Hash HMAC algo

2020-04-13 14:10:27 +02:00
parent 7e9af00145
commit d7735280a0
18 changed files with 330 additions and 48 deletions
--- a/lib/Crypto/CryptArgon2.php
+++ b/lib/Crypto/CryptArgon2.php
@@ -21,6 +21,7 @@

 namespace OCA\UserSQL\Crypto;

+use OCA\UserSQL\Crypto\Param\IntParam;
 use OCP\IL10N;

 /**
@@ -106,14 +107,14 @@ class CryptArgon2 extends AbstractAlgorithm
    public function configuration()
    {
        return [
-            new CryptoParam(
+            new IntParam(
                "Memory cost (KiB)", PASSWORD_ARGON2_DEFAULT_MEMORY_COST, 1,
                1048576
            ),
-            new CryptoParam(
+            new IntParam(
                "Time cost", PASSWORD_ARGON2_DEFAULT_TIME_COST, 1, 1024
            ),
-            new CryptoParam("Threads", PASSWORD_ARGON2_DEFAULT_THREADS, 1, 1024)
+            new IntParam("Threads", PASSWORD_ARGON2_DEFAULT_THREADS, 1, 1024)
        ];
    }

--- a/lib/Crypto/CryptArgon2id.php
+++ b/lib/Crypto/CryptArgon2id.php
@@ -21,6 +21,7 @@

 namespace OCA\UserSQL\Crypto;

+use OCA\UserSQL\Crypto\Param\IntParam;
 use OCP\IL10N;

 /**
@@ -92,7 +93,7 @@ class CryptArgon2id extends AbstractAlgorithm
    public function getPasswordHash($password, $salt = null)
    {
        return password_hash(
-            $password,  PASSWORD_ARGON2ID, [
+            $password, PASSWORD_ARGON2ID, [
                "memory_cost" => $this->memoryCost,
                "time_cost" => $this->timeCost,
                "threads" => $this->threads
@@ -106,14 +107,14 @@ class CryptArgon2id extends AbstractAlgorithm
    public function configuration()
    {
        return [
-            new CryptoParam(
+            new IntParam(
                "Memory cost (KiB)", PASSWORD_ARGON2_DEFAULT_MEMORY_COST, 1,
                1048576
            ),
-            new CryptoParam(
+            new IntParam(
                "Time cost", PASSWORD_ARGON2_DEFAULT_TIME_COST, 1, 1024
            ),
-            new CryptoParam("Threads", PASSWORD_ARGON2_DEFAULT_THREADS, 1, 1024)
+            new IntParam("Threads", PASSWORD_ARGON2_DEFAULT_THREADS, 1, 1024)
        ];
    }

--- a/lib/Crypto/CryptBlowfish.php
+++ b/lib/Crypto/CryptBlowfish.php
@@ -21,6 +21,7 @@

 namespace OCA\UserSQL\Crypto;

+use OCA\UserSQL\Crypto\Param\IntParam;
 use OCP\IL10N;

 /**
@@ -72,7 +73,7 @@ class CryptBlowfish extends AbstractAlgorithm
     */
    public function configuration()
    {
-        return [new CryptoParam("Cost", 10, 4, 31)];
+        return [new IntParam("Cost", 10, 4, 31)];
    }

    /**
--- a/lib/Crypto/CryptExtendedDES.php
+++ b/lib/Crypto/CryptExtendedDES.php
@@ -21,6 +21,7 @@

 namespace OCA\UserSQL\Crypto;

+use OCA\UserSQL\Crypto\Param\IntParam;
 use OCP\IL10N;

 /**
@@ -53,7 +54,7 @@ class CryptExtendedDES extends AbstractCrypt
     */
    public function configuration()
    {
-        return [new CryptoParam("Iterations", 1000, 0, 16777215)];
+        return [new IntParam("Iterations", 1000, 0, 16777215)];
    }

    /**
--- a/lib/Crypto/CryptSHA256.php
+++ b/lib/Crypto/CryptSHA256.php
@@ -21,6 +21,7 @@

 namespace OCA\UserSQL\Crypto;

