Revision 1932
Added by darkviper almost 11 years ago
| Password.php | ||
|---|---|---|
| 35 | 35 |
include(dirname(dirname(__FILE__)).'/include/phpass/PasswordHash.php'); |
| 36 | 36 |
} |
| 37 | 37 |
|
| 38 |
class Password extends PasswordHash
|
|
| 38 |
class Password |
|
| 39 | 39 |
{
|
| 40 | 40 |
|
| 41 | 41 |
const CRYPT_LOOPS_MIN = 6; // minimum numbers of loops is 2^6 (64) very quick but unsecure |
| ... | ... | |
| 58 | 58 |
/** holds the active singleton instance */ |
| 59 | 59 |
private static $_oInstance = null; |
| 60 | 60 |
|
| 61 |
protected $oHashMethods = null;
|
|
| 61 |
private $oPwHashClass = null;
|
|
| 62 | 62 |
protected $iIterationCountLog2 = self::CRYPT_LOOPS_DEFAULT; |
| 63 | 63 |
protected $bPortableHashes = self::HASH_TYPE_AUTO; |
| 64 | 64 |
|
| ... | ... | |
| 67 | 67 |
*/ |
| 68 | 68 |
protected function __construct() |
| 69 | 69 |
{
|
| 70 |
parent::__construct(self::CRYPT_LOOPS_DEFAULT, self::HASH_TYPE_AUTO); |
|
| 71 | 70 |
} |
| 72 | 71 |
/** |
| 73 | 72 |
* dissable cloning |
| ... | ... | |
| 79 | 78 |
* get current instance or create new one |
| 80 | 79 |
* @return Password |
| 81 | 80 |
*/ |
| 82 |
public static function getInstance() |
|
| 81 |
public static function getInstance($oPwHash = null)
|
|
| 83 | 82 |
{
|
| 84 | 83 |
if( is_null(self::$_oInstance) ) {
|
| 85 |
$c = __CLASS__; |
|
| 86 |
self::$_oInstance = new $c; |
|
| 87 |
self::$_oInstance->setIteration(self::CRYPT_LOOPS_DEFAULT); |
|
| 88 |
self::$_oInstance->setHashType(self::HASH_TYPE_AUTO); |
|
| 84 |
if(is_object($oPwHash) && ($oPwHash instanceof PasswordHashInterface) ) {
|
|
| 85 |
$c = __CLASS__; |
|
| 86 |
self::$_oInstance = new $c; |
|
| 87 |
self::$_oInstance->oPwHashClass = $oPwHash; |
|
| 88 |
self::$_oInstance->setIteration(self::CRYPT_LOOPS_DEFAULT); |
|
| 89 |
self::$_oInstance->setHashType(self::HASH_TYPE_AUTO); |
|
| 90 |
}else {
|
|
| 91 |
throw new PasswordException('hashing class is not an object or does not implement PasswordHashInterface');
|
|
| 92 |
} |
|
| 89 | 93 |
} |
| 90 |
return self::$oInstance; |
|
| 94 |
return self::$_oInstance;
|
|
| 91 | 95 |
} |
| 92 | 96 |
/** |
| 93 | 97 |
* set the number of iterations |
| ... | ... | |
| 95 | 99 |
*/ |
| 96 | 100 |
public function setIteration($iIterationCountLog2 = self::CRYPT_LOOPS_DEFAULT) |
| 97 | 101 |
{
|
| 98 |
$this->iteration_count_log2 = min(max($iIterationCountLog2, self::CRYPT_LOOPS_MIN), self::CRYPT_LOOPS_MAX); |
|
| 102 |
$this->$iIterationCountLog2 = min(max($iIterationCountLog2, self::CRYPT_LOOPS_MIN), self::CRYPT_LOOPS_MAX); |
|
| 103 |
$this->oPwHashClass->setParams($this->iIterationCountLog2, $this->bPortableHashes); |
|
| 99 | 104 |
} |
| 100 | 105 |
/** |
| 101 | 106 |
* set type of hash generation |
| ... | ... | |
| 107 | 112 |
public function setHashType($bPortableHashes = self::HASH_TYPE_AUTO) |
| 108 | 113 |
{
|
| 109 | 114 |
if(version_compare('5.3', PHP_VERSION, '<')) {
|
| 110 |
$this->portable_hashes = self::HASH_TYPE_PORTABLE;
|
|
| 115 |
$this->bPortableHashes = self::HASH_TYPE_PORTABLE;
|
|
| 111 | 116 |
}else {
|
| 112 |
$this->portable_hashes = (boolean)$bPortableHashes;
|
|
| 117 |
$this->bPortableHashes = (boolean)$bPortableHashes;
|
|
| 113 | 118 |
} |
| 119 |
$this->oPwHashClass->setParams($this->iIterationCountLog2, $this->bPortableHashes); |
|
| 114 | 120 |
} |
| 115 | 121 |
/** |
| 116 | 122 |
* make hash from password |
| ... | ... | |
| 119 | 125 |
*/ |
| 120 | 126 |
public function makeHash($sPassword) |
| 121 | 127 |
{
|
| 122 |
$sNewHash = parent::HashPassword($sPassword); |
|
| 128 |
if(!is_object($this->oPwHashClass)) {
|
|
| 129 |
throw new PasswordException('Missing Object to calculate hashes');
|
|
| 130 |
} |
|
| 131 |
$sNewHash = $this->oPwHashClass->HashPassword($sPassword); |
|
| 123 | 132 |
return ($sNewHash == '*') ? null : $sNewHash; |
| 124 | 133 |
} |
| 125 | 134 |
/** |
| ... | ... | |
| 129 | 138 |
*/ |
| 130 | 139 |
public function checkIt($sPassword, $sStoredHash) |
| 131 | 140 |
{
|
| 141 |
if(!is_object($this->oPwHashClass)) {
|
|
| 142 |
throw new PasswordException('Missing Object to calculate hashes');
|
|
| 143 |
} |
|
| 132 | 144 |
// compatibility layer for deprecated, simple and old MD5 hashes |
| 133 | 145 |
if(preg_match('/^[0-9a-f]{32}$/si', $sStoredHash)) {
|
| 134 | 146 |
return (md5($sPassword) === $sStoredHash); |
| 135 | 147 |
} |
| 136 |
return parent::CheckPassword($sPassword, $sStoredHash);
|
|
| 148 |
return $this->oPwHashClass->CheckPassword($sPassword, $sStoredHash);
|
|
| 137 | 149 |
} |
| 138 | 150 |
/** |
| 139 | 151 |
* Check password for forbidden characters |
| ... | ... | |
| 250 | 262 |
return $aPassword; |
| 251 | 263 |
} |
| 252 | 264 |
|
| 253 |
} // end of class PasswordHash |
|
| 265 |
} // end of class Password |
|
| 266 |
// //////////////////////////////////////////////////////////////////////////////////// // |
|
| 267 |
/** |
|
| 268 |
* PasswordException |
|
| 269 |
* |
|
| 270 |
* @category WBCore |
|
| 271 |
* @package WBCore_Security |
|
| 272 |
* @author Werner v.d.Decken <wkl@isteam.de> |
|
| 273 |
* @copyright Werner v.d.Decken <wkl@isteam.de> |
|
| 274 |
* @license http://www.gnu.org/licenses/gpl.html GPL License |
|
| 275 |
* @version 2.9.0 |
|
| 276 |
* @revision $Revision$ |
|
| 277 |
* @lastmodified $Date$ |
|
| 278 |
*/ |
|
| 279 |
class PasswordException extends AppException { }
|
|
Also available in: Unified diff
modified class Password for use with different hashing classes