Issues in PassHash.php - Failed Issues - Inspection of "Add "default" keyword support for interwiki links" - splitbrain/dokuwiki - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — interwiki-remove-golucky ( 52fcdb...768be5 )

by Henry

created 2019-10-20 19:49 UTC

inc/PassHash.php (1 issue)

Labels

Unused Code 1

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
// phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps

namespace dokuwiki;

/**
 * Password Hashing Class
 *
 * This class implements various mechanisms used to hash passwords
 *
 * @author  Andreas Gohr <[email protected]>
 * @license LGPL2
 */
class PassHash {
    /**
     * Verifies a cleartext password against a crypted hash
     *
     * The method and salt used for the crypted hash is determined automatically,
     * then the clear text password is crypted using the same method. If both hashs
     * match true is is returned else false
     *
     * @author  Andreas Gohr <[email protected]>
     *
     * @param string $clear Clear-Text password
     * @param string $hash  Hash to compare against
     * @return  bool
     */
    public function verify_hash($clear, $hash) {
        $method = '';
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
        $salt   = '';
        $magic  = '';

        //determine the used method and salt
        $len = strlen($hash);
        if(preg_match('/^\$1\$([^\$]{0,8})\$/', $hash, $m)) {
            $method = 'smd5';
            $salt   = $m[1];
            $magic  = '1';
        } elseif(preg_match('/^\$apr1\$([^\$]{0,8})\$/', $hash, $m)) {
            $method = 'apr1';
            $salt   = $m[1];
            $magic  = 'apr1';
        } elseif(preg_match('/^\$P\$(.{31})$/', $hash, $m)) {
            $method = 'pmd5';
            $salt   = $m[1];
            $magic  = 'P';
        } elseif(preg_match('/^\$H\$(.{31})$/', $hash, $m)) {
            $method = 'pmd5';
            $salt = $m[1];
            $magic = 'H';
        } elseif(preg_match('/^pbkdf2_(\w+?)\$(\d+)\$(.{12})\$/', $hash, $m)) {
            $method = 'djangopbkdf2';
            $magic = array(
                'algo' => $m[1],
                'iter' => $m[2],
            );
            $salt = $m[3];
        } elseif(preg_match('/^sha1\$(.{5})\$/', $hash, $m)) {
            $method = 'djangosha1';
            $salt   = $m[1];
        } elseif(preg_match('/^md5\$(.{5})\$/', $hash, $m)) {
            $method = 'djangomd5';
            $salt   = $m[1];
        } elseif(preg_match('/^\$2(a|y)\$(.{2})\$/', $hash, $m)) {
            $method = 'bcrypt';
            $salt   = $hash;
        } elseif(substr($hash, 0, 6) == '{SSHA}') {
            $method = 'ssha';
            $salt   = substr(base64_decode(substr($hash, 6)), 20);
        } elseif(substr($hash, 0, 6) == '{SMD5}') {
            $method = 'lsmd5';
            $salt   = substr(base64_decode(substr($hash, 6)), 16);
        } elseif(preg_match('/^:B:(.+?):.{32}$/', $hash, $m)) {
            $method = 'mediawiki';
            $salt   = $m[1];
        } elseif(preg_match('/^\$6\$(rounds=\d+)?\$?(.+?)\$/', $hash, $m)) {
            $method = 'sha512';
            $salt   = $m[2];
            $magic  = $m[1];
        } elseif($len == 32) {
            $method = 'md5';
        } elseif($len == 40) {
            $method = 'sha1';
        } elseif($len == 16) {
            $method = 'mysql';
        } elseif($len == 41 && $hash[0] == '*') {
            $method = 'my411';
        } elseif($len == 34) {
            $method = 'kmd5';
            $salt   = $hash;
        } else {
            $method = 'crypt';
            $salt   = substr($hash, 0, 2);
        }

        //crypt and compare
        $call = 'hash_'.$method;
        $newhash = $this->$call($clear, $salt, $magic);
        if(\hash_equals($newhash, $hash)) {
            return true;
        }
        return false;
    }

