[ Index ]

PHP Cross Reference of DokuWiki

title

Body

[close]

/inc/ -> PassHash.php (summary)

(no description)

File Size: 656 lines (22 kb)
Included or required:0 times
Referenced: 0 times
Includes or requires: 0 files

Defines 1 class

PassHash:: (25 methods):
  verify_hash()
  gen_salt()
  init_salt()
  hash_smd5()
  hash_lsmd5()
  hash_apr1()
  hash_md5()
  hash_sha1()
  hash_ssha()
  hash_crypt()
  hash_mysql()
  hash_my411()
  hash_kmd5()
  hash_pmd5()
  hash_hmd5()
  hash_djangosha1()
  hash_djangomd5()
  hash_djangopbkdf2()
  hash_djangopbkdf2_sha256()
  hash_djangopbkdf2_sha1()
  hash_bcrypt()
  hash_sha512()
  hash_mediawiki()
  hmac()
  random()


Class: PassHash  - X-Ref

Password Hashing Class

This class implements various mechanisms used to hash passwords

verify_hash($clear, $hash)   X-Ref
Verifies a cleartext password against a crypted hash

The method and salt used for the crypted hash is determined automatically,
then the clear text password is crypted using the same method. If both hashs
match true is is returned else false

author: Andreas Gohr <andi@splitbrain.org>
return: bool
param: string $clear Clear-Text password
param: string $hash  Hash to compare against

gen_salt($len = 32)   X-Ref
Create a random salt

return: string
param: int $len The length of the salt

init_salt(&$salt, $len = 32, $cut = true)   X-Ref
Initialize the passed variable with a salt if needed.

If $salt is not null, the value is kept, but the lenght restriction is
applied (unless, $cut is false).

param: string|null &$salt  The salt, pass null if you want one generated
param: int          $len   The length of the salt
param: bool         $cut   Apply length restriction to existing salt?

hash_smd5($clear, $salt = null)   X-Ref
Password hashing method 'smd5'

Uses salted MD5 hashs. Salt is 8 bytes long.

The same mechanism is used by Apache's 'apr1' method. This will
fallback to a implementation in pure PHP if MD5 support is not
available in crypt()

author: Andreas Gohr <andi@splitbrain.org>
author: <mikey_nich at hotmail dot com>
return: string Hashed password
param: string $clear The clear text to hash
param: string $salt  The salt to use, null for random
link: http://php.net/manual/en/function.crypt.php#73619

hash_lsmd5($clear, $salt = null)   X-Ref
Password hashing method 'lsmd5'

Uses salted MD5 hashs. Salt is 8 bytes long.

This is the format used by LDAP.

return: string Hashed password
param: string $clear The clear text to hash
param: string $salt  The salt to use, null for random

hash_apr1($clear, $salt = null, $magic = 'apr1')   X-Ref
Password hashing method 'apr1'

Uses salted MD5 hashs. Salt is 8 bytes long.

This is basically the same as smd1 above, but as used by Apache.

author: <mikey_nich at hotmail dot com>
return: string Hashed password
param: string $clear The clear text to hash
param: string $salt  The salt to use, null for random
param: string $magic The hash identifier (apr1 or 1)
link: http://php.net/manual/en/function.crypt.php#73619

hash_md5($clear)   X-Ref
Password hashing method 'md5'

Uses MD5 hashs.

return: string Hashed password
param: string $clear The clear text to hash

hash_sha1($clear)   X-Ref
Password hashing method 'sha1'

Uses SHA1 hashs.

return: string Hashed password
param: string $clear The clear text to hash

hash_ssha($clear, $salt = null)   X-Ref
Password hashing method 'ssha' as used by LDAP

Uses salted SHA1 hashs. Salt is 4 bytes long.

return: string Hashed password
param: string $clear The clear text to hash
param: string $salt  The salt to use, null for random

hash_crypt($clear, $salt = null)   X-Ref
Password hashing method 'crypt'

Uses salted crypt hashs. Salt is 2 bytes long.

return: string Hashed password
param: string $clear The clear text to hash
param: string $salt  The salt to use, null for random

hash_mysql($clear)   X-Ref
Password hashing method 'mysql'

This method was used by old MySQL systems

author: <soren at byu dot edu>
return: string Hashed password
param: string $clear The clear text to hash
link: http://php.net/mysql

hash_my411($clear)   X-Ref
Password hashing method 'my411'

Uses SHA1 hashs. This method is used by MySQL 4.11 and above

return: string Hashed password
param: string $clear The clear text to hash

hash_kmd5($clear, $salt = null)   X-Ref
Password hashing method 'kmd5'

Uses salted MD5 hashs.

