Rev 66 | Rev 68 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 66 | Rev 67 | ||
|---|---|---|---|
| Line 141... | Line 141... | ||
| 141 | 141 | ||
| 142 | function vts_crypt_hash($algo, $str_password, $str_salt, $ver='1', $mode='ps', $iterations=0/*default*/) { |
142 | function vts_crypt_hash($algo, $str_password, $str_salt, $ver='1', $mode='ps', $iterations=0/*default*/) { |
| 143 | if ($ver == '1') { |
143 | if ($ver == '1') { |
| 144 | if ($mode == 'sp') { |
144 | if ($mode == 'sp') { |
| 145 | $payload = $str_salt.$str_password; |
145 | $payload = $str_salt.$str_password; |
| 146 | $algo_supported_natively = in_array($algo, hash_algos()); |
- | |
| 147 | if (!$algo_supported_natively && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash')) { |
146 | if (!hash_supported_natively($algo) && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash')) { |
| 148 | $bits = explode('-',$algo)[1]; |
147 | $bits = explode('-',$algo)[1]; |
| 149 | $bin_hash = \bb\Sha3\Sha3::hash($payload, $bits, true); |
148 | $bin_hash = \bb\Sha3\Sha3::hash($payload, $bits, true); |
| 150 | } else { |
149 | } else { |
| 151 | $bin_hash = hash($algo, $payload, true); |
150 | $bin_hash = hash($algo, $payload, true); |
| 152 | } |
151 | } |
| 153 | } else if ($mode == 'ps') { |
152 | } else if ($mode == 'ps') { |
| 154 | $payload = $str_password.$str_salt; |
153 | $payload = $str_password.$str_salt; |
| 155 | $algo_supported_natively = in_array($algo, hash_algos()); |
- | |
| 156 | if (!$algo_supported_natively && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash')) { |
154 | if (!hash_supported_natively($algo) && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash')) { |
| 157 | $bits = explode('-',$algo)[1]; |
155 | $bits = explode('-',$algo)[1]; |
| 158 | $bin_hash = \bb\Sha3\Sha3::hash($payload, $bits, true); |
156 | $bin_hash = \bb\Sha3\Sha3::hash($payload, $bits, true); |
| 159 | } else { |
157 | } else { |
| 160 | $bin_hash = hash($algo, $payload, true); |
158 | $bin_hash = hash($algo, $payload, true); |
| 161 | } |
159 | } |
| 162 | } else if ($mode == 'sps') { |
160 | } else if ($mode == 'sps') { |
| 163 | $payload = $str_salt.$str_password.$str_salt; |
161 | $payload = $str_salt.$str_password.$str_salt; |
| 164 | $algo_supported_natively = in_array($algo, hash_algos()); |
- | |
| 165 | if (!$algo_supported_natively && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash')) { |
162 | if (!hash_supported_natively($algo) && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash')) { |
| 166 | $bits = explode('-',$algo)[1]; |
163 | $bits = explode('-',$algo)[1]; |
| 167 | $bin_hash = \bb\Sha3\Sha3::hash($payload, $bits, true); |
164 | $bin_hash = \bb\Sha3\Sha3::hash($payload, $bits, true); |
| 168 | } else { |
165 | } else { |
| 169 | $bin_hash = hash($algo, $payload, true); |
166 | $bin_hash = hash($algo, $payload, true); |
| 170 | } |
167 | } |
| 171 | } else if ($mode == 'hmac') { |
168 | } else if ($mode == 'hmac') { |
| 172 | if (version_compare(PHP_VERSION, '7.2.0') >= 0) { |
- | |
| 173 | $algo_supported_natively = in_array($algo, hash_hmac_algos()); |
- | |
| 174 | } else { |
- | |
| 175 | $algo_supported_natively = in_array($algo, hash_algos()); |
- | |
