| [ Index ] |
PHP Cross Reference of DokuWiki |
[Summary view] [Print] [Text view]
1 <?php 2 // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps 3 4 namespace dokuwiki; 5 6 /** 7 * Password Hashing Class 8 * 9 * This class implements various mechanisms used to hash passwords 10 * 11 * @author Andreas Gohr <andi@splitbrain.org> 12 * @author Schplurtz le Déboulonné <Schplurtz@laposte.net> 13 * @license LGPL2 14 */ 15 class PassHash { 16 /** 17 * Verifies a cleartext password against a crypted hash 18 * 19 * The method and salt used for the crypted hash is determined automatically, 20 * then the clear text password is crypted using the same method. If both hashs 21 * match true is is returned else false 22 * 23 * @author Andreas Gohr <andi@splitbrain.org> 24 * @author Schplurtz le Déboulonné <Schplurtz@laposte.net> 25 * 26 * @param string $clear Clear-Text password 27 * @param string $hash Hash to compare against 28 * @return bool 29 */ 30 public function verify_hash($clear, $hash) { 31 $method = ''; 32 $salt = ''; 33 $magic = ''; 34 35 //determine the used method and salt 36 if (substr($hash, 0, 2) == 'U$') { 37 // This may be an updated password from user_update_7000(). Such hashes 38 // have 'U' added as the first character and need an extra md5(). 39 $hash = substr($hash, 1); 40 $clear = md5($clear); 41 } 42 $len = strlen($hash); 43 if(preg_match('/^\$1\$([^\$]{0,8})\$/', $hash, $m)) { 44 $method = 'smd5'; 45 $salt = $m[1]; 46 $magic = '1'; 47 } elseif(preg_match('/^\$apr1\$([^\$]{0,8})\$/', $hash, $m)) { 48 $method = 'apr1'; 49 $salt = $m[1]; 50 $magic = 'apr1'; 51 } elseif(preg_match('/^\$S\$(.{52})$/', $hash, $m)) { 52 $method = 'drupal_sha512'; 53 $salt = $m[1]; 54 $magic = 'S'; 55 } elseif(preg_match('/^\$P\$(.{31})$/', $hash, $m)) { 56 $method = 'pmd5'; 57 $salt = $m[1]; 58 $magic = 'P'; 59 } elseif(preg_match('/^\$H\$(.{31})$/', $hash, $m)) { 60 $method = 'pmd5'; 61 $salt = $m[1]; 62 $magic = 'H'; 63 } elseif(preg_match('/^pbkdf2_(\w+?)\$(\d+)\$(.{12})\$/', $hash, $m)) { 64 $method = 'djangopbkdf2'; 65 $magic = array( 66 'algo' => $m[1], 67 'iter' => $m[2], 68 ); 69 $salt = $m[3]; 70 } elseif(preg_match('/^PBKDF2(SHA\d+)\$(\d+)\$([[:xdigit:]]+)\$([[:xdigit:]]+)$/', $hash, $m)) { 71 $method = 'seafilepbkdf2'; 72 $magic = array( 73 'algo' => $m[1], 74 'iter' => $m[2], 75 ); 76 $salt = $m[3]; 77 } elseif(preg_match('/^sha1\$(.{5})\$/', $hash, $m)) { 78 $method = 'djangosha1'; 79 $salt = $m[1]; 80 } elseif(preg_match('/^md5\$(.{5})\$/', $hash, $m)) { 81 $method = 'djangomd5'; 82 $salt = $m[1]; 83 } elseif(preg_match('/^\$2(a|y)\$(.{2})\$/', $hash, $m)) { 84 $method = 'bcrypt'; 85 $salt = $hash; 86 } elseif(substr($hash, 0, 6) == '{SSHA}') { 87 $method = 'ssha'; 88 $salt = substr(base64_decode(substr($hash, 6)), 20); 89 } elseif(substr($hash, 0, 6) == '{SMD5}') { 90 $method = 'lsmd5'; 91 $salt = substr(base64_decode(substr($hash, 6)), 16); 92 } elseif(preg_match('/^:B:(.+?):.{32}$/', $hash, $m)) { 93 $method = 'mediawiki'; 94 $salt = $m[1]; 95 } elseif(preg_match('/^\$(5|6)\$(rounds=\d+)?\$?(.+?)\$/', $hash, $m)) { 96 $method = 'sha2'; 97 $salt = $m[3]; 98 $magic = array( 99 'prefix' => $m[1], 100 'rounds' => $m[2], 101 ); 102 } elseif(preg_match('/^\$(argon2id?)