Handle salt in Crypto classes
This commit is contained in:
Marcin Łojewski
@@ -65,13 +65,13 @@ abstract class AbstractAlgorithm implements IPasswordAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function checkPassword($password, $dbHash)
|
||||
public function checkPassword($password, $dbHash, $salt = null)
|
||||
{
|
||||
return hash_equals($dbHash, $this->getPasswordHash($password));
|
||||
return hash_equals($dbHash, $this->getPasswordHash($password, $salt));
|
||||
}
|
||||
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public abstract function getPasswordHash($password);
|
||||
public abstract function getPasswordHash($password, $salt = null);
|
||||
}
|
||||
|
||||
@@ -38,7 +38,7 @@ abstract class AbstractCrypt extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function checkPassword($password, $dbHash)
|
||||
public function checkPassword($password, $dbHash, $salt = null)
|
||||
{
|
||||
return hash_equals($dbHash, crypt($password, $dbHash));
|
||||
}
|
||||
@@ -46,7 +46,7 @@ abstract class AbstractCrypt extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return crypt($password, $this->getSalt());
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ class Cleartext extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return $password;
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ class CourierMD5 extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return '{MD5}' . Utils::hexToBase64(md5($password));
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ class CourierMD5Raw extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return '{MD5RAW}' . md5($password);
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ class CourierSHA1 extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return '{SHA}' . Utils::hexToBase64(sha1($password));
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ class CourierSHA256 extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return '{SHA256}' . Utils::hexToBase64(hash('sha256', $password));
|
||||
}
|
||||
|
||||
@@ -44,7 +44,7 @@ class Crypt extends AbstractCrypt
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return password_hash($password, PASSWORD_DEFAULT);
|
||||
}
|
||||
|
||||
@@ -81,7 +81,7 @@ class CryptArgon2 extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function checkPassword($password, $dbHash)
|
||||
public function checkPassword($password, $dbHash, $salt = null)
|
||||
{
|
||||
return password_verify($password, $dbHash);
|
||||
}
|
||||
@@ -89,7 +89,7 @@ class CryptArgon2 extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return password_hash(
|
||||
$password, PASSWORD_ARGON2I, [
|
||||
|
||||
@@ -52,7 +52,7 @@ class CryptBlowfish extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function checkPassword($password, $dbHash)
|
||||
public function checkPassword($password, $dbHash, $salt = null)
|
||||
{
|
||||
return password_verify($password, $dbHash);
|
||||
}
|
||||
@@ -60,7 +60,7 @@ class CryptBlowfish extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return password_hash(
|
||||
$password, PASSWORD_BCRYPT, ["cost" => $this->cost]
|
||||
|
||||
@@ -42,18 +42,20 @@ interface IPasswordAlgorithm
|
||||
* This value is stored in the database, when the password is changed.
|
||||
*
|
||||
* @param String $password The new password.
|
||||
* @param String $salt Optional. Salt value.
|
||||
*
|
||||
* @return boolean True if the password was hashed successfully, false otherwise.
|
||||
*/
|
||||
public function getPasswordHash($password);
|
||||
public function getPasswordHash($password, $salt = null);
|
||||
|
||||
/**
|
||||
* Check password given by the user against hash stored in the database.
|
||||
*
|
||||
* @param String $password Password given by the user.
|
||||
* @param String $dbHash Password hash stored in the database.
|
||||
* @param String $salt Optional. Salt value.
|
||||
*
|
||||
* @return boolean True if the password is correct, false otherwise.
|
||||
*/
|
||||
public function checkPassword($password, $dbHash);
|
||||
public function checkPassword($password, $dbHash, $salt = null);
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ class Joomla extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
$salt = Utils::randomString(
|
||||
32, "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
|
||||
@@ -55,7 +55,7 @@ class Joomla extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function checkPassword($password, $dbHash)
|
||||
public function checkPassword($password, $dbHash, $salt = null)
|
||||
{
|
||||
return hash_equals($dbHash, self::generateHash($password, $dbHash));
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ class MD5 extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return md5($password);
|
||||
}
|
||||
|
||||
@@ -50,7 +50,7 @@ class Phpass extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function checkPassword($password, $dbHash)
|
||||
public function checkPassword($password, $dbHash, $salt = null)
|
||||
{
|
||||
return hash_equals($dbHash, $this->crypt($password, $dbHash));
|
||||
}
|
||||
@@ -136,7 +136,7 @@ class Phpass extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return $this->crypt($password, $this->genSalt());
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ class SHA1 extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return sha1($password);
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ class SHA256 extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return hash('sha256', $password);
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ class SHA512 extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return hash('sha512', $password);
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ class SHA512Whirlpool extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return hash('sha512', hash('whirlpool', $password));
|
||||
}
|
||||
|
||||
@@ -43,7 +43,7 @@ abstract class SSHA extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function checkPassword($password, $dbHash)
|
||||
public function checkPassword($password, $dbHash, $salt = null)
|
||||
{
|
||||
$saltedPassword = base64_decode(
|
||||
preg_replace("/" . $this->getPrefix() . "/i", "", $dbHash)
|
||||
@@ -94,7 +94,7 @@ abstract class SSHA extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return self::ssha(
|
||||
$password, Utils::randomString(
|
||||
|
||||
@@ -31,7 +31,7 @@ class WCF2 extends AbstractCrypt
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function checkPassword($password, $dbHash)
|
||||
public function checkPassword($password, $dbHash, $salt = null)
|
||||
{
|
||||
return hash_equals($dbHash, crypt(crypt($password, $dbHash), $dbHash));
|
||||
}
|
||||
@@ -39,7 +39,7 @@ class WCF2 extends AbstractCrypt
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
$salt = $this->getSalt();
|
||||
return crypt(crypt($password, $salt), $salt);
|
||||
|
||||
@@ -43,7 +43,7 @@ class Whirlpool extends AbstractAlgorithm
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
public function getPasswordHash($password)
|
||||
public function getPasswordHash($password, $salt = null)
|
||||
{
|
||||
return hash('whirlpool', $password);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user