From 6e120eeeaeecf7818544514b18d3ddb2aa8d7668 Mon Sep 17 00:00:00 2001 From: Taylor Otwell Date: Tue, 17 Jan 2012 14:23:11 -0600 Subject: [PATCH] cleaning up the hash class. --- laravel/hash.php | 40 ++++++++++++++++------------------------ 1 file changed, 16 insertions(+), 24 deletions(-) diff --git a/laravel/hash.php b/laravel/hash.php index af12e20a..0e348d4f 100644 --- a/laravel/hash.php +++ b/laravel/hash.php @@ -21,7 +21,22 @@ public static function make($value, $rounds = 8) { $work = str_pad($rounds, 2, '0', STR_PAD_LEFT); - return crypt($value, '$2a$'.$work.'$'.static::salt()); + // Bcrypt expects the salt to be 22 base64 encoded characters including + // dots and slashes. We will get rid of the plus signs included in the + // base64 data and replace them with dots. OpenSSL will be used if it + // is available, otherwise we will use the Str::random method. + if (function_exists('openssl_random_pseudo_bytes')) + { + $salt = openssl_random_pseudo_bytes(16); + } + else + { + $salt = Str::random(40); + } + + $salt = substr(strtr(base64_encode($salt), '+', '.'), 0 , 22); + + return crypt($value, '$2a$'.$work.'$'.$salt); } /** @@ -36,27 +51,4 @@ public static function check($value, $hash) return crypt($value, $hash) === $hash; } - /** - * Get a salt for use during Bcrypt hashing. - * - * @return string - */ - protected static function salt() - { - // Bcrypt expects the salt to be 22 base64 encoded characters including - // dots and slashes. We will get rid of the plus signs included in the - // base64 data and replace them with dots. OpenSSL will be used if it - // is available, otherwise we will use the Str::random method. - if (function_exists('openssl_random_pseudo_bytes')) - { - $bytes = openssl_random_pseudo_bytes(16); - - return substr(strtr(base64_encode($bytes), '+', '.'), 0 , 22); - } - - $salt = str_replace('+', '.', base64_encode(Str::random(40))); - - return substr($salt, 0, 22); - } - } \ No newline at end of file