    /**
     * Create a random salt
     *
     * @param int $len The length of the salt
     * @return string
     */
    public function gen_salt($len = 32) {
        $salt  = '';
        $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
        for($i = 0; $i < $len; $i++) {
            $salt .= $chars[$this->random(0, 61)];
        }
        return $salt;
    }

    /**
     * Initialize the passed variable with a salt if needed.
     *
     * If $salt is not null, the value is kept, but the lenght restriction is
     * applied (unless, $cut is false).
     *
     * @param string|null &$salt  The salt, pass null if you want one generated
     * @param int          $len   The length of the salt
     * @param bool         $cut   Apply length restriction to existing salt?
     */
    public function init_salt(&$salt, $len = 32, $cut = true) {
        if(is_null($salt)) {
            $salt = $this->gen_salt($len);
            $cut  = true; // for new hashes we alway apply length restriction
        }
        if(strlen($salt) > $len && $cut) $salt = substr($salt, 0, $len);
    }

    // Password hashing methods follow below

    /**
     * Password hashing method 'smd5'
     *
     * Uses salted MD5 hashs. Salt is 8 bytes long.
     *
     * The same mechanism is used by Apache's 'apr1' method. This will
     * fallback to a implementation in pure PHP if MD5 support is not
     * available in crypt()
     *
     * @author Andreas Gohr <[email protected]>
     * @author <mikey_nich at hotmail dot com>
     * @link   http://php.net/manual/en/function.crypt.php#73619
     *
     * @param string $clear The clear text to hash
     * @param string $salt  The salt to use, null for random
     * @return string Hashed password
     */
    public function hash_smd5($clear, $salt = null) {
        $this->init_salt($salt, 8);

        if(defined('CRYPT_MD5') && CRYPT_MD5 && $salt !== '') {
            return crypt($clear, '$1$'.$salt.'$');
        } else {
            // Fall back to PHP-only implementation
            return $this->hash_apr1($clear, $salt, '1');
        }
    }

    /**
     * Password hashing method 'lsmd5'
     *
     * Uses salted MD5 hashs. Salt is 8 bytes long.
     *
     * This is the format used by LDAP.
     *
     * @param string $clear The clear text to hash
     * @param string $salt  The salt to use, null for random
     * @return string Hashed password
     */
    public function hash_lsmd5($clear, $salt = null) {
        $this->init_salt($salt, 8);
        return "{SMD5}".base64_encode(md5($clear.$salt, true).$salt);
    }

    /**
     * Password hashing method 'apr1'
     *
     * Uses salted MD5 hashs. Salt is 8 bytes long.
     *
     * This is basically the same as smd1 above, but as used by Apache.
     *
     * @author <mikey_nich at hotmail dot com>
     * @link   http://php.net/manual/en/function.crypt.php#73619
     *
     * @param string $clear The clear text to hash
     * @param string $salt  The salt to use, null for random
     * @param string $magic The hash identifier (apr1 or 1)
     * @return string Hashed password
     */
    public function hash_apr1($clear, $salt = null, $magic = 'apr1') {
        $this->init_salt($salt, 8);

        $len  = strlen($clear);
        $text = $clear.'$'.$magic.'$'.$salt;
        $bin  = pack("H32", md5($clear.$salt.$clear));
        for($i = $len; $i > 0; $i -= 16) {
            $text .= substr($bin, 0, min(16, $i));
        }
        for($i = $len; $i > 0; $i >>= 1) {
            $text .= ($i & 1) ? chr(0) : $clear{0};
        }
        $bin = pack("H32", md5($text));
        for($i = 0; $i < 1000; $i++) {
            $new = ($i & 1) ? $clear : $bin;
            if($i % 3) $new .= $salt;
            if($i % 7) $new .= $clear;
            $new .= ($i & 1) ? $bin : $clear;
            $bin = pack("H32", md5($new));
        }
        $tmp = '';
        for($i = 0; $i < 5; $i++) {
            $k = $i + 6;
            $j = $i + 12;
            if($j == 16) $j = 5;
            $tmp = $bin[$i].$bin[$k].$bin[$j].$tmp;
        }
        $tmp = chr(0).chr(0).$bin[11].$tmp;
        $tmp = strtr(
            strrev(substr(base64_encode($tmp), 2)),
            "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",
            "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
        );
        return '$'.$magic.'$'.$salt.'$'.$tmp;
    }