Salt is 2 bytes long, but stored at position 16, so you need to pass at
least 18 bytes. You can pass the crypted hash as salt.

return: string Hashed password
param: string $clear The clear text to hash
param: string $salt  The salt to use, null for random

hash_pmd5($clear, $salt = null, $magic = 'P', $compute = 8)   X-Ref
Password hashing method 'pmd5'

Uses salted MD5 hashs. Salt is 1+8 bytes long, 1st byte is the
iteration count when given, for null salts $compute is used.

The actual iteration count is the given count squared, maximum is
30 (-> 1073741824). If a higher one is given, the function throws
an exception.

return: string Hashed password
param: string $clear   The clear text to hash
param: string $salt    The salt to use, null for random
param: string $magic   The hash identifier (P or H)
param: int    $compute The iteration count for new passwords
link: http://www.openwall.com/phpass/

hash_hmd5($clear, $salt = null, $magic = 'H', $compute = 8)   X-Ref
Alias for hash_pmd5

return: string
param: string $clear
param: null|string $salt
param: string $magic
param: int $compute

hash_djangosha1($clear, $salt = null)   X-Ref
Password hashing method 'djangosha1'

Uses salted SHA1 hashs. Salt is 5 bytes long.
This is used by the Django Python framework

return: string Hashed password
param: string $clear The clear text to hash
param: string $salt  The salt to use, null for random
link: http://docs.djangoproject.com/en/dev/topics/auth/#passwords

hash_djangomd5($clear, $salt = null)   X-Ref
Password hashing method 'djangomd5'

Uses salted MD5 hashs. Salt is 5 bytes long.
This is used by the Django Python framework

return: string Hashed password
param: string $clear The clear text to hash
param: string $salt  The salt to use, null for random
link: http://docs.djangoproject.com/en/dev/topics/auth/#passwords

hash_djangopbkdf2($clear, $salt=null, $opts=array()   X-Ref
Password hashing method 'djangopbkdf2'

An algorithm and iteration count should be given in the opts array.
Defaults to sha256 and 24000 iterations

return: string Hashed password
param: string $clear The clear text to hash
param: string $salt  The salt to use, null for random
param: array $opts ('algo' => hash algorithm, 'iter' => iterations)

hash_djangopbkdf2_sha256($clear, $salt=null, $opts=array()   X-Ref
Alias for djangopbkdf2 defaulting to sha256 as hash algorithm

return: string Hashed password
param: string $clear The clear text to hash
param: string $salt  The salt to use, null for random
param: array $opts ('iter' => iterations)

hash_djangopbkdf2_sha1($clear, $salt=null, $opts=array()   X-Ref
Alias for djangopbkdf2 defaulting to sha1 as hash algorithm

return: string Hashed password
param: string $clear The clear text to hash
param: string $salt  The salt to use, null for random
param: array $opts ('iter' => iterations)

hash_bcrypt($clear, $salt = null, $compute = 10)   X-Ref
Passwordhashing method 'bcrypt'

Uses a modified blowfish algorithm called eksblowfish
This method works on PHP 5.3+ only and will throw an exception
if the needed crypt support isn't available

A full hash should be given as salt (starting with $a2$) or this
will break. When no salt is given, the iteration count can be set
through the $compute variable.

return: string Hashed password
param: string $clear   The clear text to hash
param: string $salt    The salt to use, null for random
param: int    $compute The iteration count (between 4 and 31)

hash_sha512($clear, $salt = null, $magic = null)   X-Ref
Password hashing method SHA512

This is only supported on PHP 5.3.2 or higher and will throw an exception if
the needed crypt support is not available

return: string Hashed password
param: string $clear The clear text to hash
param: string $salt  The salt to use, null for random
param: string $magic The rounds for sha512 (for example "rounds=3000"), null for default value

hash_mediawiki($clear, $salt = null)   X-Ref
Password hashing method 'mediawiki'

Uses salted MD5, this is referred to as Method B in MediaWiki docs. Unsalted md5
method 'A' is not supported.

return: string Hashed password
param: string $clear The clear text to hash
param: string $salt  The salt to use, null for random
link: http://www.mediawiki.org/wiki/Manual_talk:User_table#user_password_column

hmac($algo, $data, $key, $raw_output = false)   X-Ref
Wraps around native hash_hmac() or reimplents it

This is not directly used as password hashing method, and thus isn't callable via the
verify_hash() method. It should be used to create signatures and might be used in other
password hashing methods.

author: KC Cloyd
return: string
param: string $algo Name of selected hashing algorithm (i.e. "md5", "sha256", "haval160,4",
param: string $data Message to be hashed.
param: string $key  Shared secret key used for generating the HMAC variant of the message digest.
param: bool $raw_output When set to TRUE, outputs raw binary data. FALSE outputs lowercase hexits.
link: http://php.net/manual/en/function.hash-hmac.php#93440
see: hash_hmac()

random($min, $max)   X-Ref
Use a secure random generator

return: int
param: int $min
param: int $max