Revision 1932
Added by darkviper almost 11 years ago
Password.php | ||
---|---|---|
35 | 35 |
include(dirname(dirname(__FILE__)).'/include/phpass/PasswordHash.php'); |
36 | 36 |
} |
37 | 37 |
|
38 |
class Password extends PasswordHash
|
|
38 |
class Password |
|
39 | 39 |
{ |
40 | 40 |
|
41 | 41 |
const CRYPT_LOOPS_MIN = 6; // minimum numbers of loops is 2^6 (64) very quick but unsecure |
... | ... | |
58 | 58 |
/** holds the active singleton instance */ |
59 | 59 |
private static $_oInstance = null; |
60 | 60 |
|
61 |
protected $oHashMethods = null;
|
|
61 |
private $oPwHashClass = null;
|
|
62 | 62 |
protected $iIterationCountLog2 = self::CRYPT_LOOPS_DEFAULT; |
63 | 63 |
protected $bPortableHashes = self::HASH_TYPE_AUTO; |
64 | 64 |
|
... | ... | |
67 | 67 |
*/ |
68 | 68 |
protected function __construct() |
69 | 69 |
{ |
70 |
parent::__construct(self::CRYPT_LOOPS_DEFAULT, self::HASH_TYPE_AUTO); |
|
71 | 70 |
} |
72 | 71 |
/** |
73 | 72 |
* dissable cloning |
... | ... | |
79 | 78 |
* get current instance or create new one |
80 | 79 |
* @return Password |
81 | 80 |
*/ |
82 |
public static function getInstance() |
|
81 |
public static function getInstance($oPwHash = null)
|
|
83 | 82 |
{ |
84 | 83 |
if( is_null(self::$_oInstance) ) { |
85 |
$c = __CLASS__; |
|
86 |
self::$_oInstance = new $c; |
|
87 |
self::$_oInstance->setIteration(self::CRYPT_LOOPS_DEFAULT); |
|
88 |
self::$_oInstance->setHashType(self::HASH_TYPE_AUTO); |
|
84 |
if(is_object($oPwHash) && ($oPwHash instanceof PasswordHashInterface) ) { |
|
85 |
$c = __CLASS__; |
|
86 |
self::$_oInstance = new $c; |
|
87 |
self::$_oInstance->oPwHashClass = $oPwHash; |
|
88 |
self::$_oInstance->setIteration(self::CRYPT_LOOPS_DEFAULT); |
|
89 |
self::$_oInstance->setHashType(self::HASH_TYPE_AUTO); |
|
90 |
}else { |
|
91 |
throw new PasswordException('hashing class is not an object or does not implement PasswordHashInterface'); |
|
92 |
} |
|
89 | 93 |
} |
90 |
return self::$oInstance; |
|
94 |
return self::$_oInstance;
|
|
91 | 95 |
} |
92 | 96 |
/** |
93 | 97 |
* set the number of iterations |
... | ... | |
95 | 99 |
*/ |
96 | 100 |
public function setIteration($iIterationCountLog2 = self::CRYPT_LOOPS_DEFAULT) |
97 | 101 |
{ |
98 |
$this->iteration_count_log2 = min(max($iIterationCountLog2, self::CRYPT_LOOPS_MIN), self::CRYPT_LOOPS_MAX); |
|
102 |
$this->$iIterationCountLog2 = min(max($iIterationCountLog2, self::CRYPT_LOOPS_MIN), self::CRYPT_LOOPS_MAX); |
|
103 |
$this->oPwHashClass->setParams($this->iIterationCountLog2, $this->bPortableHashes); |
|
99 | 104 |
} |
100 | 105 |
/** |
101 | 106 |
* set type of hash generation |
... | ... | |
107 | 112 |
public function setHashType($bPortableHashes = self::HASH_TYPE_AUTO) |
108 | 113 |
{ |
109 | 114 |
if(version_compare('5.3', PHP_VERSION, '<')) { |
110 |
$this->portable_hashes = self::HASH_TYPE_PORTABLE;
|
|
115 |
$this->bPortableHashes = self::HASH_TYPE_PORTABLE;
|
|
111 | 116 |
}else { |
112 |
$this->portable_hashes = (boolean)$bPortableHashes;
|
|
117 |
$this->bPortableHashes = (boolean)$bPortableHashes;
|
|
113 | 118 |
} |
119 |
$this->oPwHashClass->setParams($this->iIterationCountLog2, $this->bPortableHashes); |
|
114 | 120 |
} |
115 | 121 |
/** |
116 | 122 |
* make hash from password |
... | ... | |
119 | 125 |
*/ |
120 | 126 |
public function makeHash($sPassword) |
121 | 127 |
{ |
122 |
$sNewHash = parent::HashPassword($sPassword); |
|
128 |
if(!is_object($this->oPwHashClass)) { |
|
129 |
throw new PasswordException('Missing Object to calculate hashes'); |
|
130 |
} |
|
131 |
$sNewHash = $this->oPwHashClass->HashPassword($sPassword); |
|
123 | 132 |
return ($sNewHash == '*') ? null : $sNewHash; |
124 | 133 |
} |
125 | 134 |
/** |
... | ... | |
129 | 138 |
*/ |
130 | 139 |
public function checkIt($sPassword, $sStoredHash) |
131 | 140 |
{ |
141 |
if(!is_object($this->oPwHashClass)) { |
|
142 |
throw new PasswordException('Missing Object to calculate hashes'); |
|
143 |
} |
|
132 | 144 |
// compatibility layer for deprecated, simple and old MD5 hashes |
133 | 145 |
if(preg_match('/^[0-9a-f]{32}$/si', $sStoredHash)) { |
134 | 146 |
return (md5($sPassword) === $sStoredHash); |
135 | 147 |
} |
136 |
return parent::CheckPassword($sPassword, $sStoredHash);
|
|
148 |
return $this->oPwHashClass->CheckPassword($sPassword, $sStoredHash);
|
|
137 | 149 |
} |
138 | 150 |
/** |
139 | 151 |
* Check password for forbidden characters |
... | ... | |
250 | 262 |
return $aPassword; |
251 | 263 |
} |
252 | 264 |
|
253 |
} // end of class PasswordHash |
|
265 |
} // end of class Password |
|
266 |
// //////////////////////////////////////////////////////////////////////////////////// // |
|
267 |
/** |
|
268 |
* PasswordException |
|
269 |
* |
|
270 |
* @category WBCore |
|
271 |
* @package WBCore_Security |
|
272 |
* @author Werner v.d.Decken <wkl@isteam.de> |
|
273 |
* @copyright Werner v.d.Decken <wkl@isteam.de> |
|
274 |
* @license http://www.gnu.org/licenses/gpl.html GPL License |
|
275 |
* @version 2.9.0 |
|
276 |
* @revision $Revision$ |
|
277 |
* @lastmodified $Date$ |
|
278 |
*/ |
|
279 |
class PasswordException extends AppException { } |
Also available in: Unified diff
modified class Password for use with different hashing classes