    /**
     * Password hashing method 'md5'
     *
     * Uses MD5 hashs.
     *
     * @param string $clear The clear text to hash
     * @return string Hashed password
     */
    public function hash_md5($clear) {
        return md5($clear);
    }

    /**
     * Password hashing method 'sha1'
     *
     * Uses SHA1 hashs.
     *
     * @param string $clear The clear text to hash
     * @return string Hashed password
     */
    public function hash_sha1($clear) {
        return sha1($clear);
    }

    /**
     * Password hashing method 'ssha' as used by LDAP
     *
     * Uses salted SHA1 hashs. Salt is 4 bytes long.
     *
     * @param string $clear The clear text to hash
     * @param string $salt  The salt to use, null for random
     * @return string Hashed password
     */
    public function hash_ssha($clear, $salt = null) {
        $this->init_salt($salt, 4);
        return '{SSHA}'.base64_encode(pack("H*", sha1($clear.$salt)).$salt);
    }

    /**
     * Password hashing method 'crypt'
     *
     * Uses salted crypt hashs. Salt is 2 bytes long.
     *
     * @param string $clear The clear text to hash
     * @param string $salt  The salt to use, null for random
     * @return string Hashed password
     */
    public function hash_crypt($clear, $salt = null) {
        $this->init_salt($salt, 2);
        return crypt($clear, $salt);
    }

    /**
     * Password hashing method 'mysql'
     *
     * This method was used by old MySQL systems
     *
     * @link   http://php.net/mysql
     * @author <soren at byu dot edu>
     * @param string $clear The clear text to hash
     * @return string Hashed password
     */
    public function hash_mysql($clear) {
        $nr      = 0x50305735;
        $nr2     = 0x12345671;
        $add     = 7;
        $charArr = preg_split("//", $clear);
        foreach($charArr as $char) {
            if(($char == '') || ($char == ' ') || ($char == '\t')) continue;
            $charVal = ord($char);
            $nr ^= ((($nr & 63) + $add) * $charVal) + ($nr << 8);
            $nr2 += ($nr2 << 8) ^ $nr;
            $add += $charVal;
        }
        return sprintf("%08x%08x", ($nr & 0x7fffffff), ($nr2 & 0x7fffffff));
    }

    /**
     * Password hashing method 'my411'
     *
     * Uses SHA1 hashs. This method is used by MySQL 4.11 and above
     *
     * @param string $clear The clear text to hash
     * @return string Hashed password
     */
    public function hash_my411($clear) {
        return '*'.strtoupper(sha1(pack("H*", sha1($clear))));
    }

    /**
     * Password hashing method 'kmd5'
     *
     * Uses salted MD5 hashs.
     *
     * Salt is 2 bytes long, but stored at position 16, so you need to pass at
     * least 18 bytes. You can pass the crypted hash as salt.
     *
     * @param string $clear The clear text to hash
     * @param string $salt  The salt to use, null for random
     * @return string Hashed password
     */
    public function hash_kmd5($clear, $salt = null) {
        $this->init_salt($salt);

        $key   = substr($salt, 16, 2);
        $hash1 = strtolower(md5($key.md5($clear)));
        $hash2 = substr($hash1, 0, 16).$key.substr($hash1, 16);
        return $hash2;
    }

