Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/user_sql.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarcin Łojewski <marcin.lojewski@mlojewski.me>2018-12-16 18:51:40 +0300
committerMarcin Łojewski <marcin.lojewski@mlojewski.me>2018-12-16 18:58:13 +0300
commit8eb99e66bb046fd6093c6f160efde6dc309a90af (patch)
tree5c4293d2a1554a81aa78d76973201cf98defbed0
parent77270e6d4b6975b4c1487c8dcfa05d489c0b8e42 (diff)
Handle salt in Crypto classes
Diffstat
-rw-r--r--lib/Crypto/AbstractAlgorithm.php6
-rw-r--r--lib/Crypto/AbstractCrypt.php4
-rw-r--r--lib/Crypto/Cleartext.php2
-rw-r--r--lib/Crypto/CourierMD5.php2
-rw-r--r--lib/Crypto/CourierMD5Raw.php2
-rw-r--r--lib/Crypto/CourierSHA1.php2
-rw-r--r--lib/Crypto/CourierSHA256.php2
-rw-r--r--lib/Crypto/Crypt.php2
-rw-r--r--lib/Crypto/CryptArgon2.php4
-rw-r--r--lib/Crypto/CryptBlowfish.php4
-rw-r--r--lib/Crypto/IPasswordAlgorithm.php6
-rw-r--r--lib/Crypto/Joomla.php4
-rw-r--r--lib/Crypto/MD5.php2
-rw-r--r--lib/Crypto/Phpass.php4
-rw-r--r--lib/Crypto/SHA1.php2
-rw-r--r--lib/Crypto/SHA256.php2
-rw-r--r--lib/Crypto/SHA512.php2
-rw-r--r--lib/Crypto/SHA512Whirlpool.php2
-rw-r--r--lib/Crypto/SSHA.php4
-rw-r--r--lib/Crypto/WCF2.php4
-rw-r--r--lib/Crypto/Whirlpool.php2
21 files changed, 33 insertions, 31 deletions
diff --git a/lib/Crypto/AbstractAlgorithm.php b/lib/Crypto/AbstractAlgorithm.php
index 9556d78..99f344e 100644
--- a/lib/Crypto/AbstractAlgorithm.php
+++ b/lib/Crypto/AbstractAlgorithm.php
@@ -65,13 +65,13 @@ abstract class AbstractAlgorithm implements IPasswordAlgorithm
/**
* @inheritdoc
*/
- public function checkPassword($password, $dbHash)
+ public function checkPassword($password, $dbHash, $salt = null)
{
- return hash_equals($dbHash, $this->getPasswordHash($password));
+ return hash_equals($dbHash, $this->getPasswordHash($password, $salt));
}
/**
* @inheritdoc
*/
- public abstract function getPasswordHash($password);
+ public abstract function getPasswordHash($password, $salt = null);
}
diff --git a/lib/Crypto/AbstractCrypt.php b/lib/Crypto/AbstractCrypt.php
index e27e957..4bf3f43 100644
--- a/lib/Crypto/AbstractCrypt.php
+++ b/lib/Crypto/AbstractCrypt.php
@@ -38,7 +38,7 @@ abstract class AbstractCrypt extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function checkPassword($password, $dbHash)
+ public function checkPassword($password, $dbHash, $salt = null)
{
return hash_equals($dbHash, crypt($password, $dbHash));
}
@@ -46,7 +46,7 @@ abstract class AbstractCrypt extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return crypt($password, $this->getSalt());
}
diff --git a/lib/Crypto/Cleartext.php b/lib/Crypto/Cleartext.php
index e33d919..b1dd98c 100644
--- a/lib/Crypto/Cleartext.php
+++ b/lib/Crypto/Cleartext.php
@@ -43,7 +43,7 @@ class Cleartext extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return $password;
}
diff --git a/lib/Crypto/CourierMD5.php b/lib/Crypto/CourierMD5.php
index c2463e3..95d8799 100644
--- a/lib/Crypto/CourierMD5.php
+++ b/lib/Crypto/CourierMD5.php
@@ -43,7 +43,7 @@ class CourierMD5 extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return '{MD5}' . Utils::hexToBase64(md5($password));
}
diff --git a/lib/Crypto/CourierMD5Raw.php b/lib/Crypto/CourierMD5Raw.php
