WebSVN – oidplus – Diff – /trunk/plugins/auth/A2_sha3_salted_base64/OIDplusAuthPluginSha3SaltedBase64.class.php



 * limitations under the License.
 */
 
class OIDplusAuthPluginSha3SaltedBase64 extends OIDplusAuthPlugin {
 
        public function verify(OIDplusRAAuthInfo $authInfo, $check_password) {
                @list($s_authmethod, $s_authkey) = explode('#', $authKey, 2);
 
                $authKey = $authInfo->getAuthKey();
                $salt = $authInfo->getSalt();
 
                if ($s_authmethod == 'A2') {
                        // A2#X with X being sha3(salt+password) in base64-notation
                        $calc_authkey = base64_encode(sha3_512($salt.$check_password, true));
                } else {
                        // Invalid auth code

                }
 
                return hash_equals($calc_authkey, $s_authkey);
        }
 
        public function generate($password): OIDplusRAAuthInfo {
                $s_salt = bin2hex(OIDplusAuthUtils::getRandomBytes(50)); // DB field ra.salt is limited to 100 chars (= 50 bytes)
                $calc_authkey = 'A2#'.base64_encode(sha3_512($s_salt.$password, true));
                return array($s_salt, $calc_authkey);
        }
 

Rev 458	Rev 459
Line 17...	Line 17...
17	* limitations under the License.	17	* limitations under the License.
18	*/	18	*/
19		19
20	class OIDplusAuthPluginSha3SaltedBase64 extends OIDplusAuthPlugin {	20	class OIDplusAuthPluginSha3SaltedBase64 extends OIDplusAuthPlugin {
21		21
22	public function verify($authKey, $salt, $check_password) {	22	public function verify(OIDplusRAAuthInfo $authInfo, $check_password) {
23	@list($s_authmethod, $s_authkey) = explode('#', $authKey, 2);	23	@list($s_authmethod, $s_authkey) = explode('#', $authKey, 2);
24		24
-		25	$authKey = $authInfo->getAuthKey();
-		26	$salt = $authInfo->getSalt();
-		27
25	if ($s_authmethod == 'A2') {	28	if ($s_authmethod == 'A2') {
26	// A2#X with X being sha3(salt+password) in base64-notation	29	// A2#X with X being sha3(salt+password) in base64-notation
27	$calc_authkey = base64_encode(sha3_512($salt.$check_password, true));	30	$calc_authkey = base64_encode(sha3_512($salt.$check_password, true));
28	} else {	31	} else {
29	// Invalid auth code	32	// Invalid auth code
Line 31...	Line 34...
31	}	34	}
32		35
33	return hash_equals($calc_authkey, $s_authkey);	36	return hash_equals($calc_authkey, $s_authkey);
34	}	37	}
35		38
36	public function generate($password) {	39	public function generate($password): OIDplusRAAuthInfo {
37	$s_salt = bin2hex(OIDplusAuthUtils::getRandomBytes(50)); // DB field ra.salt is limited to 100 chars (= 50 bytes)	40	$s_salt = bin2hex(OIDplusAuthUtils::getRandomBytes(50)); // DB field ra.salt is limited to 100 chars (= 50 bytes)
38	$calc_authkey = 'A2#'.base64_encode(sha3_512($s_salt.$password, true));	41	$calc_authkey = 'A2#'.base64_encode(sha3_512($s_salt.$password, true));
39	return array($s_salt, $calc_authkey);	42	return array($s_salt, $calc_authkey);
40	}	43	}
41		44

Subversion Repositories oidplus

oidplus/trunk/plugins/auth/A2_sha3_salted_base64/OIDplusAuthPluginSha3SaltedBase64.class.php – Rev 458 → 459