MediaWiki  REL1_24
EncryptedPassword.php
Go to the documentation of this file.
00001 <?php
00029 class EncryptedPassword extends ParameterizedPassword {
00030     protected function getDelimiter() {
00031         return ':';
00032     }
00033 
00034     protected function getDefaultParams() {
00035         return array(
00036             'cipher' => $this->config['cipher'],
00037             'secret' => count( $this->config['secrets'] ) - 1
00038         );
00039     }
00040 
00041     public function crypt( $password ) {
00042         $secret = $this->config['secrets'][$this->params['secret']];
00043 
00044         if ( $this->hash ) {
00045             $underlyingPassword = $this->factory->newFromCiphertext( openssl_decrypt(
00046                     base64_decode( $this->hash ), $this->params['cipher'],
00047                     $secret, 0, base64_decode( $this->args[0] )
00048                 ) );
00049         } else {
00050             $underlyingPassword = $this->factory->newFromType( $this->config['underlying'], $this->config );
00051         }
00052 
00053         $underlyingPassword->crypt( $password );
00054         $iv = MWCryptRand::generate( openssl_cipher_iv_length( $this->params['cipher'] ), true );
00055 
00056         $this->hash = openssl_encrypt(
00057             $underlyingPassword->toString(), $this->params['cipher'], $secret, 0, $iv );
00058         $this->args = array( base64_encode( $iv ) );
00059     }
00060 
00067     public function update() {
00068         if ( count( $this->args ) != 2 || $this->params == $this->getDefaultParams() ) {
00069             // Hash does not need updating
00070             return false;
00071         }
00072 
00073         // Decrypt the underlying hash
00074         $underlyingHash = openssl_decrypt(
00075             base64_decode( $this->args[1] ),
00076             $this->params['cipher'],
00077             $this->config['secrets'][$this->params['secret']],
00078             0,
00079             base64_decode( $this->args[0] )
00080         );
00081 
00082         // Reset the params
00083         $this->params = $this->getDefaultParams();
00084 
00085         // Check the key size with the new params
00086         $iv = MWCryptRand::generate( openssl_cipher_iv_length( $this->params['cipher'] ), true );
00087         $this->hash = base64_encode( openssl_encrypt(
00088                 $underlyingHash,
00089                 $this->params['cipher'],
00090                 $this->config['secrets'][$this->params['secret']],
00091                 0,
00092                 $iv
00093             ) );
00094         $this->args = array( base64_encode( $iv ) );
00095 
00096         return true;
00097     }
00098 }