TYPO3/_blowfish_salt_8php_source.html

<?php

namespace TYPO3\CMS\Saltedpasswords\Salt;


/*

 * This file is part of the TYPO3 CMS project.

 *

 * It is free software; you can redistribute it and/or modify it under

 * the terms of the GNU General Public License, either version 2

 * of the License, or any later version.

 *

 * For the full copyright and license information, please read the

 * LICENSE.txt file that was distributed with this source code.

 *

 * The TYPO3 project - inspiring people to share!

 */


class BlowfishSalt extends Md5Salt

{

    const HASH_COUNT = 7;


    const MAX_HASH_COUNT = 17;


    const MIN_HASH_COUNT = 4;


    protected static $hashCount;


    protected static $maxHashCount;


    protected static $minHashCount;


    protected static $saltLengthBlowfish = 16;


    protected static $settingBlowfish = '$2a$';


    protected function applySettingsToSalt($salt)

    {

        $saltWithSettings = $salt;

        $reqLenBase64 = $this->getLengthBase64FromBytes($this->getSaltLength());

        // salt without setting

        if (strlen($salt) == $reqLenBase64) {

            $saltWithSettings = $this->getSetting() . sprintf('%02u', $this->getHashCount()) . '$' . $salt;

        }

        return $saltWithSettings;

    }


    protected function getCountLog2($setting)

    {

        $countLog2 = null;

        $setting = substr($setting, strlen($this->getSetting()));

        $firstSplitPos = strpos($setting, '$');

        // Hashcount existing

        if ($firstSplitPos !== false && $firstSplitPos <= 2 && is_numeric(substr($setting, 0, $firstSplitPos))) {

            $countLog2 = (int)substr($setting, 0, $firstSplitPos);

        }

        return $countLog2;

    }


    public function getHashCount()

    {

        return isset(self::$hashCount) ? self::$hashCount : self::HASH_COUNT;

    }


    public function getMaxHashCount()

    {

        return isset(self::$maxHashCount) ? self::$maxHashCount : self::MAX_HASH_COUNT;

    }


    public function isAvailable()

    {

        return CRYPT_BLOWFISH;

    }


    public function getMinHashCount()

    {

        return isset(self::$minHashCount) ? self::$minHashCount : self::MIN_HASH_COUNT;

    }


    public function getSaltLength()

    {

        return self::$saltLengthBlowfish;

    }


    public function getSetting()

    {

        return self::$settingBlowfish;

    }


    public function isHashUpdateNeeded($saltedPW)

    {

        // Check whether this was an updated password.

        if (strncmp($saltedPW, '$2', 2) || !$this->isValidSalt($saltedPW)) {

            return true;

        }

        // Check whether the iteration count used differs from the standard number.

        $countLog2 = $this->getCountLog2($saltedPW);

        return !is_NULL($countLog2) && $countLog2 < $this->getHashCount();

    }


    public function isValidSalt($salt)

    {

        $isValid = ($skip = false);

        $reqLenBase64 = $this->getLengthBase64FromBytes($this->getSaltLength());

        if (strlen($salt) >= $reqLenBase64) {

            // Salt with prefixed setting

            if (!strncmp('$', $salt, 1)) {

                if (!strncmp($this->getSetting(), $salt, strlen($this->getSetting()))) {

                    $isValid = true;

                    $salt = substr($salt, strrpos($salt, '$') + 1);

                } else {

                    $skip = true;

                }

            }

            // Checking base64 characters

            if (!$skip && strlen($salt) >= $reqLenBase64) {

                if (preg_match('/^[' . preg_quote($this->getItoa64(), '/') . ']{' . $reqLenBase64 . ',' . $reqLenBase64 . '}$/', substr($salt, 0, $reqLenBase64))) {

                    $isValid = true;

                }

            }

        }

        return $isValid;

    }


    public function isValidSaltedPW($saltedPW)

    {

        $isValid = false;

        $isValid = !strncmp($this->getSetting(), $saltedPW, strlen($this->getSetting()));

        if ($isValid) {

            $isValid = $this->isValidSalt($saltedPW);

        }

        return $isValid;

    }


    public function setHashCount($hashCount = null)

    {

        self::$hashCount = !is_NULL($hashCount) && is_int($hashCount) && $hashCount >= $this->getMinHashCount() && $hashCount <= $this->getMaxHashCount() ? $hashCount : self::HASH_COUNT;

    }


    public function setMaxHashCount($maxHashCount = null)

    {

        self::$maxHashCount = !is_NULL($maxHashCount) && is_int($maxHashCount) ? $maxHashCount : self::MAX_HASH_COUNT;

    }


    public function setMinHashCount($minHashCount = null)

    {

        self::$minHashCount = !is_NULL($minHashCount) && is_int($minHashCount) ? $minHashCount : self::MIN_HASH_COUNT;

    }

}