters
+	*
+	* @return string Salt for password hashing
+	*/
+	protected function get_random_salt()
+	{
+		return substr(str_replace('+', '.', bin2hex(openssl_random_pseudo_bytes(22))), 0, 22);
+	}
+}
diff --git a/phpBB/includes/crypto/driver/bcrypt_2y.php b/phpBB/includes/crypto/driver/bcrypt_2y.php
new file mode 100644
index 0000000000..8bce171a25
--- /dev/null
+++ b/phpBB/includes/crypto/driver/bcrypt_2y.php
@@ -0,0 +1,48 @@
+<?php
+/**
+*
+* @package phpBB3
+* @copyright (c) 2013 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
+/**
+* @package crypto
+*/
+class phpbb_crypto_driver_bcrypt_2y extends phpbb_crypto_driver_bcrypt
+{
+	const PREFIX = '$2y$';
+
+	/**
+	* @inheritdoc
+	*/
+	public function get_prefix()
+	{
+		return self::PREFIX;
+	}
+
+	/**
+	* @inheritdoc
+	*/
+	public function get_type()
+	{
+		return get_class($this);
+	}
+
+	/**
+	* @inheritdoc
+	*/
+	public function is_supported()
+	{
+		return (version_compare(PHP_VERSION, '5.3.7', '<')) ? false : true;
+	}
+}