| [ Index ] |
PHP Cross Reference of MediaWiki-1.24.0 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * Implements the EncryptedPassword class for the MediaWiki software. 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation; either version 2 of the License, or 8 * (at your option) any later version. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License along 16 * with this program; if not, write to the Free Software Foundation, Inc., 17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 18 * http://www.gnu.org/copyleft/gpl.html 19 * 20 * @file 21 */ 22 23 /** 24 * Helper class for passwords that use another password hash underneath it 25 * and encrypts that hash with a configured secret. 26 * 27 * @since 1.24 28 */ 29 class EncryptedPassword extends ParameterizedPassword { 30 protected function getDelimiter() { 31 return ':'; 32 } 33 34 protected function getDefaultParams() { 35 return array( 36 'cipher' => $this->config['cipher'], 37 'secret' => count( $this->config['secrets'] ) - 1 38 ); 39 } 40 41 public function crypt( $password ) { 42 $secret = $this->config['secrets'][$this->params['secret']]; 43 44 if ( $this->hash ) { 45 $underlyingPassword = $this->factory->newFromCiphertext( openssl_decrypt( 46 base64_decode( $this->hash ), $this->params['cipher'], 47 $secret, 0, base64_decode( $this->args[0] ) 48 ) ); 49 } else { 50 $underlyingPassword = $this->factory->newFromType( $this->config['underlying'], $this->config ); 51 } 52 53 $underlyingPassword->crypt( $password ); 54 $iv = MWCryptRand::generate( openssl_cipher_iv_length( $this->params['cipher'] ), true ); 55 56 $this->hash = openssl_encrypt( 57 $underlyingPassword->toString(), $this->params['cipher'], $secret, 0, $iv ); 58 $this->args = array( base64_encode( $iv ) ); 59 } 60 61 /** 62 * Updates the underlying hash by encrypting it with the newest secret. 63 * 64 * @throws MWException If the configuration is not valid 65 * @return bool True if the password was updated 66 */ 67 public function update() { 68 if ( count( $this->args ) != 2 || $this->params == $this->getDefaultParams() ) { 69 // Hash does not need updating 70 return false; 71 } 72 73 // Decrypt the underlying hash 74 $underlyingHash = openssl_decrypt( 75 base64_decode( $this->args[1] ), 76 $this->params['cipher'], 77 $this->config['secrets'][$this->params['secret']], 78 0, 79 base64_decode( $this->args[0] ) 80 ); 81 82 // Reset the params 83 $this->params = $this->getDefaultParams(); 84 85 // Check the key size with the new params 86 $iv = MWCryptRand::generate( openssl_cipher_iv_length( $this->params['cipher'] ), true ); 87 $this->hash = base64_encode( openssl_encrypt( 88 $underlyingHash, 89 $this->params['cipher'], 90 $this->config['secrets'][$this->params['secret']], 91 0, 92 $iv 93 ) ); 94 $this->args = array( base64_encode( $iv ) ); 95 96 return true; 97 } 98 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Fri Nov 28 14:03:12 2014 | Cross-referenced by PHPXref 0.7.1 |