/', $hash, $m)) { 103 if(!defined('PASSWORD_'.strtoupper($m[1]))) { 104 throw new \Exception('This PHP installation has no '.strtoupper($m[1]).' support'); 105 } 106 return password_verify($clear,$hash); 107 } elseif($len == 32) { 108 $method = 'md5'; 109 } elseif($len == 40) { 110 $method = 'sha1'; 111 } elseif($len == 16) { 112 $method = 'mysql'; 113 } elseif($len == 41 && $hash[0] == '*') { 114 $method = 'my411'; 115 } elseif($len == 34) { 116 $method = 'kmd5'; 117 $salt = $hash; 118 } else { 119 $method = 'crypt'; 120 $salt = substr($hash, 0, 2); 121 } 122 123 //crypt and compare 124 $call = 'hash_'.$method; 125 $newhash = $this->$call($clear, $salt, $magic); 126 if(\hash_equals($newhash, $hash)) { 127 return true; 128 } 129 return false; 130 } 131 132 /** 133 * Create a random salt 134 * 135 * @param int $len The length of the salt 136 * @return string 137 */ 138 public function gen_salt($len = 32) { 139 $salt = ''; 140 $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; 141 for($i = 0; $i < $len; $i++) { 142 $salt .= $chars[$this->random(0, 61)]; 143 } 144 return $salt; 145 } 146 147 /** 148 * Initialize the passed variable with a salt if needed. 149 * 150 * If $salt is not null, the value is kept, but the lenght restriction is 151 * applied (unless, $cut is false). 152 * 153 * @param string|null &$salt The salt, pass null if you want one generated 154 * @param int $len The length of the salt 155 * @param bool $cut Apply length restriction to existing salt? 156 */ 157 public function init_salt(&$salt, $len = 32, $cut = true) { 158 if(is_null($salt)) { 159 $salt = $this->gen_salt($len); 160 $cut = true; // for new hashes we alway apply length restriction 161 } 162 if(strlen($salt) > $len && $cut) $salt = substr($salt, 0, $len); 163 } 164 165 // Password hashing methods follow below 166 167 /** 168 * Password hashing method 'smd5' 169 * 170 * Uses salted MD5 hashs. Salt is 8 bytes long. 171 * 172 * The same mechanism is used by Apache's 'apr1' method. This will 173 * fallback to a implementation in pure PHP if MD5 support is not 174 * available in crypt() 175 * 176 * @author Andreas Gohr <andi@splitbrain.org> 177 * @author <mikey_nich at hotmail dot com> 178 * @link http://php.net/manual/en/function.crypt.php#73619 179 * 180 * @param string $clear The clear text to hash 181 * @param string $salt The salt to use, null for random 182 * @return string Hashed password 183 */ 184 public function hash_smd5($clear, $salt = null) { 185 $this->init_salt($salt, 8); 186 187 if(defined('CRYPT_MD5') && CRYPT_MD5 && $salt !== '') { 188 return crypt($clear, '$1$'.$salt.'$'); 189 } else { 190 // Fall back to PHP-only implementation 191 return $this->hash_apr1($clear, $salt, '1'); 192 } 193 } 194 195 /** 196 * Password hashing method 'lsmd5' 197 * 198 * Uses salted MD5 hashs. Salt is 8 bytes long. 199 * 200 * This is the format used by LDAP. 201 * 202 * @param string $clear The clear text to hash 203 * @param string $salt The salt to use, null for random 204 * @return string Hashed password 205 */ 206 public function hash_lsmd5($clear, $salt = null) { 207 $this->init_salt($salt, 8); 208 return "{SMD5}".base64_encode(md5($clear.$salt, true).$salt); 209 } 210 211 /** 212 * Password hashing method 'apr1' 213 * 214 * Uses salted MD5 hashs. Salt is 8 bytes long. 215 * 216 * This is basically the same as smd1 above, but as used by Apache. 