Revision 1930
Added by darkviper almost 11 years ago
| Password.php | ||
|---|---|---|
| 31 | 31 |
* ISTeam changes: added SHA-256, SHA-512 (2012/10/27 Werner v.d. Decken) |
| 32 | 32 |
*/ |
| 33 | 33 |
|
| 34 |
// backwardcompatibility for PHP 5.2.2 + WB2.8.x |
|
| 35 | 34 |
if(!class_exists('PasswordHash')) {
|
| 36 |
include(dirname(dirname(__FILE__)).'/include/phpass/PasswordHash.php');
|
|
| 35 |
include(dirname(dirname(__FILE__)).'/include/phpass/PasswordHash.php'); |
|
| 37 | 36 |
} |
| 38 | 37 |
|
| 39 |
|
|
| 40 | 38 |
class Password extends PasswordHash |
| 41 |
//class Password extends vendors\phpass\PasswordHash |
|
| 42 | 39 |
{
|
| 43 | 40 |
|
| 44 |
const CRYPT_LOOPS_MIN = 6; // minimum numbers of loops is 2^6 (64) very, very quick
|
|
| 41 |
const CRYPT_LOOPS_MIN = 6; // minimum numbers of loops is 2^6 (64) very quick but unsecure
|
|
| 45 | 42 |
const CRYPT_LOOPS_MAX = 31; // maximum numbers of loops is 2^31 (2,147,483,648) extremely slow |
| 46 | 43 |
const CRYPT_LOOPS_DEFAULT = 12; // default numbers of loopf is 2^12 (4096) a good average |
| 47 | 44 |
|
| 48 | 45 |
const HASH_TYPE_PORTABLE = true; // use MD5 only |
| 49 |
const HASH_TYPE_AUTO = false; // select highest available crypting methode |
|
| 46 |
const HASH_TYPE_AUTO = false; // select highest available crypting methode (default)
|
|
| 50 | 47 |
|
| 51 | 48 |
const PW_LENGTH_MIN = 6; |
| 52 | 49 |
const PW_LENGTH_MAX = 100; |
| ... | ... | |
| 58 | 55 |
const PW_USE_SPECIAL = 0x0008; // use special chars |
| 59 | 56 |
const PW_USE_ALL = 0xFFFF; // use all possibilities |
| 60 | 57 |
|
| 58 |
/** holds the active singleton instance */ |
|
| 59 |
private static $_oInstance = null; |
|
| 60 |
|
|
| 61 |
protected $oHashMethods = null; |
|
| 62 |
protected $iIterationCountLog2 = self::CRYPT_LOOPS_DEFAULT; |
|
| 63 |
protected $bPortableHashes = self::HASH_TYPE_AUTO; |
|
| 64 |
|
|
| 61 | 65 |
/** |
| 62 |
* |
|
| 63 |
* @param int number of iterations as exponent of 2 (must be between 4 and 31) |
|
| 64 |
* @param bool TRUE = use MD5 only | FALSE = automatic |
|
| 66 |
* constructor |
|
| 65 | 67 |
*/ |
| 66 |
public function __construct($iIterationCountLog2 = self::CRYPT_LOOPS_DEFAULT, $bPortableHashes = self::HASH_TYPE_AUTO)
|
|
| 68 |
protected function __construct()
|
|
| 67 | 69 |
{
|
| 68 |
parent::__construct($iIterationCountLog2, $bPortableHashes);
|
|
| 70 |
parent::__construct(self::CRYPT_LOOPS_DEFAULT, self::HASH_TYPE_AUTO);
|
|
| 69 | 71 |
} |
| 70 | 72 |
/** |
| 73 |
* dissable cloning |
|
| 74 |
*/ |
|
| 75 |
private function __clone() {
|
|
| 76 |
; |
|
| 77 |
} |
|
| 78 |
/** |
|
| 79 |
* get current instance or create new one |
|
| 80 |
* @return Password |
|
| 81 |
*/ |
|
| 82 |
public static function getInstance() |
|
| 83 |
{
|
|
| 84 |
if( is_null(self::$_oInstance) ) {
|
|
| 85 |
$c = __CLASS__; |
|
| 86 |
self::$_oInstance = new $c; |
|
| 87 |
self::$_oInstance->setIteration(self::CRYPT_LOOPS_DEFAULT); |
|
| 88 |
self::$_oInstance->setHashType(self::HASH_TYPE_AUTO); |
|
| 89 |
} |
|
| 90 |
return self::$oInstance; |
|
| 91 |
} |
|
| 92 |
/** |
|
| 93 |
* set the number of iterations |
|
| 94 |
* @param int $iIterationCountLog2 number of iterations defined as the exponent to basic 2 |
|
| 95 |
*/ |
|
| 96 |
public function setIteration($iIterationCountLog2 = self::CRYPT_LOOPS_DEFAULT) |
|
| 97 |
{
|
|
| 98 |
$this->iteration_count_log2 = min(max($iIterationCountLog2, self::CRYPT_LOOPS_MIN), self::CRYPT_LOOPS_MAX); |
|
| 99 |
} |
|
| 100 |
/** |
|
| 101 |
* set type of hash generation |
|
| 102 |
* @param bool $bPortableHashes |
|
| 103 |
* @description HASH_TYPE_AUTO will choose the higest available algorithm to create a hash (default)<br /> |
|
| 104 |
* Attention: it's possible that high level generated hashes from PHP>=5.3 are not validable under PHP<5.3!!<br /> |
|
| 105 |
* HASH_TYPE_PORTABLE choose MD5 hashing with salt and n iterations |
|
| 106 |
*/ |
|
| 107 |
public function setHashType($bPortableHashes = self::HASH_TYPE_AUTO) |
|
| 108 |
{
|
|
| 109 |
if(version_compare('5.3', PHP_VERSION, '<')) {
|
|
| 110 |
$this->portable_hashes = self::HASH_TYPE_PORTABLE; |
|
| 111 |
}else {
|
|
| 112 |
$this->portable_hashes = (boolean)$bPortableHashes; |
|
| 113 |
} |
|
| 114 |
} |
|
| 115 |
/** |
|
| 71 | 116 |
* make hash from password |
| 72 | 117 |
* @param string password to hash |
| 73 | 118 |
* @return string generated hash. Null if failed. |
| ... | ... | |
| 97 | 142 |
*/ |
| 98 | 143 |
public static function isValid($sPassword) |
| 99 | 144 |
{
|
| 145 |
/** @todo extend blacklist with additional utf8 codes */ |
|
| 100 | 146 |
$sBlackList = '\"\'\,\;\<\>\?\\\{\|\}\~ '
|
| 101 | 147 |
. '\x00-\x20\x22\x27\x2c\x3b\x3c\x3e\x3f\x5c\x7b-\x7f\xff'; |
| 102 | 148 |
$bRetval = !preg_match('/['.$sBlackList.']/si', $sPassword);
|
Also available in: Unified diff
implement class Password and activate it (not implemented for use yet)