    /**
     * Password hashing method 'pmd5'
     *
     * Uses salted MD5 hashs. Salt is 1+8 bytes long, 1st byte is the
     * iteration count when given, for null salts $compute is used.
     *
     * The actual iteration count is the given count squared, maximum is
     * 30 (-> 1073741824). If a higher one is given, the function throws
     * an exception.
     *
     * @link  http://www.openwall.com/phpass/
     *
     * @param string $clear   The clear text to hash
     * @param string $salt    The salt to use, null for random
     * @param string $magic   The hash identifier (P or H)
     * @param int    $compute The iteration count for new passwords
     * @throws \Exception
     * @return string Hashed password
     */
    public function hash_pmd5($clear, $salt = null, $magic = 'P', $compute = 8) {
        $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
        if(is_null($salt)) {
            $this->init_salt($salt);
            $salt = $itoa64[$compute].$salt; // prefix iteration count
        }
        $iterc = $salt[0]; // pos 0 of salt is iteration count
        $iter  = strpos($itoa64, $iterc);

        if($iter > 30) {
            throw new \Exception("Too high iteration count ($iter) in ".
                                    __CLASS__.'::'.__FUNCTION__);
        }

        $iter = 1 << $iter;
        $salt = substr($salt, 1, 8);

        // iterate
        $hash = md5($salt.$clear, true);
        do {
            $hash = md5($hash.$clear, true);
        } while(--$iter);

        // encode
        $output = '';
        $count  = 16;
        $i      = 0;
        do {
            $value = ord($hash[$i++]);
            $output .= $itoa64[$value & 0x3f];
            if($i < $count)
                $value |= ord($hash[$i]) << 8;
            $output .= $itoa64[($value >> 6) & 0x3f];
            if($i++ >= $count)
                break;
            if($i < $count)
                $value |= ord($hash[$i]) << 16;
            $output .= $itoa64[($value >> 12) & 0x3f];
            if($i++ >= $count)
                break;
            $output .= $itoa64[($value >> 18) & 0x3f];
        } while($i < $count);

        return '$'.$magic.'$'.$iterc.$salt.$output;
    }

    /**
     * Alias for hash_pmd5
     *
     * @param string $clear
     * @param null|string $salt
     * @param string $magic
     * @param int $compute
     *
     * @return string
     * @throws \Exception
     */
    public function hash_hmd5($clear, $salt = null, $magic = 'H', $compute = 8) {
        return $this->hash_pmd5($clear, $salt, $magic, $compute);
    }

    /**
     * Password hashing method 'djangosha1'
     *
     * Uses salted SHA1 hashs. Salt is 5 bytes long.
     * This is used by the Django Python framework
     *
     * @link http://docs.djangoproject.com/en/dev/topics/auth/#passwords
     *
     * @param string $clear The clear text to hash
     * @param string $salt  The salt to use, null for random
     * @return string Hashed password
     */
    public function hash_djangosha1($clear, $salt = null) {
        $this->init_salt($salt, 5);
        return 'sha1$'.$salt.'$'.sha1($salt.$clear);
    }

    /**
     * Password hashing method 'djangomd5'
     *
     * Uses salted MD5 hashs. Salt is 5 bytes long.
     * This is used by the Django Python framework
     *
     * @link http://docs.djangoproject.com/en/dev/topics/auth/#passwords
     *
     * @param string $clear The clear text to hash
     * @param string $salt  The salt to use, null for random
     * @return string Hashed password
     */
    public function hash_djangomd5($clear, $salt = null) {
        $this->init_salt($salt, 5);
        return 'md5$'.$salt.'$'.md5($salt.$clear);
    }