217 * 218 * @author <mikey_nich at hotmail dot com> 219 * @link http://php.net/manual/en/function.crypt.php#73619 220 * 221 * @param string $clear The clear text to hash 222 * @param string $salt The salt to use, null for random 223 * @param string $magic The hash identifier (apr1 or 1) 224 * @return string Hashed password 225 */ 226 public function hash_apr1($clear, $salt = null, $magic = 'apr1') { 227 $this->init_salt($salt, 8); 228 229 $len = strlen($clear); 230 $text = $clear.'$'.$magic.'$'.$salt; 231 $bin = pack("H32", md5($clear.$salt.$clear)); 232 for($i = $len; $i > 0; $i -= 16) { 233 $text .= substr($bin, 0, min(16, $i)); 234 } 235 for($i = $len; $i > 0; $i >>= 1) { 236 $text .= ($i & 1) ? chr(0) : $clear[0]; 237 } 238 $bin = pack("H32", md5($text)); 239 for($i = 0; $i < 1000; $i++) { 240 $new = ($i & 1) ? $clear : $bin; 241 if($i % 3) $new .= $salt; 242 if($i % 7) $new .= $clear; 243 $new .= ($i & 1) ? $bin : $clear; 244 $bin = pack("H32", md5($new)); 245 } 246 $tmp = ''; 247 for($i = 0; $i < 5; $i++) { 248 $k = $i + 6; 249 $j = $i + 12; 250 if($j == 16) $j = 5; 251 $tmp = $bin[$i].$bin[$k].$bin[$j].$tmp; 252 } 253 $tmp = chr(0).chr(0).$bin[11].$tmp; 254 $tmp = strtr( 255 strrev(substr(base64_encode($tmp), 2)), 256 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/", 257 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" 258 ); 259 return '$'.$magic.'$'.$salt.'$'.$tmp; 260 } 261 262 /** 263 * Password hashing method 'md5' 264 * 265 * Uses MD5 hashs. 266 * 267 * @param string $clear The clear text to hash 268 * @return string Hashed password 269 */ 270 public function hash_md5($clear) { 271 return md5($clear); 272 } 273 274 /** 275 * Password hashing method 'sha1' 276 * 277 * Uses SHA1 hashs. 278 * 279 * @param string $clear The clear text to hash 280 * @return string Hashed password 281 */ 282 public function hash_sha1($clear) { 283 return sha1($clear); 284 } 285 286 /** 287 * Password hashing method 'ssha' as used by LDAP 288 * 289 * Uses salted SHA1 hashs. Salt is 4 bytes long. 290 * 291 * @param string $clear The clear text to hash 292 * @param string $salt The salt to use, null for random 293 * @return string Hashed password 294 */ 295 public function hash_ssha($clear, $salt = null) { 296 $this->init_salt($salt, 4); 297 return '{SSHA}'.base64_encode(pack("H*", sha1($clear.$salt)).$salt); 298 } 299 300 /** 301 * Password hashing method 'crypt' 302 * 303 * Uses salted crypt hashs. Salt is 2 bytes long. 304 * 305 * @param string $clear The clear text to hash 306 * @param string $salt The salt to use, null for random 307 * @return string Hashed password 308 */ 309 public function hash_crypt($clear, $salt = null) { 310 $this->init_salt($salt, 2); 311 return crypt($clear, $salt); 312 } 313 314 /** 315 * Password hashing method 'mysql' 316 * 317 * This method was used by old MySQL systems 318 * 319 * @link http://php.net/mysql 320 * @author <soren at byu dot edu> 321 * @param string $clear The clear text to hash 322 * @return string Hashed password 323 */ 324 public function hash_mysql($clear) { 325 $nr = 0x50305735; 326 $nr2 = 0x12345671; 327 $add = 7; 328 $charArr = preg_split("//", $clear); 329 foreach($charArr as $char) { 330 if(($char == '') || ($char == ' ') || ($char == '\t')) continue; 331 $charVal = ord($char); 332 $nr ^= ((($nr & 63) + $add) * $charVal) + ($nr << 8); 333 $nr2 += ($nr2 << 8) ^ $nr; 334 $add += $charVal; 335 } 336 return sprintf("%08x%08x", ($nr & 0x7fffffff), ($nr2 & 0x7fffffff)); 337 } 338 339 /** 340 * Password hashing method 'my411' 341 * 342 * Uses SHA1 hashs. This method is used by MySQL 4.11 and above 343 * 344 * @param string $clear The clear text to hash 345 * @return string Hashed password 346 */ 347 public function hash_my411($clear) { 348 return '*'.strtoupper(sha1(pack("H*", sha1($clear)))); 349 } 350 351 /** 352 * Password hashing method 'kmd5' 353 * 354 * Uses salted MD5 hashs. 