Edit File by line

<?php

[0] Fix | Delete

/**

[1] Fix | Delete

* Portable PHP password hashing framework.

[2] Fix | Delete

* @package phpass

[3] Fix | Delete

* @since 2.5.0

[4] Fix | Delete

* @version 0.5 / WordPress

[5] Fix | Delete

* @link https://www.openwall.com/phpass/

[6] Fix | Delete

[7] Fix | Delete

[8] Fix | Delete

[9] Fix | Delete

# Portable PHP password hashing framework.

[10] Fix | Delete

[11] Fix | Delete

# Version 0.5.4 / WordPress.

[12] Fix | Delete

[13] Fix | Delete

# Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in

[14] Fix | Delete

# the public domain. Revised in subsequent years, still public domain.

[15] Fix | Delete

[16] Fix | Delete

# There's absolutely no warranty.

[17] Fix | Delete

[18] Fix | Delete

# The homepage URL for this framework is:

[19] Fix | Delete

[20] Fix | Delete

# http://www.openwall.com/phpass/

[21] Fix | Delete

[22] Fix | Delete

# Please be sure to update the Version line if you edit this file in any way.

[23] Fix | Delete

# It is suggested that you leave the main version number intact, but indicate

[24] Fix | Delete

# your project name (after the slash) and add your own revision information.

[25] Fix | Delete

[26] Fix | Delete

# Please do not change the "private" password hashing method implemented in

[27] Fix | Delete

# here, thereby making your hashes incompatible. However, if you must, please

[28] Fix | Delete

# change the hash type identifier (the "$P$") to something different.

[29] Fix | Delete

[30] Fix | Delete

# Obviously, since this code is in the public domain, the above are not

[31] Fix | Delete

# requirements (there can be none), but merely suggestions.

[32] Fix | Delete

[33] Fix | Delete

[34] Fix | Delete

/**

[35] Fix | Delete

* Portable PHP password hashing framework.

[36] Fix | Delete

[37] Fix | Delete

* @package phpass

[38] Fix | Delete

* @version 0.5 / WordPress

[39] Fix | Delete

* @link https://www.openwall.com/phpass/

[40] Fix | Delete

* @since 2.5.0

[41] Fix | Delete

[42] Fix | Delete

class PasswordHash {

[43] Fix | Delete

var $itoa64;

[44] Fix | Delete

var $iteration_count_log2;

[45] Fix | Delete

var $portable_hashes;

[46] Fix | Delete

var $random_state;

[47] Fix | Delete

[48] Fix | Delete

function __construct($iteration_count_log2, $portable_hashes)

[49] Fix | Delete

{

[50] Fix | Delete

$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';

[51] Fix | Delete

[52] Fix | Delete

if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31) {

[53] Fix | Delete

$iteration_count_log2 = 8;

[54] Fix | Delete

}

[55] Fix | Delete

$this->iteration_count_log2 = $iteration_count_log2;

[56] Fix | Delete

[57] Fix | Delete

$this->portable_hashes = $portable_hashes;

[58] Fix | Delete

[59] Fix | Delete

$this->random_state = microtime();

[60] Fix | Delete

if (function_exists('getmypid')) {

[61] Fix | Delete

$this->random_state .= getmypid();

[62] Fix | Delete

}

[63] Fix | Delete

}

[64] Fix | Delete

[65] Fix | Delete

function PasswordHash($iteration_count_log2, $portable_hashes)

[66] Fix | Delete

{

[67] Fix | Delete

self::__construct($iteration_count_log2, $portable_hashes);

[68] Fix | Delete

}

[69] Fix | Delete

[70] Fix | Delete

function get_random_bytes($count)

[71] Fix | Delete

{

[72] Fix | Delete

$output = '';

[73] Fix | Delete

if (@is_readable('/dev/urandom') &&

[74] Fix | Delete

($fh = @fopen('/dev/urandom', 'rb'))) {

[75] Fix | Delete

$output = fread($fh, $count);

[76] Fix | Delete

fclose($fh);

[77] Fix | Delete

}

[78] Fix | Delete

[79] Fix | Delete

if (strlen($output) < $count) {

[80] Fix | Delete

$output = '';

[81] Fix | Delete

for ($i = 0; $i < $count; $i += 16) {

[82] Fix | Delete

$this->random_state =

[83] Fix | Delete

md5(microtime() . $this->random_state);

[84] Fix | Delete

$output .= md5($this->random_state, TRUE);

[85] Fix | Delete

}

[86] Fix | Delete

$output = substr($output, 0, $count);

[87] Fix | Delete

}

[88] Fix | Delete

[89] Fix | Delete

return $output;

