Rev 458 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 458 | Rev 459 | ||
---|---|---|---|
Line 17... | Line 17... | ||
17 | * limitations under the License. |
17 | * limitations under the License. |
18 | */ |
18 | */ |
19 | 19 | ||
20 | class OIDplusAuthPluginSha3SaltedBase64 extends OIDplusAuthPlugin { |
20 | class OIDplusAuthPluginSha3SaltedBase64 extends OIDplusAuthPlugin { |
21 | 21 | ||
22 | public function verify($authKey, $salt, $check_password) { |
22 | public function verify(OIDplusRAAuthInfo $authInfo, $check_password) { |
23 | @list($s_authmethod, $s_authkey) = explode('#', $authKey, 2); |
23 | @list($s_authmethod, $s_authkey) = explode('#', $authKey, 2); |
24 | 24 | ||
- | 25 | $authKey = $authInfo->getAuthKey(); |
|
- | 26 | $salt = $authInfo->getSalt(); |
|
- | 27 | ||
25 | if ($s_authmethod == 'A2') { |
28 | if ($s_authmethod == 'A2') { |
26 | // A2#X with X being sha3(salt+password) in base64-notation |
29 | // A2#X with X being sha3(salt+password) in base64-notation |
27 | $calc_authkey = base64_encode(sha3_512($salt.$check_password, true)); |
30 | $calc_authkey = base64_encode(sha3_512($salt.$check_password, true)); |
28 | } else { |
31 | } else { |
29 | // Invalid auth code |
32 | // Invalid auth code |
Line 31... | Line 34... | ||
31 | } |
34 | } |
32 | 35 | ||
33 | return hash_equals($calc_authkey, $s_authkey); |
36 | return hash_equals($calc_authkey, $s_authkey); |
34 | } |
37 | } |
35 | 38 | ||
36 | public function generate($password) { |
39 | public function generate($password): OIDplusRAAuthInfo { |
37 | $s_salt = bin2hex(OIDplusAuthUtils::getRandomBytes(50)); // DB field ra.salt is limited to 100 chars (= 50 bytes) |
40 | $s_salt = bin2hex(OIDplusAuthUtils::getRandomBytes(50)); // DB field ra.salt is limited to 100 chars (= 50 bytes) |
38 | $calc_authkey = 'A2#'.base64_encode(sha3_512($s_salt.$password, true)); |
41 | $calc_authkey = 'A2#'.base64_encode(sha3_512($s_salt.$password, true)); |
39 | return array($s_salt, $calc_authkey); |
42 | return array($s_salt, $calc_authkey); |
40 | } |
43 | } |
41 | 44 |