355 * 356 * Salt is 2 bytes long, but stored at position 16, so you need to pass at 357 * least 18 bytes. You can pass the crypted hash as salt. 358 * 359 * @param string $clear The clear text to hash 360 * @param string $salt The salt to use, null for random 361 * @return string Hashed password 362 */ 363 public function hash_kmd5($clear, $salt = null) { 364 $this->init_salt($salt); 365 366 $key = substr($salt, 16, 2); 367 $hash1 = strtolower(md5($key.md5($clear))); 368 $hash2 = substr($hash1, 0, 16).$key.substr($hash1, 16); 369 return $hash2; 370 } 371 372 /** 373 * Password stretched hashing wrapper. 374 * 375 * Initial hash is repeatedly rehashed with same password. 376 * Any salted hash algorithm supported by PHP hash() can be used. Salt 377 * is 1+8 bytes long, 1st byte is the iteration count when given. For null 378 * salts $compute is used. 379 * 380 * The actual iteration count is 2 to the power of the given count, 381 * maximum is 30 (-> 2^30 = 1_073_741_824). If a higher one is given, 382 * the function throws an exception. 383 * This iteration count is expected to grow with increasing power of 384 * new computers. 385 * 386 * @author Andreas Gohr <andi@splitbrain.org> 387 * @author Schplurtz le Déboulonné <Schplurtz@laposte.net> 388 * @link http://www.openwall.com/phpass/ 389 * 390 * @param string $algo The hash algorithm to be used 391 * @param string $clear The clear text to hash 392 * @param string $salt The salt to use, null for random 393 * @param string $magic The hash identifier (P or H) 394 * @param int $compute The iteration count for new passwords 395 * @throws \Exception 396 * @return string Hashed password 397 */ 398 protected function stretched_hash($algo, $clear, $salt = null, $magic = 'P', $compute = 8) { 399 $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; 400 if(is_null($salt)) { 401 $this->init_salt($salt); 402 $salt = $itoa64[$compute].$salt; // prefix iteration count 403 } 404 $iterc = $salt[0]; // pos 0 of salt is log2(iteration count) 405 $iter = strpos($itoa64, $iterc); 406 407 if($iter > 30) { 408 throw new \Exception("Too high iteration count ($iter) in ". 409 __CLASS__.'::'.__FUNCTION__); 410 } 411 412 $iter = 1 << $iter; 413 $salt = substr($salt, 1, 8); 414 415 // iterate 416 $hash = hash($algo, $salt . $clear, TRUE); 417 do { 418 $hash = hash($algo, $hash.$clear, true); 419 } while(--$iter); 420 421 // encode 422 $output = ''; 423 $count = strlen($hash); 424 $i = 0; 425 do { 426 $value = ord($hash[$i++]); 427 $output .= $itoa64[$value & 0x3f]; 428 if($i < $count) 429 $value |= ord($hash[$i]) << 8; 430 $output .= $itoa64[($value >> 6) & 0x3f]; 431 if($i++ >= $count) 432 break; 433 if($i < $count) 434 $value |= ord($hash[$i]) << 16; 435 $output .= $itoa64[($value >> 12) & 0x3f]; 436 if($i++ >= $count) 437 break; 438 $output .= $itoa64[($value >> 18) & 0x3f]; 439 } while($i < $count); 440 441 return '$'.$magic.'$'.$iterc.$salt.$output; 442 } 443 444 /** 445 * Password hashing method 'pmd5' 446 * 447 * Repeatedly uses salted MD5 hashs. See stretched_hash() for the 448 * details. 