class-phpass.php

Revision 7421, 6.6 kB (checked in by ryan, 8 months ago)
Use uniqid if getmypid is disabled. Props Solar Designer. fixes #6293
Property svn:eol-style set to `native`

Line
1	<?php
2	/**
3	* Portable PHP password hashing framework.
4	* @package phpass
5	* @since 2.5
6	* @version 0.1
7	* @link http://www.openwall.com/phpass/
8	*/
9
10	#
11	# Portable PHP password hashing framework.
12	#
13	# Version 0.1 / genuine.
14	#
15	# Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
16	# the public domain.
17	#
18	# There's absolutely no warranty.
19	#
20	# The homepage URL for this framework is:
21	#
22	# http://www.openwall.com/phpass/
23	#
24	# Please be sure to update the Version line if you edit this file in any way.
25	# It is suggested that you leave the main version number intact, but indicate
26	# your project name (after the slash) and add your own revision information.
27	#
28	# Please do not change the "private" password hashing method implemented in
29	# here, thereby making your hashes incompatible. However, if you must, please
30	# change the hash type identifier (the "$P$") to something different.
31	#
32	# Obviously, since this code is in the public domain, the above are not
33	# requirements (there can be none), but merely suggestions.
34	#
35	class PasswordHash {
36	var $itoa64;
37	var $iteration_count_log2;
38	var $portable_hashes;
39	var $random_state;
40
41	function PasswordHash($iteration_count_log2, $portable_hashes)
42	{
43	$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
44
45	if ($iteration_count_log2 < 4 \|\| $iteration_count_log2 > 31)
46	$iteration_count_log2 = 8;
47	$this->iteration_count_log2 = $iteration_count_log2;
48
49	$this->portable_hashes = $portable_hashes;
50
51	$this->random_state = microtime() . (function_exists('getmypid') ? getmypid() : '') . uniqid(rand(), TRUE);
52
53	}
54
55	function get_random_bytes($count)
56	{
57	$output = '';
58	if (($fh = @fopen('/dev/urandom', 'rb'))) {
59	$output = fread($fh, $count);
60	fclose($fh);
61	}
62
63	if (strlen($output) < $count) {
64	$output = '';
65	for ($i = 0; $i < $count; $i += 16) {
66	$this->random_state =
67	md5(microtime() . $this->random_state);
68	$output .=
69	pack('H*', md5($this->random_state));
70	}
71	$output = substr($output, 0, $count);
72	}
73
74	return $output;
75	}
76
77	function encode64($input, $count)
78	{
79	$output = '';
80	$i = 0;
81	do {
82	$value = ord($input[$i++]);
83	$output .= $this->itoa64[$value & 0x3f];
84	if ($i < $count)
85	$value \|= ord($input[$i]) << 8;
86	$output .= $this->itoa64[($value >> 6) & 0x3f];
87	if ($i++ >= $count)
88	break;
89	if ($i < $count)
90	$value \|= ord($input[$i]) << 16;
91	$output .= $this->itoa64[($value >> 12) & 0x3f];
92	if ($i++ >= $count)
93	break;
94	$output .= $this->itoa64[($value >> 18) & 0x3f];
95	} while ($i < $count);
96
97	return $output;
98	}
99
100	function gensalt_private($input)
101	{
102	$output = '$P$';
103	$output .= $this->itoa64[min($this->iteration_count_log2 +
104	((PHP_VERSION >= '5') ? 5 : 3), 30)];
105	$output .= $this->encode64($input, 6);
106
107	return $output;
108	}
109
110	function crypt_private($password, $setting)
111	{
112	$output = '*0';
113	if (substr($setting, 0, 2) == $output)
114	$output = '*1';
115
116	if (substr($setting, 0, 3) != '$P$')
117	return $output;
118
119	$count_log2 = strpos($this->itoa64, $setting[3]);
120	if ($count_log2 < 7 \|\| $count_log2 > 30)
121	return $output;
122
123	$count = 1 << $count_log2;
124
125	$salt = substr($setting, 4, 8);
126	if (strlen($salt) != 8)
127	return $output;
128
129	# We're kind of forced to use MD5 here since it's the only
130	# cryptographic primitive available in all versions of PHP
131	# currently in use. To implement our own low-level crypto