+use OCA\UserSQL\Crypto\Param\IntParam;
 use OCP\IL10N;

 /**
@@ -40,7 +41,7 @@ class CryptSHA256 extends AbstractCrypt
     * The class constructor.
     *
     * @param IL10N $localization The localization service.
-     * @param   int $rounds       The number of rounds.
+     * @param int   $rounds       The number of rounds.
     *                            This value must be between 1000 and 999999999.
     */
    public function __construct(IL10N $localization, $rounds = 5000)
@@ -54,7 +55,7 @@ class CryptSHA256 extends AbstractCrypt
     */
    public function configuration()
    {
-        return [new CryptoParam("Rounds", 5000, 1000, 999999999)];
+        return [new IntParam("Rounds", 5000, 1000, 999999999)];
    }

    /**
--- a/lib/Crypto/CryptSHA512.php
+++ b/lib/Crypto/CryptSHA512.php
@@ -21,6 +21,7 @@

 namespace OCA\UserSQL\Crypto;

+use OCA\UserSQL\Crypto\Param\IntParam;
 use OCP\IL10N;

 /**
@@ -40,7 +41,7 @@ class CryptSHA512 extends AbstractCrypt
     * The class constructor.
     *
     * @param IL10N $localization The localization service.
-     * @param   int $rounds       The number of rounds.
+     * @param int   $rounds       The number of rounds.
     *                            This value must be between 1000 and 999999999.
     */
    public function __construct(IL10N $localization, $rounds = 5000)
@@ -54,7 +55,7 @@ class CryptSHA512 extends AbstractCrypt
     */
    public function configuration()
    {
-        return [new CryptoParam("Rounds", 5000, 1000, 999999999)];
+        return [new IntParam("Rounds", 5000, 1000, 999999999)];
    }