449 * 450 * 451 * @author Schplurtz le Déboulonné <Schplurtz@laposte.net> 452 * @link http://www.openwall.com/phpass/ 453 * @see PassHash::stretched_hash() for the implementation details. 454 * 455 * @param string $clear The clear text to hash 456 * @param string $salt The salt to use, null for random 457 * @param string $magic The hash identifier (P or H) 458 * @param int $compute The iteration count for new passwords 459 * @throws Exception 460 * @return string Hashed password 461 */ 462 public function hash_pmd5($clear, $salt = null, $magic = 'P', $compute = 8) { 463 return $this->stretched_hash('md5', $clear, $salt, $magic, $compute); 464 } 465 466 /** 467 * Password hashing method 'drupal_sha512' 468 * 469 * Implements Drupal salted sha512 hashs. Drupal truncates the hash at 55 470 * characters. See stretched_hash() for the details; 471 * 472 * @author Schplurtz le Déboulonné <Schplurtz@laposte.net> 473 * @link https://api.drupal.org/api/drupal/includes%21password.inc/7.x 474 * @see PassHash::stretched_hash() for the implementation details. 475 * 476 * @param string $clear The clear text to hash 477 * @param string $salt The salt to use, null for random 478 * @param string $magic The hash identifier (S) 479 * @param int $compute The iteration count for new passwords (defautl is drupal 7's) 480 * @throws Exception 481 * @return string Hashed password 482 */ 483 public function hash_drupal_sha512($clear, $salt = null, $magic = 'S', $compute = 15) { 484 return substr($this->stretched_hash('sha512', $clear, $salt, $magic, $compute), 0, 55); 485 } 486 487 /** 488 * Alias for hash_pmd5 489 * 490 * @param string $clear 491 * @param null|string $salt 492 * @param string $magic 493 * @param int $compute 494 * 495 * @return string 496 * @throws \Exception 497 */ 498 public function hash_hmd5($clear, $salt = null, $magic = 'H', $compute = 8) { 499 return $this->hash_pmd5($clear, $salt, $magic, $compute); 500 } 501 502 /** 503 * Password hashing method 'djangosha1' 504 * 505 * Uses salted SHA1 hashs. Salt is 5 bytes long. 506 * This is used by the Django Python framework 507 * 508 * @link http://docs.djangoproject.com/en/dev/topics/auth/#passwords 509 * 510 * @param string $clear The clear text to hash 511 * @param string $salt The salt to use, null for random 512 * @return string Hashed password 513 */ 514 public function hash_djangosha1($clear, $salt = null) { 515 $this->init_salt($salt, 5); 516 return 'sha1$'.$salt.'$'.sha1($salt.$clear); 517 } 518 519 /** 520 * Password hashing method 'djangomd5' 521 * 522 * Uses salted MD5 hashs. Salt is 5 bytes long. 523 * This is used by the Django Python framework 524 * 525 * @link http://docs.djangoproject.com/en/dev/topics/auth/#passwords 526 * 527 * @param string $clear The clear text to hash 528 * @param string $salt The salt to use, null for random 529 * @return string Hashed password 530 */ 531 public function hash_djangomd5($clear, $salt = null) { 532 $this->init_salt($salt, 5); 533 return 'md5$'.$salt.'$'.md5($salt.$clear); 534 } 535 536 /** 537 * Password hashing method 'seafilepbkdf2' 538 * 539 * An algorithm and iteration count should be given in the opts array. 