TYPO3 CMS  TYPO3_6-2
BlowfishSalt.php
Go to the documentation of this file.
1 <?php
2 namespace TYPO3\CMS\Saltedpasswords\Salt;
3 
26 class BlowfishSalt extends \TYPO3\CMS\Saltedpasswords\Salt\Md5Salt {
27 
31  const HASH_COUNT = 7;
36  const MAX_HASH_COUNT = 17;
41  const MIN_HASH_COUNT = 4;
48  static protected $hashCount;
49 
56  static protected $maxHashCount;
57 
64  static protected $minHashCount;
65 
71  static protected $saltLengthBlowfish = 16;
72 
78  static protected $settingBlowfish = '$2a$';
79 
89  protected function applySettingsToSalt($salt) {
90  $saltWithSettings = $salt;
91  $reqLenBase64 = $this->getLengthBase64FromBytes($this->getSaltLength());
92  // salt without setting
93  if (strlen($salt) == $reqLenBase64) {
94  $saltWithSettings = $this->getSetting() . sprintf('%02u', $this->getHashCount()) . '$' . $salt;
95  }
96  return $saltWithSettings;
97  }
98 
105  protected function getCountLog2($setting) {
106  $countLog2 = NULL;
107  $setting = substr($setting, strlen($this->getSetting()));
108  $firstSplitPos = strpos($setting, '$');
109  // Hashcount existing
110  if ($firstSplitPos !== FALSE && $firstSplitPos <= 2 && is_numeric(substr($setting, 0, $firstSplitPos))) {
111  $countLog2 = (int)substr($setting, 0, $firstSplitPos);
112  }
113  return $countLog2;
114  }
115 
124  public function getHashCount() {
125  return isset(self::$hashCount) ? self::$hashCount : self::HASH_COUNT;
126  }
127 
136  public function getMaxHashCount() {
137  return isset(self::$maxHashCount) ? self::$maxHashCount : self::MAX_HASH_COUNT;
138  }
139 
145  public function isAvailable() {
146  return CRYPT_BLOWFISH;
147  }
148 
157  public function getMinHashCount() {
158  return isset(self::$minHashCount) ? self::$minHashCount : self::MIN_HASH_COUNT;
159  }
160 
169  public function getSaltLength() {
170  return self::$saltLengthBlowfish;
171  }
172 
181  public function getSetting() {
182  return self::$settingBlowfish;
183  }
184 
196  public function isHashUpdateNeeded($saltedPW) {
197  // Check whether this was an updated password.
198  if (strncmp($saltedPW, '$2', 2) || !$this->isValidSalt($saltedPW)) {
199  return TRUE;
200  }
201  // Check whether the iteration count used differs from the standard number.
202  $countLog2 = $this->getCountLog2($saltedPW);
203  return !is_NULL($countLog2) && $countLog2 < $this->getHashCount();
204  }
205 
215  public function isValidSalt($salt) {
216  $isValid = ($skip = FALSE);
217  $reqLenBase64 = $this->getLengthBase64FromBytes($this->getSaltLength());
218  if (strlen($salt) >= $reqLenBase64) {
219  // Salt with prefixed setting
220  if (!strncmp('$', $salt, 1)) {
221  if (!strncmp($this->getSetting(), $salt, strlen($this->getSetting()))) {
222  $isValid = TRUE;
223  $salt = substr($salt, strrpos($salt, '$') + 1);
224  } else {
225  $skip = TRUE;
226  }
227  }
228  // Checking base64 characters
229  if (!$skip && strlen($salt) >= $reqLenBase64) {
230  if (preg_match('/^[' . preg_quote($this->getItoa64(), '/') . ']{' . $reqLenBase64 . ',' . $reqLenBase64 . '}$/', substr($salt, 0, $reqLenBase64))) {
231  $isValid = TRUE;
232  }
233  }
234  }
235  return $isValid;
236  }
237 
244  public function isValidSaltedPW($saltedPW) {
245  $isValid = FALSE;
246  $isValid = !strncmp($this->getSetting(), $saltedPW, strlen($this->getSetting())) ? TRUE : FALSE;
247  if ($isValid) {
248  $isValid = $this->isValidSalt($saltedPW);
249  }
250  return $isValid;
251  }
252 
261  public function setHashCount($hashCount = NULL) {
262  self::$hashCount = !is_NULL($hashCount) && is_int($hashCount) && $hashCount >= $this->getMinHashCount() && $hashCount <= $this->getMaxHashCount() ? $hashCount : self::HASH_COUNT;
263  }
264 
273  public function setMaxHashCount($maxHashCount = NULL) {
274  self::$maxHashCount = !is_NULL($maxHashCount) && is_int($maxHashCount) ? $maxHashCount : self::MAX_HASH_COUNT;
275  }
276 
285  public function setMinHashCount($minHashCount = NULL) {
286  self::$minHashCount = !is_NULL($minHashCount) && is_int($minHashCount) ? $minHashCount : self::MIN_HASH_COUNT;
287  }
288 
289 }