    /**
--- a/lib/Crypto/HashHmac.php
+++ b/lib/Crypto/HashHmac.php
@@ -0,0 +1,79 @@
+<?php
+/**
+ * Nextcloud - user_sql
+ *
+ * @copyright 2020 Marcin Łojewski <dev@mlojewski.me>
+ * @author    Marcin Łojewski <dev@mlojewski.me>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\UserSQL\Crypto;
+
+use OCA\UserSQL\Crypto\Param\ChoiceParam;
+use OCP\IL10N;
+
+/**
+ * HMAC hash implementation.
+ *
+ * @see    hash_hmac()
+ * @author Marcin Łojewski <dev@mlojewski.me>
+ */
+class HashHmac extends AbstractAlgorithm
+{
+    const DEFAULT_ALGORITHM = "ripemd160";
+
+    /**
+     * @var string Hashing algorithm name.
+     */
+    private $hashingAlgorithm;
+
+    /**
+     * The class constructor.
+     *
+     * @param IL10N  $localization     The localization service.
+     * @param string $hashingAlgorithm Hashing algorithm name.
+     */
+    public function __construct(IL10N $localization, $hashingAlgorithm = self::DEFAULT_ALGORITHM)
+    {
+        parent::__construct($localization);
+        $this->hashingAlgorithm = $hashingAlgorithm;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getPasswordHash($password, $salt = null)
+    {
+        return hash_hmac($this->hashingAlgorithm, $password, $salt);
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function configuration()
+    {
+        return [
+            new ChoiceParam("Hashing algorithm", self::DEFAULT_ALGORITHM, hash_hmac_algos())
+        ];
+    }
+
+    /**
+     * @inheritdoc
+     */
+    protected function getAlgorithmName()
+    {
+        return "Hash HMAC";
+    }
+}
--- a/lib/Crypto/Param/ChoiceParam.php
+++ b/lib/Crypto/Param/ChoiceParam.php
@@ -0,0 +1,50 @@
+<?php
+/**
+ * Nextcloud - user_sql
+ *
+ * @copyright 2020 Marcin Łojewski <dev@mlojewski.me>
+ * @author    Marcin Łojewski <dev@mlojewski.me>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\UserSQL\Crypto\Param;
+
+/**
+ * A choice parameter of a hash algorithm.
+ *
+ * @author Marcin Łojewski <dev@mlojewski.me>
+ */
+class ChoiceParam extends CryptoParam
+{
+    const TYPE = "choice";
+
+    /**
+     * @var array Available choices.
+     */
+    public $choices;
+
+    /**
+     * Class constructor.
+     *
+     * @param $name      string Parameter name.
+     * @param $value     mixed Parameter default value.
+     * @param $choices   array Available choices.
+     */
+    public function __construct($name, $value = null, $choices = [])
+    {
+        parent::__construct(self::TYPE, $name, $value);
+        $this->choices = $choices;
+    }
+}
--- a/lib/Crypto/Param/CryptoParam.php
+++ b/lib/Crypto/Param/CryptoParam.php
@@ -0,0 +1,57 @@
+<?php
+/**
+ * Nextcloud - user_sql
+ *
+ * @copyright 2020 Marcin Łojewski <dev@mlojewski.me>
+ * @author    Marcin Łojewski <dev@mlojewski.me>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\UserSQL\Crypto\Param;
+
+/**
+ * A parameter of a hash algorithm.
+ *
+ * @author Marcin Łojewski <dev@mlojewski.me>
+ */
+class CryptoParam
+{
+    /**
+     * @var string Type name used in JS.
+     */
+    public $type;
+    /**
+     * @var string Parameter name.
+     */
+    public $name;
+    /**
+     * @var mixed Parameter default value.
+     */
+    public $value;
+
+    /**
+     * Class constructor.
+     *
+     * @param $type  string Type name used in JS.
+     * @param $name  string Parameter name.
+     * @param $value mixed Parameter default value.
+     */
+    public function __construct($type, $name, $value = null)
+    {
+        $this->type = $type;
+        $this->name = $name;
+        $this->value = $value;
+    }
+}
--- a/lib/Crypto/Param/IntParam.php
+++ b/lib/Crypto/Param/IntParam.php
@@ -2,7 +2,7 @@
 /**
 * Nextcloud - user_sql
 *
- * @copyright 2018 Marcin Łojewski <dev@mlojewski.me>
+ * @copyright 2020 Marcin Łojewski <dev@mlojewski.me>
 * @author    Marcin Łojewski <dev@mlojewski.me>
 *
 * This program is free software: you can redistribute it and/or modify
@@ -19,23 +19,17 @@
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

-namespace OCA\UserSQL\Crypto;
+namespace OCA\UserSQL\Crypto\Param;

 /**
- * A parameter of a hash algorithm.
+ * An integer parameter of a hash algorithm.
 *
 * @author Marcin Łojewski <dev@mlojewski.me>
 */
-class CryptoParam
+class IntParam extends CryptoParam
 {
-    /**
-     * @var string Parameter name.
-     */
-    public $name;
-    /**
-     * @var int Parameter default value.
-     */
-    public $value;
+    const TYPE = "int";
+
    /**
     * @var int Minimal value for parameter.
     */
@@ -55,8 +49,7 @@ class CryptoParam
     */
    public function __construct($name, $value = null, $min = null, $max = null)
    {
-        $this->name = $name;
-        $this->value = $value;
+        parent::__construct(self::TYPE, $name, $value);
        $this->min = $min;
        $this->max = $max;
    }
--- a/lib/Crypto/Phpass.php
+++ b/lib/Crypto/Phpass.php
@@ -21,6 +21,7 @@

 namespace OCA\UserSQL\Crypto;

+use OCA\UserSQL\Crypto\Param\IntParam;
 use OCP\IL10N;

 /**
@@ -160,7 +161,7 @@ class Phpass extends AbstractAlgorithm
     */
    public function configuration()
    {
-        return [new CryptoParam("Iterations (log2)", 8, 4, 31)];
+        return [new IntParam("Iterations (log2)", 8, 4, 31)];
    }

    /**