540 * 541 * Hash algorithm is the string that is in the password string in seafile 542 * database. It has to be converted to a php algo name. 543 * 544 * @author Schplurtz le Déboulonné <Schplurtz@laposte.net> 545 * @see https://stackoverflow.com/a/23670177 546 * 547 * @param string $clear The clear text to hash 548 * @param string $salt The salt to use, null for random 549 * @param array $opts ('algo' => hash algorithm, 'iter' => iterations) 550 * @return string Hashed password 551 * @throws Exception when PHP is missing support for the method/algo 552 */ 553 public function hash_seafilepbkdf2($clear, $salt=null, $opts=array()) { 554 $this->init_salt($salt, 64); 555 if(empty($opts['algo'])) { 556 $prefixalgo='SHA256'; 557 } else { 558 $prefixalgo=$opts['algo']; 559 } 560 $algo = strtolower($prefixalgo); 561 if(empty($opts['iter'])) { 562 $iter = 10000; 563 } else { 564 $iter = (int) $opts['iter']; 565 } 566 if(!function_exists('hash_pbkdf2')) { 567 throw new Exception('This PHP installation has no PBKDF2 support'); 568 } 569 if(!in_array($algo, hash_algos())) { 570 throw new Exception("This PHP installation has no $algo support"); 571 } 572 573 $hash = hash_pbkdf2($algo, $clear, hex2bin($salt), $iter, 0); 574 return "PBKDF2$prefixalgo\$$iter\$$salt\$$hash"; 575 } 576 577 /** 578 * Password hashing method 'djangopbkdf2' 579 * 580 * An algorithm and iteration count should be given in the opts array. 581 * Defaults to sha256 and 24000 iterations 582 * 583 * @param string $clear The clear text to hash 584 * @param string $salt The salt to use, null for random 585 * @param array $opts ('algo' => hash algorithm, 'iter' => iterations) 586 * @return string Hashed password 587 * @throws \Exception when PHP is missing support for the method/algo 588 */ 589 public function hash_djangopbkdf2($clear, $salt=null, $opts=array()) { 590 $this->init_salt($salt, 12); 591 if(empty($opts['algo'])) { 592 $algo = 'sha256'; 593 } else { 594 $algo = $opts['algo']; 595 } 596 if(empty($opts['iter'])) { 597 $iter = 24000; 598 } else { 599 $iter = (int) $opts['iter']; 600 } 601 if(!function_exists('hash_pbkdf2')) { 602 throw new \Exception('This PHP installation has no PBKDF2 support'); 603 } 604 if(!in_array($algo, hash_algos())) { 605 throw new \Exception("This PHP installation has no $algo support"); 606 } 607 608 $hash = base64_encode(hash_pbkdf2($algo, $clear, $salt, $iter, 0, true)); 609 return "pbkdf2_$algo\$$iter\$$salt\$$hash"; 610 } 611 612 /** 613 * Alias for djangopbkdf2 defaulting to sha256 as hash algorithm 614 * 615 * @param string $clear The clear text to hash 616 * @param string $salt The salt to use, null for random 617 * @param array $opts ('iter' => iterations) 618 * @return string Hashed password 619 * @throws \Exception when PHP is missing support for the method/algo 620 */ 621 public function hash_djangopbkdf2_sha256($clear, $salt=null, $opts=array()) { 622 $opts['algo'] = 'sha256'; 623 return $this->hash_djangopbkdf2($clear, $salt, $opts); 624 } 625 626 /** 627 * Alias for djangopbkdf2 defaulting to sha1 as hash algorithm 628 * 629 * @param string $clear The clear text to hash 630 * @param string $salt The salt to use, null for random 631 * @param array $opts ('iter' => iterations) 632 * @return string Hashed password 633 * @throws \Exception when PHP is missing support for the method/algo 634 */ 635 public function hash_djangopbkdf2_sha1($clear, $salt=null, $opts=array()) { 636 $opts['algo'] = 'sha1'; 637 return $this->hash_djangopbkdf2($clear, $salt, $opts); 638 } 639 640 /** 641 * Passwordhashing method 'bcrypt' 642 * 643 * Uses a modified blowfish algorithm called eksblowfish 644 * This method works on PHP 5.3+ only and will throw an exception 645 * if the needed crypt support isn't available 646 * 647 * A full hash should be given as salt (starting with $a2$) or this 648 * will break. When no salt is given, the iteration count can be set 649 * through the $compute variable. 