Rev 66 | Rev 68 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 66 | Rev 67 | ||
---|---|---|---|
Line 141... | Line 141... | ||
141 | 141 | ||
142 | function vts_crypt_hash($algo, $str_password, $str_salt, $ver='1', $mode='ps', $iterations=0/*default*/) { |
142 | function vts_crypt_hash($algo, $str_password, $str_salt, $ver='1', $mode='ps', $iterations=0/*default*/) { |
143 | if ($ver == '1') { |
143 | if ($ver == '1') { |
144 | if ($mode == 'sp') { |
144 | if ($mode == 'sp') { |
145 | $payload = $str_salt.$str_password; |
145 | $payload = $str_salt.$str_password; |
146 | $algo_supported_natively = in_array($algo, hash_algos()); |
- | |
147 | if (!$algo_supported_natively && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash')) { |
146 | if (!hash_supported_natively($algo) && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash')) { |
148 | $bits = explode('-',$algo)[1]; |
147 | $bits = explode('-',$algo)[1]; |
149 | $bin_hash = \bb\Sha3\Sha3::hash($payload, $bits, true); |
148 | $bin_hash = \bb\Sha3\Sha3::hash($payload, $bits, true); |
150 | } else { |
149 | } else { |
151 | $bin_hash = hash($algo, $payload, true); |
150 | $bin_hash = hash($algo, $payload, true); |
152 | } |
151 | } |
153 | } else if ($mode == 'ps') { |
152 | } else if ($mode == 'ps') { |
154 | $payload = $str_password.$str_salt; |
153 | $payload = $str_password.$str_salt; |
155 | $algo_supported_natively = in_array($algo, hash_algos()); |
- | |
156 | if (!$algo_supported_natively && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash')) { |
154 | if (!hash_supported_natively($algo) && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash')) { |
157 | $bits = explode('-',$algo)[1]; |
155 | $bits = explode('-',$algo)[1]; |
158 | $bin_hash = \bb\Sha3\Sha3::hash($payload, $bits, true); |
156 | $bin_hash = \bb\Sha3\Sha3::hash($payload, $bits, true); |
159 | } else { |
157 | } else { |
160 | $bin_hash = hash($algo, $payload, true); |
158 | $bin_hash = hash($algo, $payload, true); |
161 | } |
159 | } |
162 | } else if ($mode == 'sps') { |
160 | } else if ($mode == 'sps') { |
163 | $payload = $str_salt.$str_password.$str_salt; |
161 | $payload = $str_salt.$str_password.$str_salt; |
164 | $algo_supported_natively = in_array($algo, hash_algos()); |
- | |
165 | if (!$algo_supported_natively && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash')) { |
162 | if (!hash_supported_natively($algo) && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash')) { |
166 | $bits = explode('-',$algo)[1]; |
163 | $bits = explode('-',$algo)[1]; |
167 | $bin_hash = \bb\Sha3\Sha3::hash($payload, $bits, true); |
164 | $bin_hash = \bb\Sha3\Sha3::hash($payload, $bits, true); |
168 | } else { |
165 | } else { |
169 | $bin_hash = hash($algo, $payload, true); |
166 | $bin_hash = hash($algo, $payload, true); |
170 | } |
167 | } |
171 | } else if ($mode == 'hmac') { |
168 | } else if ($mode == 'hmac') { |
172 | if (version_compare(PHP_VERSION, '7.2.0') >= 0) { |
- | |
173 | $algo_supported_natively = in_array($algo, hash_hmac_algos()); |
- | |
174 | } else { |
- | |
175 | $algo_supported_natively = in_array($algo, hash_algos()); |
- | |
176 | } |
- | |
177 | if (!$algo_supported_natively && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash_hmac')) { |
169 | if (!hash_hmac_supported_natively($algo) && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash_hmac')) { |
178 | $bits = explode('-',$algo)[1]; |
170 | $bits = explode('-',$algo)[1]; |
179 | $bin_hash = \bb\Sha3\Sha3::hash_hmac($str_password, $str_salt, $bits, true); |
171 | $bin_hash = \bb\Sha3\Sha3::hash_hmac($str_password, $str_salt, $bits, true); |
180 | } else { |
172 | } else { |
181 | $bin_hash = hash_hmac($algo, $str_password, $str_salt, true); |
173 | $bin_hash = hash_hmac($algo, $str_password, $str_salt, true); |
182 | } |
174 | } |
183 | } else if ($mode == 'pbkdf2') { |
175 | } else if ($mode == 'pbkdf2') { |
184 | $algo_supported_natively = in_array($algo, hash_algos()); |
- | |
185 | if (!$algo_supported_natively && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash_pbkdf2')) { |
176 | if (!hash_pbkdf2_supported_natively($algo) && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash_pbkdf2')) { |
186 | if ($iterations == 0) { |
177 | if ($iterations == 0) { |
187 | $iterations = 2000; // because userland implementations are much slower, we must choose a small value... |
178 | $iterations = 2000; // because userland implementations are much slower, we must choose a small value... |
188 | } |
179 | } |
189 | $bits = explode('-',$algo)[1]; |
180 | $bits = explode('-',$algo)[1]; |
190 | $bin_hash = \bb\Sha3\Sha3::hash_pbkdf2($str_password, $str_salt, $iterations, $bits, 0, true); |
181 | $bin_hash = \bb\Sha3\Sha3::hash_pbkdf2($str_password, $str_salt, $iterations, $bits, 0, true); |
Line 385... | Line 376... | ||
385 | $x = strtr($x, BASE64_CRYPT_ALPHABET, BASE64_RFC4648_ALPHABET); |
376 | $x = strtr($x, BASE64_CRYPT_ALPHABET, BASE64_RFC4648_ALPHABET); |
386 | $x = base64_decode($x); |
377 | $x = base64_decode($x); |
387 | return $x; |
378 | return $x; |
388 | } |
379 | } |
389 | 380 | ||
- | 381 | function hash_supported_natively($algo) { |
|
- | 382 | if (version_compare(PHP_VERSION, '5.1.2') >= 0) { |
|
- | 383 | return in_array($algo, hash_algos()); |
|
- | 384 | } else { |
|
- | 385 | return false; |
|
- | 386 | } |
|
- | 387 | } |
|
- | 388 | ||
- | 389 | function hash_hmac_supported_natively($algo): bool { |
|
- | 390 | if (version_compare(PHP_VERSION, '7.2.0') >= 0) { |
|
- | 391 | return in_array($algo, hash_hmac_algos()); |
|
- | 392 | } else if (version_compare(PHP_VERSION, '5.1.2') >= 0) { |
|
- | 393 | return in_array($algo, hash_algos()); |
|
- | 394 | } else { |
|
- | 395 | return false; |
|
- | 396 | } |
|
- | 397 | } |
|
- | 398 | ||
- | 399 | function hash_pbkdf2_supported_natively($algo) { |
|
- | 400 | return hash_supported_natively($algo); |
|
- | 401 | } |
|
- | 402 | ||
390 | // --- Part 5: Selftest |
403 | // --- Part 5: Selftest |
391 | 404 | ||
392 | /* |
405 | /* |
393 | $rnd = random_bytes_ex(50, true, true); |
406 | $rnd = random_bytes_ex(50, true, true); |
394 | assert(crypt_radix64_decode(crypt_radix64_encode($rnd)) === $rnd); |
407 | assert(crypt_radix64_decode(crypt_radix64_encode($rnd)) === $rnd); |