mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-16 08:18:53 +00:00
3f70699aa3
We will be using the same method inside the driver helper class for all hash types. This is the same function that has been used for the salted md5 hash of phpBB 3.0. PHPBB3-11610
86 lines
1.3 KiB
PHP
86 lines
1.3 KiB
PHP
<?php
|
|
/**
|
|
*
|
|
* @package phpBB3
|
|
* @copyright (c) 2013 phpBB Group
|
|
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
|
|
*
|
|
*/
|
|
|
|
/**
|
|
* @ignore
|
|
*/
|
|
if (!defined('IN_PHPBB'))
|
|
{
|
|
exit;
|
|
}
|
|
|
|
/**
|
|
* @package crypto
|
|
*/
|
|
class phpbb_crypto_driver_bcrypt extends phpbb_crypto_driver_base
|
|
{
|
|
const PREFIX = '$2a$';
|
|
|
|
/**
|
|
* @inheritdoc
|
|
*/
|
|
public function get_prefix()
|
|
{
|
|
return self::PREFIX;
|
|
}
|
|
|
|
/**
|
|
* @inheritdoc
|
|
*/
|
|
public function get_type()
|
|
{
|
|
return get_class($this);
|
|
}
|
|
|
|
/**
|
|
* @inheritdoc
|
|
*/
|
|
public function hash($password, $salt = '')
|
|
{
|
|
// The 2x and 2y prefixes of bcrypt might not be supported
|
|
// Revert to 2a if this is the case
|
|
$prefix = (!$this->is_supported()) ? '$2a$' : $this->get_prefix();
|
|
|
|
if ($salt == '')
|
|
{
|
|
$salt = $prefix . '10$' . $this->get_random_salt();
|
|
}
|
|
|
|
$hash = crypt($password, $salt);
|
|
return $hash;
|
|
}
|
|
|
|
/**
|
|
* @inheritdoc
|
|
*/
|
|
public function check($password, $hash)
|
|
{
|
|
$salt = substr($hash, 0, 29);
|
|
if (strlen($salt) != 29)
|
|
{
|
|
return false;
|
|
}
|
|
|
|
if ($hash == $this->hash($password, $salt))
|
|
{
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Get a random salt value with a length of 22 characters
|
|
*
|
|
* @return string Salt for password hashing
|
|
*/
|
|
protected function get_random_salt()
|
|
{
|
|
return $this->helper->hash_encode64($this->helper->get_random_salt(22), 22);
|
|
}
|
|
}
|