650 * 651 * @param string $clear The clear text to hash 652 * @param string $salt The salt to use, null for random 653 * @param int $compute The iteration count (between 4 and 31) 654 * @throws \Exception 655 * @return string Hashed password 656 */ 657 public function hash_bcrypt($clear, $salt = null, $compute = 10) { 658 if(!defined('CRYPT_BLOWFISH') || CRYPT_BLOWFISH != 1) { 659 throw new \Exception('This PHP installation has no bcrypt support'); 660 } 661 662 if(is_null($salt)) { 663 if($compute < 4 || $compute > 31) $compute = 8; 664 $salt = '$2y$'.str_pad($compute, 2, '0', STR_PAD_LEFT).'$'. 665 $this->gen_salt(22); 666 } 667 668 return crypt($clear, $salt); 669 } 670 671 /** 672 * Password hashing method SHA-2 673 * 674 * This is only supported on PHP 5.3.2 or higher and will throw an exception if 675 * the needed crypt support is not available 676 * 677 * Uses: 678 * - SHA-2 with 256-bit output for prefix $5$ 679 * - SHA-2 with 512-bit output for prefix $6$ (default) 680 * 681 * @param string $clear The clear text to hash 682 * @param string $salt The salt to use, null for random 683 * @param array $opts ('rounds' => rounds for sha256/sha512, 'prefix' => selected method from SHA-2 family) 684 * @return string Hashed password 685 * @throws \Exception 686 */ 687 public function hash_sha2($clear, $salt = null, $opts = array()) { 688 if(empty($opts['prefix'])) { 689 $prefix = '6'; 690 } else { 691 $prefix = $opts['prefix']; 692 } 693 if(empty($opts['rounds'])) { 694 $rounds = null; 695 } else { 696 $rounds = $opts['rounds']; 697 } 698 if($prefix == '5' && (!defined('CRYPT_SHA256') || CRYPT_SHA256 != 1)) { 699 throw new \Exception('This PHP installation has no SHA256 support'); 700 } 701 if($prefix == '6' && (!defined('CRYPT_SHA512') || CRYPT_SHA512 != 1)) { 702 throw new \Exception('This PHP installation has no SHA512 support'); 703 } 704 $this->init_salt($salt, 8, false); 705 if(empty($rounds)) { 706 return crypt($clear, '$'.$prefix.'$'.$salt.'$'); 707 }else{ 708 return crypt($clear, '$'.$prefix.'$'.$rounds.'$'.$salt.'$'); 709 } 710 } 711 712 /** @see sha2 */ 713 public function hash_sha512($clear, $salt = null, $opts=[]) { 714 $opts['prefix'] = 6; 715 return $this->hash_sha2($clear, $salt, $opts); 716 } 717 718 /** @see sha2 */ 719 public function hash_sha256($clear, $salt = null, $opts=[]) { 720 $opts['prefix'] = 5; 721 return $this->hash_sha2($clear, $salt, $opts); 722 } 723 724 /** 725 * Password hashing method 'mediawiki' 726 * 727 * Uses salted MD5, this is referred to as Method B in MediaWiki docs. Unsalted md5 728 * method 'A' is not supported. 729 * 730 * @link http://www.mediawiki.org/wiki/Manual_talk:User_table#user_password_column 731 * 732 * @param string $clear The clear text to hash 733 * @param string $salt The salt to use, null for random 734 * @return string Hashed password 735 */ 736 public function hash_mediawiki($clear, $salt = null) { 737 $this->init_salt($salt, 8, false); 738 return ':B:'.$salt.':'.md5($salt.'