MediaWiki REL1_30
BcryptPassword.php
Go to the documentation of this file.
1<?php
32 protected function getDefaultParams() {
33 return [
34 'rounds' => $this->config['cost'],
35 ];
36 }
37
38 protected function getDelimiter() {
39 return '$';
40 }
41
42 protected function parseHash( $hash ) {
43 parent::parseHash( $hash );
44
45 $this->params['rounds'] = (int)$this->params['rounds'];
46 }
47
54 public function crypt( $password ) {
55 if ( !defined( 'CRYPT_BLOWFISH' ) ) {
56 throw new MWException( 'Bcrypt is not supported.' );
57 }
58
59 // Either use existing hash or make a new salt
60 // Bcrypt expects 22 characters of base64-encoded salt
61 // Note: bcrypt does not use MIME base64. It uses its own base64 without any '=' padding.
62 // It expects a 128 bit salt, so it will ignore anything after the first 128 bits
63 if ( !isset( $this->args[0] ) ) {
64 $this->args[] = substr(
65 // Replace + with ., because bcrypt uses a non-MIME base64 format
66 strtr(
67 // Random base64 encoded string
68 base64_encode( MWCryptRand::generate( 16, true ) ),
69 '+', '.'
70 ),
71 0, 22
72 );
73 }
74
75 $hash = crypt( $password,
76 sprintf( '$2y$%02d$%s', (int)$this->params['rounds'], $this->args[0] ) );
77
78 if ( !is_string( $hash ) || strlen( $hash ) <= 13 ) {
79 throw new PasswordError( 'Error when hashing password.' );
80 }
81
82 // Strip the $2y$
83 $parts = explode( $this->getDelimiter(), substr( $hash, 4 ) );
84 $this->params['rounds'] = (int)$parts[0];
85 $this->args[0] = substr( $parts[1], 0, 22 );
86 $this->hash = substr( $parts[1], 22 );
87 }
88}
A Bcrypt-hashed password.
parseHash( $hash)
Perform any parsing necessary on the hash to see if the hash is valid and/or to perform logic for see...
getDelimiter()
Returns the delimiter for the parameters inside the hash.
crypt( $password)
getDefaultParams()
Return an ordered array of default parameters for this password hash.
static generate( $bytes, $forceStrong=false)
Generate a run of (ideally) cryptographically random data and return it in raw binary form.
MediaWiki exception.
Helper class for password hash types that have a delimited set of parameters inside of the hash.
Show an error when any operation involving passwords fails to run.
string $hash
String representation of the hash without the type.
Definition Password.php:76