| 176 | } |
- | |
| 177 | if (!$algo_supported_natively && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash_hmac')) { |
169 | if (!hash_hmac_supported_natively($algo) && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash_hmac')) { |
| 178 | $bits = explode('-',$algo)[1]; |
170 | $bits = explode('-',$algo)[1]; |
| 179 | $bin_hash = \bb\Sha3\Sha3::hash_hmac($str_password, $str_salt, $bits, true); |
171 | $bin_hash = \bb\Sha3\Sha3::hash_hmac($str_password, $str_salt, $bits, true); |
| 180 | } else { |
172 | } else { |
| 181 | $bin_hash = hash_hmac($algo, $str_password, $str_salt, true); |
173 | $bin_hash = hash_hmac($algo, $str_password, $str_salt, true); |
| 182 | } |
174 | } |
| 183 | } else if ($mode == 'pbkdf2') { |
175 | } else if ($mode == 'pbkdf2') { |
| 184 | $algo_supported_natively = in_array($algo, hash_algos()); |
- | |
| 185 | if (!$algo_supported_natively && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash_pbkdf2')) { |
176 | if (!hash_pbkdf2_supported_natively($algo) && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash_pbkdf2')) { |
| 186 | if ($iterations == 0) { |
177 | if ($iterations == 0) { |
| 187 | $iterations = 2000; // because userland implementations are much slower, we must choose a small value... |
178 | $iterations = 2000; // because userland implementations are much slower, we must choose a small value... |
| 188 | } |
179 | } |
| 189 | $bits = explode('-',$algo)[1]; |
180 | $bits = explode('-',$algo)[1]; |
| 190 | $bin_hash = \bb\Sha3\Sha3::hash_pbkdf2($str_password, $str_salt, $iterations, $bits, 0, true); |
181 | $bin_hash = \bb\Sha3\Sha3::hash_pbkdf2($str_password, $str_salt, $iterations, $bits, 0, true); |
| Line 385... | Line 376... | ||
| 385 | $x = strtr($x, BASE64_CRYPT_ALPHABET, BASE64_RFC4648_ALPHABET); |
376 | $x = strtr($x, BASE64_CRYPT_ALPHABET, BASE64_RFC4648_ALPHABET); |
| 386 | $x = base64_decode($x); |
377 | $x = base64_decode($x); |
| 387 | return $x; |
378 | return $x; |
| 388 | } |
379 | } |
| 389 | 380 | ||
| - | 381 | function hash_supported_natively($algo) { |
|
| - | 382 | if (version_compare(PHP_VERSION, '5.1.2') >= 0) { |
|
| - | 383 | return in_array($algo, hash_algos()); |
|
| - | 384 | } else { |
|
| - | 385 | return false; |
|
| - | 386 | } |
|
| - | 387 | } |
|
| - | 388 | ||
| - | 389 | function hash_hmac_supported_natively($algo): bool { |
|
| - | 390 | if (version_compare(PHP_VERSION, '7.2.0') >= 0) { |
|
| - | 391 | return in_array($algo, hash_hmac_algos()); |
|
| - | 392 | } else if (version_compare(PHP_VERSION, '5.1.2') >= 0) { |
|
| - | 393 | return in_array($algo, hash_algos()); |
|
| - | 394 | } else { |
|
| - | 395 | return false; |
|
| - | 396 | } |
|
| - | 397 | } |
|
| - | 398 | ||
| - | 399 | function hash_pbkdf2_supported_natively($algo) { |
|
| - | 400 | return hash_supported_natively($algo); |
|
| - | 401 | } |
|
| - | 402 | ||
| 390 | // --- Part 5: Selftest |
403 | // --- Part 5: Selftest |
| 391 | 404 | ||
| 392 | /* |
405 | /* |
| 393 | $rnd = random_bytes_ex(50, true, true); |
406 | $rnd = random_bytes_ex(50, true, true); |
| 394 | assert(crypt_radix64_decode(crypt_radix64_encode($rnd)) === $rnd); |
407 | assert(crypt_radix64_decode(crypt_radix64_encode($rnd)) === $rnd); |