index 094eab3..491be5c 100644
--- a/lib/Crypto/CourierMD5Raw.php
+++ b/lib/Crypto/CourierMD5Raw.php
@@ -43,7 +43,7 @@ class CourierMD5Raw extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return '{MD5RAW}' . md5($password);
}
diff --git a/lib/Crypto/CourierSHA1.php b/lib/Crypto/CourierSHA1.php
index 6a96a44..f66b7c6 100644
--- a/lib/Crypto/CourierSHA1.php
+++ b/lib/Crypto/CourierSHA1.php
@@ -43,7 +43,7 @@ class CourierSHA1 extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return '{SHA}' . Utils::hexToBase64(sha1($password));
}
diff --git a/lib/Crypto/CourierSHA256.php b/lib/Crypto/CourierSHA256.php
index 081cd9d..bbf8c72 100644
--- a/lib/Crypto/CourierSHA256.php
+++ b/lib/Crypto/CourierSHA256.php
@@ -43,7 +43,7 @@ class CourierSHA256 extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return '{SHA256}' . Utils::hexToBase64(hash('sha256', $password));
}
diff --git a/lib/Crypto/Crypt.php b/lib/Crypto/Crypt.php
index c28763a..3c8227d 100644
--- a/lib/Crypto/Crypt.php
+++ b/lib/Crypto/Crypt.php
@@ -44,7 +44,7 @@ class Crypt extends AbstractCrypt
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return password_hash($password, PASSWORD_DEFAULT);
}
diff --git a/lib/Crypto/CryptArgon2.php b/lib/Crypto/CryptArgon2.php
index ed4aafb..6e086cc 100644
--- a/lib/Crypto/CryptArgon2.php
+++ b/lib/Crypto/CryptArgon2.php
@@ -81,7 +81,7 @@ class CryptArgon2 extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function checkPassword($password, $dbHash)
+ public function checkPassword($password, $dbHash, $salt = null)
{
return password_verify($password, $dbHash);
}
@@ -89,7 +89,7 @@ class CryptArgon2 extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return password_hash(
$password, PASSWORD_ARGON2I, [
diff --git a/lib/Crypto/CryptBlowfish.php b/lib/Crypto/CryptBlowfish.php
index 6e1b8a5..73a27b1 100644
--- a/lib/Crypto/CryptBlowfish.php
+++ b/lib/Crypto/CryptBlowfish.php
@@ -52,7 +52,7 @@ class CryptBlowfish extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function checkPassword($password, $dbHash)
+ public function checkPassword($password, $dbHash, $salt = null)
{
return password_verify($password, $dbHash);
}
@@ -60,7 +60,7 @@ class CryptBlowfish extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return password_hash(
$password, PASSWORD_BCRYPT, ["cost" => $this->cost]
diff --git a/lib/Crypto/IPasswordAlgorithm.php b/lib/Crypto/IPasswordAlgorithm.php
index 47ba961..4c5a160 100644
--- a/lib/Crypto/IPasswordAlgorithm.php
+++ b/lib/Crypto/IPasswordAlgorithm.php
@@ -42,18 +42,20 @@ interface IPasswordAlgorithm
* This value is stored in the database, when the password is changed.
*
* @param String $password The new password.
+ * @param String $salt Optional. Salt value.
*
* @return boolean True if the password was hashed successfully, false otherwise.
*/
- public function getPasswordHash($password);
+ public function getPasswordHash($password, $salt = null);
/**
* Check password given by the user against hash stored in the database.
*
* @param String $password Password given by the user.
* @param String $dbHash Password hash stored in the database.
+ * @param String $salt Optional. Salt value.
*
* @return boolean True if the password is correct, false otherwise.
