/**
* create
*
* @param string $password
*
* @return string
*/
public function create($password)
{
$salt = $this->salt ?: str_replace('+', '.', base64_encode(CryptHelper::genRandomBytes(64)));
switch ($this->type) {
case static::MD5:
$salt = '$1$' . $salt . '$';
break;
case static::SHA256:
$cost = CryptHelper::limitInteger($this->cost, 1000);
$salt = '$5$rounds=' . $cost . '$' . $salt . '$';
break;
case static::SHA512:
$cost = CryptHelper::limitInteger($this->cost, 1000);
$salt = '$6$rounds=' . $cost . '$' . $salt . '$';
break;
default:
case static::BLOWFISH:
$prefix = version_compare(PHP_VERSION, '5.3.7') >= 0 ? '$2y$' : '$2a$';
$salt = CryptHelper::repeatToLength($salt, 21);
$salt = $prefix . CryptHelper::limitInteger($this->cost, 4, 31) . '$' . $salt . '$';
break;
}
return crypt($password, $salt);
}
/**
* Generate a random password.
*
* This is a fork of Joomla JUserHelper::genRandomPassword()
*
* @param integer $length Length of the password to generate
*
* @return string Random Password
*
* @see https://github.com/joomla/joomla-cms/blob/staging/libraries/joomla/user/helper.php#L642
* @since 2.0.9
*/
public static function genRandomPassword($length = 8)
{
$salt = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$base = strlen($salt);
$password = '';
/*
* Start with a cryptographic strength random string, then convert it to
* a string with the numeric base of the salt.
* Shift the base conversion on each character so the character
* distribution is even, and randomize the start shift so it's not
* predictable.
*/
$random = CryptHelper::genRandomBytes($length + 1);
$shift = ord($random[0]);
for ($i = 1; $i <= $length; ++$i) {
$password .= $salt[($shift + ord($random[$i])) % $base];
$shift += ord($random[$i]);
}
return $password;
}
