CryptLib/Key/Derivation/PBKDF/BCrypt.php

   1 <?php
   2 /**
   3  * An implementation of the crypt library's Blowfish hash method
   4  *
   5  * PHP version 5.3
   6  *
   7  * @category   PHPCryptLib
   8  * @package    Key
   9  * @subpackage Derivation
  10  * @author     Anthony Ferrara <ircmaxell@ircmaxell.com>
  11  * @copyright  2011 The Authors
  12  * @license    http://www.opensource.org/licenses/mit-license.html  MIT License
  13  * @version    Build @@version@@
  14  */
  15
  16 namespace CryptLib\Key\Derivation\PBKDF;
  17
  18 /**
  19  * An implementation of the crypt library's Blowfish hash method
  20  *
  21  * @category   PHPCryptLib
  22  * @package    Key
  23  * @subpackage Derivation
  24  * @author     Anthony Ferrara <ircmaxell@ircmaxell.com>
  25  */
  26 class BCrypt
  27     extends \CryptLib\Key\Derivation\AbstractDerivation
  28     implements \CryptLib\Key\Derivation\PBKDF
  29 {
  30
  31     /**
  32      * Derive a key from the supplied arguments
  33      *
  34      * @param string $password   The password to derive from
  35      * @param string $salt       The salt string to use
  36      * @param int    $iterations The number of iterations to use
  37      * @param int    $length     The size of the string to generate
  38      *
  39      * @return string The derived key
  40      */
  41     public function derive($password, $salt, $iterations, $length) {
  42         $salt = $this->encode64($salt);
  43         if (strlen($salt) > 22) {
  44             $salt = substr($salt, 0, 22);
  45         } elseif (strlen($salt) < 22) {
  46             $salt = str_pad($salt, '0');
  47         }
  48         $expense = ceil(log($iterations, 2));
  49         $expense = $expense < 4 ? 4 : $expense;
  50         $expense = $expense > 31 ? 31 : $expense;
  51         $salt    = '$2a$'.str_pad($expense, 2, '0', STR_PAD_LEFT).'$'.$salt;
  52         return crypt($password, $salt);
  53     }
  54
  55     /**
  56      * Get the signature for this implementation
  57      *
  58      * This should include all information needed to build the same isntance
  59      * later.
  60      *
  61      * @return string The signature for this instance
  62      */
  63     public function getSignature() {
  64         return 'bcrypt';
  65     }
  66
  67     /**
  68      * Encode a string for a blowfish salt
  69      *
  70      * @param string $string The string to encode
  71      *
  72      * @return The encoded string
  73      */
  74     protected function encode64($string) {
  75         return str_replace(
  76             array('+', '='),
  77             array('.', '/'),
  78             base64_encode($string)
  79         );
  80     }
  81 }
  82