/**
* @test
*/
public function base64EncodeReturnsProperLength()
{
// 3 Bytes should result in a 6 char length base64 encoded string
// used for MD5 and PHPass salted hashing
$byteLength = 3;
$reqLengthBase64 = intval(ceil($byteLength * 8 / 6));
$randomBytes = t3lib_div::generateRandomBytes($byteLength);
$this->assertTrue(strlen($this->objectInstance->base64Encode($randomBytes, $byteLength)) == $reqLengthBase64);
// 16 Bytes should result in a 22 char length base64 encoded string
// used for Blowfish salted hashing
$byteLength = 16;
$reqLengthBase64 = intval(ceil($byteLength * 8 / 6));
$randomBytes = t3lib_div::generateRandomBytes($byteLength);
$this->assertTrue(strlen($this->objectInstance->base64Encode($randomBytes, $byteLength)) == $reqLengthBase64);
}
/**
* Checks the login data with the user record data for builtin login method.
*
* @param array user data array
* @param array login data array
* @param string login security level (optional)
* @return boolean TRUE if login data matched
*/
function compareUident(array $user, array $loginData, $security_level = 'normal')
{
$validPasswd = FALSE;
// could be merged; still here to clarify
if (!strcmp(TYPO3_MODE, 'BE')) {
$password = $loginData['uident_text'];
} else {
if (!strcmp(TYPO3_MODE, 'FE')) {
$password = $loginData['uident_text'];
}
}
// determine method used for given salted hashed password
$this->objInstanceSaltedPW = tx_saltedpasswords_salts_factory::getSaltingInstance($user['password']);
// existing record is in format of Salted Hash password
if (is_object($this->objInstanceSaltedPW)) {
$validPasswd = $this->objInstanceSaltedPW->checkPassword($password, $user['password']);
// record is in format of Salted Hash password but authentication failed
// skip further authentication methods
if (!$validPasswd) {
$this->authenticationFailed = TRUE;
}
$defaultHashingClassName = tx_saltedpasswords_div::getDefaultSaltingHashingMethod();
$skip = FALSE;
// test for wrong salted hashing method
if ($validPasswd && !(get_class($this->objInstanceSaltedPW) == $defaultHashingClassName) || is_subclass_of($this->objInstanceSaltedPW, $defaultHashingClassName)) {
// instanciate default method class
$this->objInstanceSaltedPW = tx_saltedpasswords_salts_factory::getSaltingInstance(NULL);
$this->updatePassword(intval($user['uid']), array('password' => $this->objInstanceSaltedPW->getHashedPassword($password)));
}
if ($validPasswd && !$skip && $this->objInstanceSaltedPW->isHashUpdateNeeded($user['password'])) {
$this->updatePassword(intval($user['uid']), array('password' => $this->objInstanceSaltedPW->getHashedPassword($password)));
}
// we process also clear-text, md5 and passwords updated by Portable PHP password hashing framework
} else {
if (!intval($this->extConf['forceSalted'])) {
// stored password is in deprecated salted hashing method
if (t3lib_div::inList('C$,M$', substr($user['password'], 0, 2))) {
// instanciate default method class
$this->objInstanceSaltedPW = tx_saltedpasswords_salts_factory::getSaltingInstance(substr($user['password'], 1));
// md5
if (!strcmp(substr($user['password'], 0, 1), 'M')) {
$validPasswd = $this->objInstanceSaltedPW->checkPassword(md5($password), substr($user['password'], 1));
} else {
$validPasswd = $this->objInstanceSaltedPW->checkPassword($password, substr($user['password'], 1));
}
// skip further authentication methods
if (!$validPasswd) {
$this->authenticationFailed = TRUE;
}
// password is stored as md5
} else {
if (preg_match('/[0-9abcdef]{32,32}/', $user['password'])) {
$validPasswd = !strcmp(md5($password), $user['password']) ? TRUE : FALSE;
// skip further authentication methods
if (!$validPasswd) {
$this->authenticationFailed = TRUE;
}
// password is stored plain or unrecognized format
} else {
$validPasswd = !strcmp($password, $user['password']) ? TRUE : FALSE;
}
}
// should we store the new format value in DB?
if ($validPasswd && intval($this->extConf['updatePasswd'])) {
// instanciate default method class
$this->objInstanceSaltedPW = tx_saltedpasswords_salts_factory::getSaltingInstance(NULL);
$this->updatePassword(intval($user['uid']), array('password' => $this->objInstanceSaltedPW->getHashedPassword($password)));
}
}
}
return $validPasswd;
}