[90] Fix | Delete

}

[91] Fix | Delete

[92] Fix | Delete

function encode64($input, $count)

[93] Fix | Delete

{

[94] Fix | Delete

$output = '';

[95] Fix | Delete

$i = 0;

[96] Fix | Delete

do {

[97] Fix | Delete

$value = ord($input[$i++]);

[98] Fix | Delete

$output .= $this->itoa64[$value & 0x3f];

[99] Fix | Delete

if ($i < $count) {

[100] Fix | Delete

$value |= ord($input[$i]) << 8;

[101] Fix | Delete

}

[102] Fix | Delete

$output .= $this->itoa64[($value >> 6) & 0x3f];

[103] Fix | Delete

if ($i++ >= $count) {

[104] Fix | Delete

break;

[105] Fix | Delete

}

[106] Fix | Delete

if ($i < $count) {

[107] Fix | Delete

$value |= ord($input[$i]) << 16;

[108] Fix | Delete

}

[109] Fix | Delete

$output .= $this->itoa64[($value >> 12) & 0x3f];

[110] Fix | Delete

if ($i++ >= $count) {

[111] Fix | Delete

break;

[112] Fix | Delete

}

[113] Fix | Delete

$output .= $this->itoa64[($value >> 18) & 0x3f];

[114] Fix | Delete

} while ($i < $count);

[115] Fix | Delete

[116] Fix | Delete

return $output;

[117] Fix | Delete

}

[118] Fix | Delete

[119] Fix | Delete

function gensalt_private($input)

[120] Fix | Delete

{

[121] Fix | Delete

$output = '$P$';

[122] Fix | Delete

$output .= $this->itoa64[min($this->iteration_count_log2 + 5,

[123] Fix | Delete

30)];

[124] Fix | Delete

$output .= $this->encode64($input, 6);

[125] Fix | Delete

[126] Fix | Delete

return $output;

[127] Fix | Delete

}

[128] Fix | Delete

[129] Fix | Delete

function crypt_private($password, $setting)

[130] Fix | Delete

{

[131] Fix | Delete

$output = '*0';

[132] Fix | Delete

if (substr($setting, 0, 2) === $output) {

[133] Fix | Delete

$output = '*1';

[134] Fix | Delete

}

[135] Fix | Delete

[136] Fix | Delete

$id = substr($setting, 0, 3);

[137] Fix | Delete

# We use "$P$", phpBB3 uses "$H$" for the same thing

[138] Fix | Delete

if ($id !== '$P$' && $id !== '$H$') {

[139] Fix | Delete

return $output;

[140] Fix | Delete

}

[141] Fix | Delete

[142] Fix | Delete

$count_log2 = strpos($this->itoa64, $setting[3]);

[143] Fix | Delete

if ($count_log2 < 7 || $count_log2 > 30) {

[144] Fix | Delete

return $output;

[145] Fix | Delete

}

[146] Fix | Delete

[147] Fix | Delete

$count = 1 << $count_log2;

[148] Fix | Delete

[149] Fix | Delete

$salt = substr($setting, 4, 8);

[150] Fix | Delete

if (strlen($salt) !== 8) {

[151] Fix | Delete

return $output;

[152] Fix | Delete

}

[153] Fix | Delete

[154] Fix | Delete

# We were kind of forced to use MD5 here since it's the only

[155] Fix | Delete

# cryptographic primitive that was available in all versions

[156] Fix | Delete

# of PHP in use. To implement our own low-level crypto in PHP

[157] Fix | Delete

# would have resulted in much worse performance and

[158] Fix | Delete

# consequently in lower iteration counts and hashes that are

[159] Fix | Delete

# quicker to crack (by non-PHP code).

[160] Fix | Delete

$hash = md5($salt . $password, TRUE);

[161] Fix | Delete

do {

[162] Fix | Delete

$hash = md5($hash . $password, TRUE);

[163] Fix | Delete

} while (--$count);

[164] Fix | Delete

[165] Fix | Delete

$output = substr($setting, 0, 12);

[166] Fix | Delete

$output .= $this->encode64($hash, 16);

[167] Fix | Delete

[168] Fix | Delete

return $output;

[169] Fix | Delete

}

[170] Fix | Delete

[171] Fix | Delete

function gensalt_blowfish($input)

[172] Fix | Delete

{

[173] Fix | Delete

# This one needs to use a different order of characters and a

[174] Fix | Delete

# different encoding scheme from the one in encode64() above.

[175] Fix | Delete

# We care because the last character in our encoded string will

[176] Fix | Delete

# only represent 2 bits. While two known implementations of

[177] Fix | Delete

# bcrypt will happily accept and correct a salt string which

[178] Fix | Delete

# has the 4 unused bits set to non-zero, we do not want to take

[179] Fix | Delete

# chances and we also do not want to waste an additional byte

[180] Fix | Delete

# of entropy.

[181] Fix | Delete

$itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';