-'.md5($clear)); 739 } 740 741 742 /** 743 * Password hashing method 'argon2i' 744 * 745 * Uses php's own password_hash function to create argon2i password hash 746 * Default Cost and thread options are used for now. 747 * 748 * @link https://www.php.net/manual/de/function.password-hash.php 749 * 750 * @param string $clear The clear text to hash 751 * @return string Hashed password 752 */ 753 public function hash_argon2i($clear) { 754 if(!defined('PASSWORD_ARGON2I')) { 755 throw new \Exception('This PHP installation has no ARGON2I support'); 756 } 757 return password_hash($clear,PASSWORD_ARGON2I); 758 } 759 760 /** 761 * Password hashing method 'argon2id' 762 * 763 * Uses php's own password_hash function to create argon2id password hash 764 * Default Cost and thread options are used for now. 765 * 766 * @link https://www.php.net/manual/de/function.password-hash.php 767 * 768 * @param string $clear The clear text to hash 769 * @return string Hashed password 770 */ 771 public function hash_argon2id($clear) { 772 if(!defined('PASSWORD_ARGON2ID')) { 773 throw new \Exception('This PHP installation has no ARGON2ID support'); 774 } 775 return password_hash($clear,PASSWORD_ARGON2ID); 776 } 777 778 /** 779 * Wraps around native hash_hmac() or reimplents it 780 * 781 * This is not directly used as password hashing method, and thus isn't callable via the 782 * verify_hash() method. It should be used to create signatures and might be used in other 783 * password hashing methods. 784 * 785 * @see hash_hmac() 786 * @author KC Cloyd 787 * @link http://php.net/manual/en/function.hash-hmac.php#93440 788 * 789 * @param string $algo Name of selected hashing algorithm (i.e. "md5", "sha256", "haval160,4", 790 * etc..) See hash_algos() for a list of supported algorithms. 791 * @param string $data Message to be hashed. 792 * @param string $key Shared secret key used for generating the HMAC variant of the message digest. 793 * @param bool $raw_output When set to TRUE, outputs raw binary data. FALSE outputs lowercase hexits. 794 * @return string 795 */ 796 public static function hmac($algo, $data, $key, $raw_output = false) { 797 // use native function if available and not in unit test 798 if(function_exists('hash_hmac') && !defined('SIMPLE_TEST')){ 799 return hash_hmac($algo, $data, $key, $raw_output); 800 } 801 802 $algo = strtolower($algo); 803 $pack = 'H' . strlen($algo('test')); 804 $size = 64; 805 $opad = str_repeat(chr(0x5C), $size); 806 $ipad = str_repeat(chr(0x36), $size); 807 808 if(strlen($key) > $size) { 809 $key = str_pad(pack($pack, $algo($key)), $size, chr(0x00)); 810 } else { 811 $key = str_pad($key, $size, chr(0x00)); 812 } 813 814 for($i = 0; $i < strlen($key) - 1; $i++) { 815 $opad[$i] = $opad[$i] ^ $key[$i]; 816 $ipad[$i] = $ipad[$i] ^ $key[$i]; 817 } 818 819 $output = $algo($opad . pack($pack, $algo($ipad . $data))); 820 821 return ($raw_output) ? pack($pack, $output) : $output; 822 } 823 824 /** 825 * Use a secure random generator 826 * 827 * @param int $min 828 * @param int $max 829 * @return int 830 */ 831 protected function random($min, $max){ 832 try { 833 return random_int($min, $max); 834 } catch (\Exception $e) { 835 // availability of random source is checked elsewhere in DokuWiki 836 // we demote this to an unchecked runtime exception here 837 throw new \RuntimeException($e->getMessage(), $e->getCode(), $e); 838 } 839 } 840 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body