Commit: 665fca696efa40521e99171af09ab1c236c6b037

Author: Denis de Bernardy | Date: 2010-09-05 19:28:33 +0200
don't extend Crypto
diff --git a/libraries/lithium/security/Nonce.php b/libraries/lithium/security/Nonce.php index 664a543..3299be0 100644 --- a/libraries/lithium/security/Nonce.php +++ b/libraries/lithium/security/Nonce.php @@ -9,6 +9,7 @@ namespace lithium\security; +use \lithium\security\Crypto; use \lithium\storage\Session; /** @@ -16,7 +17,7 @@ use \lithium\storage\Session; * cryptographically strong salt generator, and utility functions to hash and check * passwords. */ -class Nonce extends \lithium\security\Crypto { +class Nonce { protected static $_salt; /** @@ -53,7 +54,7 @@ class Nonce extends \lithium\security\Crypto { protected static function _salt() { static::$_salt = Session::read('lithium.nonce', array('name' => 'default')); if (!static::$_salt) { - static::$_salt = static::random(32); // 256 bits + static::$_salt = Crypto::random(32); // 256 bits Session::write('lithium.nonce', static::$_salt, array('name' => 'default')); } return static::$_salt; diff --git a/libraries/lithium/security/Password.php b/libraries/lithium/security/Password.php index b2327ca..34b4bce 100644 --- a/libraries/lithium/security/Password.php +++ b/libraries/lithium/security/Password.php @@ -9,12 +9,14 @@ namespace lithium\security; +use \lithium\security\Crypto; + /** * Password utility class that makes use of PHP's `crypt()` function. Includes a * cryptographically strong salt generator, and utility functions to hash and check * passwords. */ -class Password extends \lithium\security\Crypto { +class Password { /** * The default log2 number of iterations for Blowfish encryption */ @@ -167,7 +169,7 @@ class Password extends \lithium\security\Crypto { $base64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; $i = 0; - $input = static::random(16); // 128 bits of salt + $input = Crypto::random(16); // 128 bits of salt $output = ''; do { @@ -223,7 +225,7 @@ class Password extends \lithium\security\Crypto { . $base64[($count >> 12) & 0x3f] . $base64[($count >> 18) & 0x3f] // 24 bits of salt, encoded - . static::random64(3); + . Crypto::random64(3); return $output; } @@ -236,7 +238,7 @@ class Password extends \lithium\security\Crypto { protected static function _genSaltMD5() { $output = '$1$' // 48 bits of salt, encoded - . static::random64(6); + . Crypto::random64(6); return $output; } }