132	# in PHP would result in much worse performance and
133	# consequently in lower iteration counts and hashes that are
134	# quicker to crack (by non-PHP code).
135	if (PHP_VERSION >= '5') {
136	$hash = md5($salt . $password, TRUE);
137	do {
138	$hash = md5($hash . $password, TRUE);
139	} while (--$count);
140	} else {
141	$hash = pack('H*', md5($salt . $password));
142	do {
143	$hash = pack('H*', md5($hash . $password));
144	} while (--$count);
145	}
146
147	$output = substr($setting, 0, 12);
148	$output .= $this->encode64($hash, 16);
149
150	return $output;
151	}
152
153	function gensalt_extended($input)
154	{
155	$count_log2 = min($this->iteration_count_log2 + 8, 24);
156	# This should be odd to not reveal weak DES keys, and the
157	# maximum valid value is (2**24 - 1) which is odd anyway.
158	$count = (1 << $count_log2) - 1;
159
160	$output = '_';
161	$output .= $this->itoa64[$count & 0x3f];
162	$output .= $this->itoa64[($count >> 6) & 0x3f];
163	$output .= $this->itoa64[($count >> 12) & 0x3f];
164	$output .= $this->itoa64[($count >> 18) & 0x3f];
165
166	$output .= $this->encode64($input, 3);
167
168	return $output;
169	}
170
171	function gensalt_blowfish($input)
172	{
173	# This one needs to use a different order of characters and a
174	# different encoding scheme from the one in encode64() above.
175	# We care because the last character in our encoded string will
176	# only represent 2 bits. While two known implementations of
177	# bcrypt will happily accept and correct a salt string which
178	# has the 4 unused bits set to non-zero, we do not want to take
179	# chances and we also do not want to waste an additional byte
180	# of entropy.
181	$itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
182
183	$output = '$2a$';
184	$output .= chr(ord('0') + $this->iteration_count_log2 / 10);
185	$output .= chr(ord('0') + $this->iteration_count_log2 % 10);
186	$output .= '$';
187
188	$i = 0;
189	do {
190	$c1 = ord($input[$i++]);
191	$output .= $itoa64[$c1 >> 2];
192	$c1 = ($c1 & 0x03) << 4;
193	if ($i >= 16) {
194	$output .= $itoa64[$c1];
195	break;
196	}
197
198	$c2 = ord($input[$i++]);
199	$c1 \|= $c2 >> 4;
200	$output .= $itoa64[$c1];
201	$c1 = ($c2 & 0x0f) << 2;
202
203	$c2 = ord($input[$i++]);
204	$c1 \|= $c2 >> 6;
205	$output .= $itoa64[$c1];
206	$output .= $itoa64[$c2 & 0x3f];
207	} while (1);
208
209	return $output;
210	}
211
212	function HashPassword($password)
213	{
214	$random = '';
215
216	if (CRYPT_BLOWFISH == 1 && !$this->portable_hashes) {
217	$random = $this->get_random_bytes(16);
218	$hash =
219	crypt($password, $this->gensalt_blowfish($random));
220	if (strlen($hash) == 60)
221	return $hash;
222	}
223
224	if (CRYPT_EXT_DES == 1 && !$this->portable_hashes) {
225	if (strlen($random) < 3)
226	$random = $this->get_random_bytes(3);
227	$hash =
228	crypt($password, $this->gensalt_extended($random));
229	if (strlen($hash) == 20)
230	return $hash;
231	}
232
233	if (strlen($random) < 6)
234	$random = $this->get_random_bytes(6);
235	$hash =
236	$this->crypt_private($password,
237	$this->gensalt_private($random));
238	if (strlen($hash) == 34)
239	return $hash;
240
241	# Returning '*' on error is safe here, but would _not_ be safe
242	# in a crypt(3)-like function used _both_ for generating new
243	# hashes and for validating passwords against existing hashes.
244	return '*';
245	}
246
247	function CheckPassword($password, $stored_hash)
248	{
249	$hash = $this->crypt_private($password, $stored_hash);
250	if ($hash[0] == '*')
251	$hash = crypt($password, $stored_hash);
252
253	return $hash == $stored_hash;
254	}
255	}
256
257	?>
258

Note: See TracBrowser for help on using the browser.

root/branches/2.5/wp-includes/class-phpass.php

Download in other formats: