From 2d7593995ee888da709e21051c4566b3740ef7f2 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Thu, 29 May 2014 16:32:48 +0200
Subject: [PATCH] [ticket/12352] Add driver for woltlab community framework 2
 passwords

PHPBB3-12352
---
 phpBB/config/passwords.yml                   |  8 ++
 phpBB/phpbb/passwords/driver/bcrypt_wcf2.php | 91 ++++++++++++++++++++
 tests/passwords/drivers_test.php             |  1 +
 tests/passwords/manager_test.php             |  1 +
 4 files changed, 101 insertions(+)
 create mode 100644 phpBB/phpbb/passwords/driver/bcrypt_wcf2.php

diff --git a/phpBB/config/passwords.yml b/phpBB/config/passwords.yml
index 52a1bd7e5a..56bbd39917 100644
--- a/phpBB/config/passwords.yml
+++ b/phpBB/config/passwords.yml
@@ -22,6 +22,14 @@ services:
         tags:
             - { name: passwords.driver }
 
+    passwords.driver.bcrypt_wcf2:
+        class: phpbb\passwords\driver\bcrypt_wcf2
+        arguments:
+            - @passwords.driver.bcrypt
+            - @passwords.driver_helper
+        tags:
+            - { name: passwords.driver }
+
     passwords.driver.salted_md5:
         class: phpbb\passwords\driver\salted_md5
         arguments:
diff --git a/phpBB/phpbb/passwords/driver/bcrypt_wcf2.php b/phpBB/phpbb/passwords/driver/bcrypt_wcf2.php
new file mode 100644
index 0000000000..636fe74789
--- /dev/null
+++ b/phpBB/phpbb/passwords/driver/bcrypt_wcf2.php
@@ -0,0 +1,91 @@
+<?php
+/**
+*
+* @package phpBB3
+* @copyright (c) 2014 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+namespace phpbb\passwords\driver;
+
+/**
+* @package passwords
+*/
+class bcrypt_wcf2 extends base
+{
+	const PREFIX = '$wcf2$';
+
+	/** @var \phpbb\passwords\driver\bcrypt */
+	protected $bcrypt;
+
+	/** @var phpbb\passwords\driver\helper */
+	protected $helper;
+
+	/**
+	* Constructor of passwords driver object
+	*
+	* @param \phpbb\passwords\driver\bcrypt $bcrypt Salted md5 driver
+	* @param \phpbb\passwords\driver\helper $helper Password driver helper
+	*/
+	public function __construct(\phpbb\passwords\driver\bcrypt $bcrypt, helper $helper)
+	{
+		$this->bcrypt = $bcrypt;
+		$this->helper = $helper;
+	}
+
+	/**
+	* @inheritdoc
+	*/
+	public function get_prefix()
+	{
+		return self::PREFIX;
+	}
+
+	/**
+	* @inheritdoc
+	*/
+	public function is_legacy()
+	{
+		return true;
+	}
+
+	/**
+	* @inheritdoc
+	*/
+	public function hash($password, $user_row = '')
+	{
+		// Do not support hashing
+		return false;
+	}
+
+	/**
+	* @inheritdoc
+	*/
+	public function check($password, $hash, $user_row = array())
+	{
+		if (empty($hash))
+		{
+			return false;
+		}
+		else
+		{
+			$salt = substr($hash, 0, 29);
+
+			if (strlen($salt) != 29)
+			{
+				return false;
+			}
+			// Works for standard WCF 2.x, i.e. WBB4 and similar
+			return $hash === $this->bcrypt->hash($this->bcrypt->hash($password, $salt), $salt);
+		}
+	}
+
+	/**
+	* @inheritdoc
+	*/
+	public function get_settings_only($hash, $full = false)
+	{
+		return false;
+	}
+}
diff --git a/tests/passwords/drivers_test.php b/tests/passwords/drivers_test.php
index 6861e5f805..0254db2016 100644
--- a/tests/passwords/drivers_test.php
+++ b/tests/passwords/drivers_test.php
@@ -34,6 +34,7 @@ class phpbb_passwords_helper_test extends \phpbb_test_case
 			'passwords.driver.md5_vb'	=> new \phpbb\passwords\driver\md5_vb($config, $this->driver_helper),
 		);
 		$this->passwords_drivers['passwords.driver.md5_phpbb2']	= new \phpbb\passwords\driver\md5_phpbb2($request, $this->passwords_drivers['passwords.driver.salted_md5'], $phpbb_root_path, $php_ext);
+		$this->passwords_drivers['passwords.driver.bcrypt_wcf2'] = new \phpbb\passwords\driver\bcrypt_wcf2($this->passwords_drivers['passwords.driver.bcrypt'], $this->driver_helper);
 	}
 
 	public function data_helper_encode64()
diff --git a/tests/passwords/manager_test.php b/tests/passwords/manager_test.php
index c6ae7db036..91e1035791 100644
--- a/tests/passwords/manager_test.php
+++ b/tests/passwords/manager_test.php
@@ -40,6 +40,7 @@ class phpbb_passwords_manager_test extends \phpbb_test_case
 			'passwords.driver.md5_vb'		=> new \phpbb\passwords\driver\md5_vb($config, $this->driver_helper),
 		);
 		$this->passwords_drivers['passwords.driver.md5_phpbb2']	= new \phpbb\passwords\driver\md5_phpbb2($request, $this->passwords_drivers['passwords.driver.salted_md5'], $phpbb_root_path, $php_ext);
+		$this->passwords_drivers['passwords.driver.bcrypt_wcf2'] = new \phpbb\passwords\driver\bcrypt_wcf2($this->passwords_drivers['passwords.driver.bcrypt'], $this->driver_helper);
 
 		$this->helper = new \phpbb\passwords\helper;
 		// Set up passwords manager