68 |
68 |
parent::__construct($iIterationCountLog2, $bPortableHashes);
|
69 |
69 |
}
|
70 |
70 |
/**
|
|
71 |
* make hash from password
|
71 |
72 |
* @param string password to hash
|
72 |
73 |
* @return string generated hash. Null if failed.
|
73 |
74 |
*/
|
74 |
|
public function hashPassword($sPassword)
|
|
75 |
public function makeHash($sPassword)
|
75 |
76 |
{
|
76 |
77 |
$sNewHash = parent::HashPassword($sPassword);
|
77 |
78 |
return ($sNewHash == '*') ? null : $sNewHash;
|
... | ... | |
81 |
82 |
* @param string existing stored hash
|
82 |
83 |
* @return bool true if PW matches the stored hash
|
83 |
84 |
*/
|
84 |
|
public function checkPassword($sPassword, $sStoredHash)
|
|
85 |
public function checkIt($sPassword, $sStoredHash)
|
85 |
86 |
{
|
86 |
87 |
// compatibility layer for deprecated, simple and old MD5 hashes
|
87 |
88 |
if(preg_match('/^[0-9a-f]{32}$/si', $sStoredHash)) {
|
... | ... | |
90 |
91 |
return parent::CheckPassword($sPassword, $sStoredHash);
|
91 |
92 |
}
|
92 |
93 |
/**
|
|
94 |
* Check password for forbidden characters
|
|
95 |
* @param string password to test
|
|
96 |
* @return bool
|
|
97 |
*/
|
|
98 |
public static function isValid($sPassword)
|
|
99 |
{
|
|
100 |
$sBlackList = '\"\'\,\;\<\>\?\\\{\|\}\~ '
|
|
101 |
. '\x00-\x20\x22\x27\x2c\x3b\x3c\x3e\x3f\x5c\x7b-\x7f\xff';
|
|
102 |
$bRetval = !preg_match('/['.$sBlackList.']/si', $sPassword);
|
|
103 |
return $bRetval;
|
|
104 |
}
|
|
105 |
/**
|
93 |
106 |
* generate a case sensitive mnemonic password including numbers and special chars
|
94 |
107 |
* makes no use of confusing characters like 'O' and '0' and so on.
|
95 |
108 |
* @param int length of the generated password. default = PW_LENGTH_DEFAULT
|
... | ... | |
103 |
116 |
array('B','C','D','F','G','H','J','K','M','N','P','Q','R','S','T','V','W','X','Y','Z'),
|
104 |
117 |
array('a','e','i','o','u'),
|
105 |
118 |
array('A','E','U'),
|
106 |
|
array('!','-','@','_',':','.','+','%','/','*')
|
|
119 |
array('!','-','@','_',':','.','+','%','/','*','=')
|
107 |
120 |
);
|
108 |
121 |
$iElements = ($iElements & self::PW_USE_ALL) == 0 ? self::PW_USE_ALL : $iElements;
|
109 |
122 |
if(($iLength < self::PW_LENGTH_MIN) || ($iLength > self::PW_LENGTH_MAX)) {
|
added new static Method Password::isValid() It checks a new password for invalid characters