diff options
| author | Marcin Łojewski <marcin.lojewski@mlojewski.me> | 2018-10-03 22:44:02 +0300 |
|---|---|---|
| committer | Marcin Łojewski <marcin.lojewski@mlojewski.me> | 2018-10-03 22:59:16 +0300 |
| commit | 23ccb5d7b07a39f2aac958e590dc2f6451658b00 (patch) | |
| tree | 6da9c0e79cc89bf5ff185599275abce17b8aa5d4 /lib/Crypto | |
| parent | fa436280b75c0142b28347dcbb1fd2cd2ce6a84a (diff) | |
Drupal 7 hash - fixes
Diffstat (limited to 'lib/Crypto')
| -rw-r--r-- | lib/Crypto/Drupal7.php | 50 | ||||
| -rw-r--r-- | lib/Crypto/Phpass.php | 20 |
2 files changed, 31 insertions, 39 deletions
diff --git a/lib/Crypto/Drupal7.php b/lib/Crypto/Drupal7.php index 5b32a91..567e342 100644 --- a/lib/Crypto/Drupal7.php +++ b/lib/Crypto/Drupal7.php @@ -21,54 +21,34 @@ namespace OCA\UserSQL\Crypto; -use OCP\IL10N; - -require_once "Phpass.php"; - /** * Drupal 7 overrides of phpass hash implementation. * * @author BrandonKerr + * @author Marcin Łojewski <dev@mlojewski.me> */ class Drupal7 extends Phpass { - - /** - * The expected (and maximum) number of characters in a hashed password. - */ - const DRUPAL_HASH_LENGTH = 55; + /** + * The expected (and maximum) number of characters in a hashed password. + */ + const DRUPAL_HASH_LENGTH = 55; /** - * @param string $password Password to encrypt. - * @param string $setting Hash settings. - * - * @return string|null Generated hash. Null on invalid settings. + * @inheritdoc */ - private function crypt($password, $setting) + protected function crypt($password, $setting) { - $countLog2 = strpos(self::ITOA64, $setting[3]); - if ($countLog2 < 7 || $countLog2 > 30) { - return null; - } - - $count = 1 << $countLog2; - - $salt = substr($setting, 4, 8); - if (strlen($salt) !== 8) { - return null; - } - - $hash = hash('sha512', $salt . $password, true); - do { - $hash = hash('sha512', $hash . $password, true); - } while (--$count); - - $output = substr($setting, 0, 12); - $output .= $this->encode64($hash, strlen($hash)); - - return substr($output, 0, self::DRUPAL_HASH_LENGTH); + return substr(parent::crypt($password, $setting), 0, self::DRUPAL_HASH_LENGTH); } + /** + * @inheritdoc + */ + protected function hash($input) + { + return hash('sha512', $input, true); + } /** * @inheritdoc diff --git a/lib/Crypto/Phpass.php b/lib/Crypto/Phpass.php index d193917..a430ae3 100644 --- a/lib/Crypto/Phpass.php +++ b/lib/Crypto/Phpass.php @@ -61,7 +61,7 @@ class Phpass extends AbstractAlgorithm * * @return string|null Generated hash. Null on invalid settings. */ - private function crypt($password, $setting) + protected function crypt($password, $setting) { $countLog2 = strpos(self::ITOA64, $setting[3]); if ($countLog2 < 7 || $countLog2 > 30) { @@ -75,18 +75,30 @@ class Phpass extends AbstractAlgorithm return null; } - $hash = md5($salt . $password, true); + $hash = $this->hash($salt . $password); do { - $hash = md5($hash . $password, true); + $hash = $this->hash($hash . $password); } while (--$count); $output = substr($setting, 0, 12); - $output .= $this->encode64($hash, 16); + $output .= $this->encode64($hash, strlen($hash)); return $output; } /** + * Apply hash function to input. + * + * @param string $input Input string. + * + * @return string Hashed input. + */ + protected function hash($input) + { + return md5($input, true); + } + + /** * Encode binary input to base64 string. * * @param string $input Binary data. |