*/
- public function checkPassword($password, $dbHash);
+ public function checkPassword($password, $dbHash, $salt = null);
}
diff --git a/lib/Crypto/Joomla.php b/lib/Crypto/Joomla.php
index 46af41c..ddec9ae 100644
--- a/lib/Crypto/Joomla.php
+++ b/lib/Crypto/Joomla.php
@@ -43,7 +43,7 @@ class Joomla extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
$salt = Utils::randomString(
32, "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
@@ -55,7 +55,7 @@ class Joomla extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function checkPassword($password, $dbHash)
+ public function checkPassword($password, $dbHash, $salt = null)
{
return hash_equals($dbHash, self::generateHash($password, $dbHash));
}
diff --git a/lib/Crypto/MD5.php b/lib/Crypto/MD5.php
index b995b9c..72ea2ce 100644
--- a/lib/Crypto/MD5.php
+++ b/lib/Crypto/MD5.php
@@ -43,7 +43,7 @@ class MD5 extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return md5($password);
}
diff --git a/lib/Crypto/Phpass.php b/lib/Crypto/Phpass.php
index a430ae3..bea911d 100644
--- a/lib/Crypto/Phpass.php
+++ b/lib/Crypto/Phpass.php
@@ -50,7 +50,7 @@ class Phpass extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function checkPassword($password, $dbHash)
+ public function checkPassword($password, $dbHash, $salt = null)
{
return hash_equals($dbHash, $this->crypt($password, $dbHash));
}
@@ -136,7 +136,7 @@ class Phpass extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return $this->crypt($password, $this->genSalt());
}
diff --git a/lib/Crypto/SHA1.php b/lib/Crypto/SHA1.php
index 3557f00..9c0c92f 100644
--- a/lib/Crypto/SHA1.php
+++ b/lib/Crypto/SHA1.php
@@ -43,7 +43,7 @@ class SHA1 extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return sha1($password);
}
diff --git a/lib/Crypto/SHA256.php b/lib/Crypto/SHA256.php
index 7cdf0db..a71bb29 100644
--- a/lib/Crypto/SHA256.php
+++ b/lib/Crypto/SHA256.php
@@ -43,7 +43,7 @@ class SHA256 extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return hash('sha256', $password);
}
diff --git a/lib/Crypto/SHA512.php b/lib/Crypto/SHA512.php
index ab34ba6..efc655f 100644
--- a/lib/Crypto/SHA512.php
+++ b/lib/Crypto/SHA512.php
@@ -43,7 +43,7 @@ class SHA512 extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return hash('sha512', $password);
}
diff --git a/lib/Crypto/SHA512Whirlpool.php b/lib/Crypto/SHA512Whirlpool.php
index 666502b..b58bf96 100644
--- a/lib/Crypto/SHA512Whirlpool.php
+++ b/lib/Crypto/SHA512Whirlpool.php
@@ -43,7 +43,7 @@ class SHA512Whirlpool extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return hash('sha512', hash('whirlpool', $password));
}
diff --git a/lib/Crypto/SSHA.php b/lib/Crypto/SSHA.php
index ddae4b2..ff29f0f 100644
--- a/lib/Crypto/SSHA.php
+++ b/lib/Crypto/SSHA.php
@@ -43,7 +43,7 @@ abstract class SSHA extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function checkPassword($password, $dbHash)
+ public function checkPassword($password, $dbHash, $salt = null)
{
$saltedPassword = base64_decode(
preg_replace("/" . $this->getPrefix() . "/i", "", $dbHash)
@@ -94,7 +94,7 @@ abstract class SSHA extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return self::ssha(
$password, Utils::randomString(
diff --git a/lib/Crypto/WCF2.php b/lib/Crypto/WCF2.php
index 498818a..6a8eeef 100644
--- a/lib/Crypto/WCF2.php
+++ b/lib/Crypto/WCF2.php
@@ -31,7 +31,7 @@ class WCF2 extends AbstractCrypt
/**
* @inheritdoc
*/
- public function checkPassword($password, $dbHash)
+ public function checkPassword($password, $dbHash, $salt = null)
{
return hash_equals($dbHash, crypt(crypt($password, $dbHash), $dbHash));
}
@@ -39,7 +39,7 @@ class WCF2 extends AbstractCrypt
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
$salt = $this->getSalt();
return crypt(crypt($password, $salt), $salt);
diff --git a/lib/Crypto/Whirlpool.php b/lib/Crypto/Whirlpool.php
index 7ae6360..97e3b2b 100644
--- a/lib/Crypto/Whirlpool.php
+++ b/lib/Crypto/Whirlpool.php
@@ -43,7 +43,7 @@ class Whirlpool extends AbstractAlgorithm
/**
* @inheritdoc
*/
- public function getPasswordHash($password)
+ public function getPasswordHash($password, $salt = null)
{
return hash('whirlpool', $password);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-23 07:19:30 +0300