[182] Fix | Delete

[183] Fix | Delete

$output = '$2a$';

[184] Fix | Delete

$output .= chr((int)(ord('0') + $this->iteration_count_log2 / 10));

[185] Fix | Delete

$output .= chr(ord('0') + $this->iteration_count_log2 % 10);

[186] Fix | Delete

$output .= '$';

[187] Fix | Delete

[188] Fix | Delete

$i = 0;

[189] Fix | Delete

do {

[190] Fix | Delete

$c1 = ord($input[$i++]);

[191] Fix | Delete

$output .= $itoa64[$c1 >> 2];

[192] Fix | Delete

$c1 = ($c1 & 0x03) << 4;

[193] Fix | Delete

if ($i >= 16) {

[194] Fix | Delete

$output .= $itoa64[$c1];

[195] Fix | Delete

break;

[196] Fix | Delete

}

[197] Fix | Delete

[198] Fix | Delete

$c2 = ord($input[$i++]);

[199] Fix | Delete

$c1 |= $c2 >> 4;

[200] Fix | Delete

$output .= $itoa64[$c1];

[201] Fix | Delete

$c1 = ($c2 & 0x0f) << 2;

[202] Fix | Delete

[203] Fix | Delete

$c2 = ord($input[$i++]);

[204] Fix | Delete

$c1 |= $c2 >> 6;

[205] Fix | Delete

$output .= $itoa64[$c1];

[206] Fix | Delete

$output .= $itoa64[$c2 & 0x3f];

[207] Fix | Delete

} while (1);

[208] Fix | Delete

[209] Fix | Delete

return $output;

[210] Fix | Delete

}

[211] Fix | Delete

[212] Fix | Delete

function HashPassword($password)

[213] Fix | Delete

{

[214] Fix | Delete

if ( strlen( $password ) > 4096 ) {

[215] Fix | Delete

return '*';

[216] Fix | Delete

}

[217] Fix | Delete

[218] Fix | Delete

$random = '';

[219] Fix | Delete

[220] Fix | Delete

if (CRYPT_BLOWFISH === 1 && !$this->portable_hashes) {

[221] Fix | Delete

$random = $this->get_random_bytes(16);

[222] Fix | Delete

$hash =

[223] Fix | Delete

crypt($password, $this->gensalt_blowfish($random));

[224] Fix | Delete

if (strlen($hash) === 60) {

[225] Fix | Delete

return $hash;

[226] Fix | Delete

}

[227] Fix | Delete

}

[228] Fix | Delete

[229] Fix | Delete

if (strlen($random) < 6) {

[230] Fix | Delete

$random = $this->get_random_bytes(6);

[231] Fix | Delete

}

[232] Fix | Delete

$hash =

[233] Fix | Delete

$this->crypt_private($password,

[234] Fix | Delete

$this->gensalt_private($random));

[235] Fix | Delete

if (strlen($hash) === 34) {

[236] Fix | Delete

return $hash;

[237] Fix | Delete

}

[238] Fix | Delete

[239] Fix | Delete

# Returning '*' on error is safe here, but would _not_ be safe

[240] Fix | Delete

# in a crypt(3)-like function used _both_ for generating new

[241] Fix | Delete

# hashes and for validating passwords against existing hashes.

[242] Fix | Delete

return '*';

[243] Fix | Delete

}

[244] Fix | Delete

[245] Fix | Delete

function CheckPassword($password, $stored_hash)

[246] Fix | Delete

{

[247] Fix | Delete

if ( strlen( $password ) > 4096 ) {

[248] Fix | Delete

return false;

[249] Fix | Delete

}

[250] Fix | Delete

[251] Fix | Delete

$hash = $this->crypt_private($password, $stored_hash);

[252] Fix | Delete

if ($hash[0] === '*') {

[253] Fix | Delete

$hash = crypt($password, $stored_hash);

[254] Fix | Delete

}

[255] Fix | Delete

[256] Fix | Delete

# This is not constant-time. In order to keep the code simple,

[257] Fix | Delete

# for timing safety we currently rely on the salts being

[258] Fix | Delete

# unpredictable, which they are at least in the non-fallback

[259] Fix | Delete

# cases (that is, when we use /dev/urandom and bcrypt).

[260] Fix | Delete

return $hash === $stored_hash;

[261] Fix | Delete

}

[262] Fix | Delete

}

[263] Fix | Delete

[264] Fix | Delete