Instantly share code, notes, and snippets.

Embed
What would you like to do?
Horde passwd driver for bcrypt passwords
--- passwd-h3-3.1/lib/Driver/sqlbcrypt.php 2009-01-06 16:25:15.000000000 +0100
+++ sqlbcrypt.php 2011-10-28 17:01:12.000000000 +0200
@@ -0,0 +1,37 @@
+<?php
+require("sql.php");
+
+class Passwd_Driver_sqlbcrypt extends Passwd_Driver_sql {
+
+ /**
+ * Compare a plaintext password with an encrypted password.
+ *
+ * @return mixed True if they match, PEAR_Error if they differe.
+ */
+ function comparePasswords($encrypted, $plaintext)
+ {
+ if (preg_match('/^{[^}]+}/', $encrypted, $match)) {
+ $encryption = $match[0];
+ if( $encryption != '{BCrypt}' ) {
+ PEAR::raiseError(_("Incorrect Password Format"));
+ }
+ } else {
+ PEAR::raiseError(_("Incorrect Password Format"));
+ }
+
+ return crypt($plaintext, substr($encrypted,8,29)) == substr($encrypted,8)
+ ? true : PEAR::raiseError(_("Incorrect Password"));
+ }
+
+ /**
+ * Format a password using the current encryption.
+ *
+ * @param string $plaintext The plaintext password to encrypt.
+ *
+ * @return string The crypted password.
+ */
+ function encryptPassword($plaintext)
+ {
+ return "{BCrypt}".crypt($plaintext, "$2a$10$".substr(str_shuffle(str_repeat('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789',5)),0,22));
+ }
+}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment