spacefreak/user_sql
1
0
Fork 0
Code Pull Requests Activity

New hashing algorithms.

Browse Source
This commit is contained in:
Marcin Łojewski
2018-03-02 09:09:09 +01:00
parent 3d901e3fc2
commit ed5ec82479
23 changed files with 806 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
lib/HashAlgorithm/Base/BaseCrypt.php Normal file
View File

@@ -0,0 +1,60 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\UserSQL\HashAlgorithm\Base;
/**
* Implements standard Unix DES-based algorithm or
* alternative algorithms that may be available on the system.
* @see crypt()
* @author Marcin Łojewski <dev@mlojewski.me>
*/
abstract class BaseCrypt implements HashAlgorithm
{
use Singleton;
const SALT_ALPHABET = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
/**
* @inheritdoc
*/
abstract public function getVisibleName();
/**
* @inheritdoc
*/
public function checkPassword($password, $dbHash)
{
return hash_equals($dbHash, crypt($password, $dbHash));
}
/**
* @inheritdoc
*/
public function getPasswordHash($password)
{
return crypt($password, self::getSalt());
}
/**
* Generate salt for hashing algorithm.
* @return string
*/
protected abstract function getSalt();
}

4
lib/HashAlgorithm/HashAlgorithm.php → lib/HashAlgorithm/Base/HashAlgorithm.php
View File

@@ -1,7 +1,7 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2012-2018 Andreas Böhler <dev (at) aboehler (dot) at>
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@@ -17,7 +17,7 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\user_sql\HashAlgorithm;
namespace OCA\UserSQL\HashAlgorithm\Base;
/**
* Interface which defines all function required by a hash algorithm.

75
lib/HashAlgorithm/Base/SSHA.php Normal file
View File

@@ -0,0 +1,75 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\UserSQL\HashAlgorithm\Base;
/**
* SSHA* hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
abstract class SSHA implements HashAlgorithm
{
use Singleton;
use Utils;
/**
* @inheritdoc
*/
public function checkPassword($password, $dbHash)
{
$saltedPassword = base64_decode(preg_replace("/" . $this->getPrefix() . "/i", "", $dbHash));
$salt = substr($saltedPassword, -(strlen($saltedPassword) - 32));
$hash = self::ssha($password, $salt);
return hash_equals($dbHash, $hash);
}
/**
* Get hash prefix eg. {SSHA256}.
* @return string
*/
public abstract function getPrefix();
/**
* Encrypt using SSHA256 algorithm
* @param string $password The password.
* @param string $salt The salt to use.
* @return string The hashed password, prefixed by {SSHA256}.
*/
private function ssha($password, $salt)
{
return $this->getPrefix() . base64_encode(hash($this->getAlgorithm(), $password . $salt, true) . $salt);
}
/**
* Get algorithm used by the hash() function.
* @see hash()
* @return string
*/
public abstract function getAlgorithm();
/**
* @inheritdoc
*/
public function getPasswordHash($password)
{
return self::ssha($password,
self::randomString(32, "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"));
}
}

4
lib/HashAlgorithm/Base/Singleton.php
View File

@@ -1,7 +1,7 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2012-2018 Andreas Böhler <dev (at) aboehler (dot) at>
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@@ -17,7 +17,7 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\user_sql\HashAlgorithm\Base;
namespace OCA\UserSQL\HashAlgorithm\Base;
/**
* Singleton pattern trait.

23
lib/HashAlgorithm/Base/Base64.php → lib/HashAlgorithm/Base/Utils.php
View File

@@ -1,7 +1,7 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2012-2018 Andreas Böhler <dev (at) aboehler (dot) at>
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@@ -17,13 +17,13 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\user_sql\HashAlgorithm\Base;
namespace OCA\UserSQL\HashAlgorithm\Base;
/**
* Base64 utilities trait.
* Cryptographic utilities trait.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
trait Base64
trait Utils
{
/**
* Convert hexadecimal message to its base64 form.
@@ -38,4 +38,19 @@ trait Base64
}
return base64_encode($hexChr);
}
/**
* Generate random string from given alphabet.
* @param $length int Output string length.
* @param $alphabet string Output string alphabet.
* @return string Random string from given alphabet.
*/
private static function randomString($length, $alphabet)
{
$string = "";
for ($i = 0; $i != $length; ++$i) {
$string .= $alphabet[mt_rand(0, strlen($alphabet) - 1)];
}
return $string;
}
}

9
lib/HashAlgorithm/Cleartext.php
View File

@@ -1,7 +1,7 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2012-2018 Andreas Böhler <dev (at) aboehler (dot) at>
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@@ -17,12 +17,13 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\user_sql\HashAlgorithm;
namespace OCA\UserSQL\HashAlgorithm;
use OCA\user_sql\HashAlgorithm\Base\Singleton;
use OCA\UserSQL\HashAlgorithm\Base\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\Singleton;
/**
* Cleartext password hash implementation.
* Cleartext password implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class Cleartext implements HashAlgorithm

13
lib/HashAlgorithm/CourierMD5.php
View File

@@ -1,7 +1,7 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2012-2018 Andreas Böhler <dev (at) aboehler (dot) at>
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@@ -17,19 +17,20 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\user_sql\HashAlgorithm;
namespace OCA\UserSQL\HashAlgorithm;
use OCA\user_sql\HashAlgorithm\Base\Base64;
use OCA\user_sql\HashAlgorithm\Base\Singleton;
use OCA\UserSQL\HashAlgorithm\Base\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\Singleton;
use OCA\UserSQL\HashAlgorithm\Base\Utils;
/**
* Courier MD5 password hash implementation.
* Courier MD5 hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class CourierMD5 implements HashAlgorithm
{
use Base64;
use Singleton;
use Utils;
/**
* @inheritdoc

9
lib/HashAlgorithm/CourierMD5Raw.php
View File

@@ -1,7 +1,7 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2012-2018 Andreas Böhler <dev (at) aboehler (dot) at>
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@@ -17,12 +17,13 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\user_sql\HashAlgorithm;
namespace OCA\UserSQL\HashAlgorithm;
use OCA\user_sql\HashAlgorithm\Base\Singleton;
use OCA\UserSQL\HashAlgorithm\Base\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\Singleton;
/**
* Courier MD5 RAW password hash implementation.
* Courier MD5 RAW hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class CourierMD5Raw implements HashAlgorithm

13
lib/HashAlgorithm/CourierSHA1.php
View File

@@ -1,7 +1,7 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2012-2018 Andreas Böhler <dev (at) aboehler (dot) at>
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@@ -17,19 +17,20 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\user_sql\HashAlgorithm;
namespace OCA\UserSQL\HashAlgorithm;
use OCA\user_sql\HashAlgorithm\Base\Base64;
use OCA\user_sql\HashAlgorithm\Base\Singleton;
use OCA\UserSQL\HashAlgorithm\Base\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\Singleton;
use OCA\UserSQL\HashAlgorithm\Base\Utils;
/**
* Courier SHA1 password hash implementation.
* Courier SHA1 hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class CourierSHA1 implements HashAlgorithm
{
use Base64;
use Singleton;
use Utils;
/**
* @inheritdoc

13
lib/HashAlgorithm/CourierSHA256.php
View File

@@ -1,7 +1,7 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2012-2018 Andreas Böhler <dev (at) aboehler (dot) at>
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@@ -17,19 +17,20 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\user_sql\HashAlgorithm;
namespace OCA\UserSQL\HashAlgorithm;
use OCA\user_sql\HashAlgorithm\Base\Base64;
use OCA\user_sql\HashAlgorithm\Base\Singleton;
use OCA\UserSQL\HashAlgorithm\Base\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\Singleton;
use OCA\UserSQL\HashAlgorithm\Base\Utils;
/**
* Courier SHA256 password hash implementation.
* Courier SHA256 hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class CourierSHA256 implements HashAlgorithm
{
use Base64;
use Singleton;
use Utils;
/**
* @inheritdoc

59
lib/HashAlgorithm/Crypt.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\UserSQL\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\Singleton;
/**
* Implements standard Unix DES-based algorithm or
* alternative algorithms that may be available on the system.
* This implementation does not support password changing.
* @see crypt()
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class Crypt implements HashAlgorithm
{
use Singleton;
/**
* @inheritdoc
*/
public function getVisibleName()
{
return "Crypt (Unix)";
}
/**
* @inheritdoc
*/
public function checkPassword($password, $dbHash)
{
return hash_equals($dbHash, crypt($password, $dbHash));
}
/**
* @inheritdoc
*/
public function getPasswordHash($password)
{
return password_hash($password, PASSWORD_DEFAULT);
}
}

57
lib/HashAlgorithm/CryptArgon2.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\UserSQL\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\Singleton;
/**
* Argon2 Crypt hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class CryptArgon2 implements HashAlgorithm
{
use Singleton;
/**
* @inheritdoc
*/
public function getVisibleName()
{
return "Argon2 (Crypt)";
}
/**
* @inheritdoc
*/
public function checkPassword($password, $dbHash)
{
return password_verify($password, $dbHash);
}
/**
* @inheritdoc
*/
public function getPasswordHash($password)
{
// TODO - add support for options: memory_cost, time_cost, threads.
return password_hash($password, PASSWORD_ARGON2I);
}
}

57
lib/HashAlgorithm/CryptBlowfish.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\UserSQL\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\Singleton;
/**
* Blowfish Crypt hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class CryptBlowfish implements HashAlgorithm
{
use Singleton;
/**
* @inheritdoc
*/
public function getVisibleName()
{
return "Blowfish (Crypt)";
}
/**
* @inheritdoc
*/
public function checkPassword($password, $dbHash)
{
return password_verify($password, $dbHash);
}
/**
* @inheritdoc
*/
public function getPasswordHash($password)
{
// TODO - add support for options: cost.
return password_hash($password, PASSWORD_BCRYPT);
}
}

63
lib/HashAlgorithm/CryptExtendedDES.php Normal file
View File

@@ -0,0 +1,63 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\UserSQL\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\BaseCrypt;
use OCA\UserSQL\HashAlgorithm\Base\Utils;
/**
* Extended DES Crypt hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class CryptExtendedDES extends BaseCrypt
{
use Utils;
/**
* @inheritdoc
*/
public function getVisibleName()
{
return "Extended DES (Crypt)";
}
/**
* @inheritdoc
*/
protected function getSalt()
{
// TODO - add support for options: iteration_count.
return self::base64IntEncode(1000) . self::randomString(4, self::SALT_ALPHABET);
}
private static function base64IntEncode($number)
{
$alphabet = str_split(self::SALT_ALPHABET);
$chars = array();
$base = sizeof($alphabet);
while ($number) {
$rem = $number % $base;
$number = (int)($number / $base);
$arr[] = $alphabet[$rem];
}
$string = implode($chars);
return str_pad($string, 4, '.', STR_PAD_RIGHT);
}
}

48
lib/HashAlgorithm/CryptMD5.php Normal file
View File

@@ -0,0 +1,48 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\UserSQL\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\BaseCrypt;
use OCA\UserSQL\HashAlgorithm\Base\Utils;
/**
* MD5 Crypt hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class CryptMD5 extends BaseCrypt
{
use Utils;
/**
* @inheritdoc
*/
public function getVisibleName()
{
return "MD5 (Crypt)";
}
/**
* @inheritdoc
*/
protected function getSalt()
{
return "$1$" . self::randomString(8, self::SALT_ALPHABET) . "$";
}
}

49
lib/HashAlgorithm/CryptSHA256.php Normal file
View File

@@ -0,0 +1,49 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\UserSQL\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\BaseCrypt;
use OCA\UserSQL\HashAlgorithm\Base\Utils;
/**
* SHA256 Crypt hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class CryptSHA256 extends BaseCrypt
{
use Utils;
/**
* @inheritdoc
*/
public function getVisibleName()
{
return "SHA256 (Crypt)";
}
/**
* @inheritdoc
*/
protected function getSalt()
{
// TODO - add support for options: rounds.
return "$5\$rounds=5000$" . self::randomString(16, self::SALT_ALPHABET) . "$";
}
}

49
lib/HashAlgorithm/CryptSHA512.php Normal file
View File

@@ -0,0 +1,49 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\UserSQL\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\BaseCrypt;
use OCA\UserSQL\HashAlgorithm\Base\Utils;
/**
* SHA512 Crypt hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class CryptSHA512 extends BaseCrypt
{
use Utils;
/**
* @inheritdoc
*/
public function getVisibleName()
{
return "SHA512 (Crypt)";
}
/**
* @inheritdoc
*/
protected function getSalt()
{
// TODO - add support for options: rounds.
return "$5\$rounds=5000$" . self::randomString(16, self::SALT_ALPHABET) . "$";
}
}

48
lib/HashAlgorithm/CryptStandardDES.php Normal file
View File

@@ -0,0 +1,48 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\UserSQL\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\BaseCrypt;
use OCA\UserSQL\HashAlgorithm\Base\Utils;
/**
* Standard DES Crypt hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class CryptStandardDES extends BaseCrypt
{
use Utils;
/**
* @inheritdoc
*/
public function getVisibleName()
{
return "Standard DES (Crypt)";
}
/**
* @inheritdoc
*/
protected function getSalt()
{
return self::randomString(2, self::SALT_ALPHABET);
}
}

71
lib/HashAlgorithm/Joomla.php Normal file
View File

@@ -0,0 +1,71 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\UserSQL\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\Singleton;
use OCA\UserSQL\HashAlgorithm\Base\Utils;
/**
* Joomla hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class Joomla implements HashAlgorithm
{
use Singleton;
use Utils;
/**
* @inheritdoc
*/
public function getVisibleName()
{
return "Joomla MD5 Encryption";
}
/**
* @inheritdoc
*/
public function getPasswordHash($password)
{
return md5($password . ":" . self::randomString(32,
"0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"));
}
/**
* @inheritdoc
*/
public function checkPassword($password, $dbHash)
{
return hash_equals($dbHash, self::generateHash($password, $dbHash));
}
private static function generateHash($password, $dbHash)
{
$split_salt = preg_split("/:/", $dbHash);
$salt = false;
if (isset($split_salt[1])) {
$salt = $split_salt[1];
}
$pwHash = ($salt) ? md5($password . $salt) : md5($password);
$pwHash .= ":" . $salt;
return $pwHash;
}
}

9
lib/HashAlgorithm/MD5.php
View File

@@ -1,7 +1,7 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2012-2018 Andreas Böhler <dev (at) aboehler (dot) at>
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@@ -17,12 +17,13 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\user_sql\HashAlgorithm;
namespace OCA\UserSQL\HashAlgorithm;
use OCA\user_sql\HashAlgorithm\Base\Singleton;
use OCA\UserSQL\HashAlgorithm\Base\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\Singleton;
/**
* MD5 password hash implementation.
* MD5 hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class MD5 implements HashAlgorithm

9
lib/HashAlgorithm/SHA1.php
View File

@@ -1,7 +1,7 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2012-2018 Andreas Böhler <dev (at) aboehler (dot) at>
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
@@ -17,12 +17,13 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\user_sql\HashAlgorithm;
namespace OCA\UserSQL\HashAlgorithm;
use OCA\user_sql\HashAlgorithm\Base\Singleton;
use OCA\UserSQL\HashAlgorithm\Base\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\Singleton;
/**
* SHA1 password hash implementation.
* SHA1 hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class SHA1 implements HashAlgorithm

53
lib/HashAlgorithm/SSHA256.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\UserSQL\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\SSHA;
/**
* SSHA256 hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class SSHA256 extends SSHA
{
/**
* @inheritdoc
*/
public function getVisibleName()
{
return "SSHA256";
}
/**
* @inheritdoc
*/
public function getPrefix()
{
return "{SSHA256}";
}
/**
* @inheritdoc
*/
public function getAlgorithm()
{
return "sha256";
}
}

53
lib/HashAlgorithm/SSHA512.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
/**
* Nextcloud - user_sql
* Copyright (C) 2018 Marcin Łojewski <dev@mlojewski.me>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace OCA\UserSQL\HashAlgorithm;
use OCA\UserSQL\HashAlgorithm\Base\SSHA;
/**
* SSHA512 hashing implementation.
* @author Marcin Łojewski <dev@mlojewski.me>
*/
class SSHA512 extends SSHA
{
/**
* @inheritdoc
*/
public function getVisibleName()
{
return "SSHA512";
}
/**
* @inheritdoc
*/
public function getPrefix()
{
return "{SSHA512}";
}
/**
* @inheritdoc
*/
public function getAlgorithm()
{
return "sha512";
}
}