    /**
     * Password hashing method 'djangopbkdf2'
     *
     * An algorithm and iteration count should be given in the opts array.
     * Defaults to sha256 and 24000 iterations
     *
     * @param string $clear The clear text to hash
     * @param string $salt  The salt to use, null for random
     * @param array $opts ('algo' => hash algorithm, 'iter' => iterations)
     * @return string Hashed password
     * @throws \Exception when PHP is missing support for the method/algo
     */
    public function hash_djangopbkdf2($clear, $salt=null, $opts=array()) {
        $this->init_salt($salt, 12);
        if(empty($opts['algo'])) {
            $algo = 'sha256';
        } else {
            $algo = $opts['algo'];
        }
        if(empty($opts['iter'])) {
            $iter = 24000;
        } else {
            $iter = (int) $opts['iter'];
        }
        if(!function_exists('hash_pbkdf2')) {
            throw new \Exception('This PHP installation has no PBKDF2 support');
        }
        if(!in_array($algo, hash_algos())) {
            throw new \Exception("This PHP installation has no $algo support");
        }

        $hash = base64_encode(hash_pbkdf2($algo, $clear, $salt, $iter, 0, true));
        return "pbkdf2_$algo\$$iter\$$salt\$$hash";
    }

    /**
     * Alias for djangopbkdf2 defaulting to sha256 as hash algorithm
     *
     * @param string $clear The clear text to hash
     * @param string $salt  The salt to use, null for random
     * @param array $opts ('iter' => iterations)
     * @return string Hashed password
     * @throws \Exception when PHP is missing support for the method/algo
     */
    public function hash_djangopbkdf2_sha256($clear, $salt=null, $opts=array()) {
        $opts['algo'] = 'sha256';
        return $this->hash_djangopbkdf2($clear, $salt, $opts);
    }

    /**
     * Alias for djangopbkdf2 defaulting to sha1 as hash algorithm
     *
     * @param string $clear The clear text to hash
     * @param string $salt  The salt to use, null for random
     * @param array $opts ('iter' => iterations)
     * @return string Hashed password
     * @throws \Exception when PHP is missing support for the method/algo
     */
    public function hash_djangopbkdf2_sha1($clear, $salt=null, $opts=array()) {
        $opts['algo'] = 'sha1';
        return $this->hash_djangopbkdf2($clear, $salt, $opts);
    }

    /**
     * Passwordhashing method 'bcrypt'
     *
     * Uses a modified blowfish algorithm called eksblowfish
     * This method works on PHP 5.3+ only and will throw an exception
     * if the needed crypt support isn't available
     *
     * A full hash should be given as salt (starting with $a2$) or this
     * will break. When no salt is given, the iteration count can be set
     * through the $compute variable.
     *
     * @param string $clear   The clear text to hash
     * @param string $salt    The salt to use, null for random
     * @param int    $compute The iteration count (between 4 and 31)
     * @throws \Exception
     * @return string Hashed password
     */
    public function hash_bcrypt($clear, $salt = null, $compute = 10) {
        if(!defined('CRYPT_BLOWFISH') || CRYPT_BLOWFISH != 1) {
            throw new \Exception('This PHP installation has no bcrypt support');
        }

        if(is_null($salt)) {
            if($compute < 4 || $compute > 31) $compute = 8;
            $salt = '$2y$'.str_pad($compute, 2, '0', STR_PAD_LEFT).'$'.
                $this->gen_salt(22);
        }

        return crypt($clear, $salt);
    }

    /**
     * Password hashing method SHA512
     *
     * This is only supported on PHP 5.3.2 or higher and will throw an exception if
     * the needed crypt support is not available
     *
     * @param string $clear The clear text to hash
     * @param string $salt  The salt to use, null for random
     * @param string $magic The rounds for sha512 (for example "rounds=3000"), null for default value
     * @return string Hashed password
     * @throws \Exception
     */
    public function hash_sha512($clear, $salt = null, $magic = null) {
        if(!defined('CRYPT_SHA512') || CRYPT_SHA512 != 1) {
            throw new \Exception('This PHP installation has no SHA512 support');
        }
        $this->init_salt($salt, 8, false);
        if(empty($magic)) {
            return crypt($clear, '$6$'.$salt.'$');
        }else{
            return crypt($clear, '$6$'.$magic.'$'.$salt.'$');
        }
    }

    /**
     * Password hashing method 'mediawiki'
     *
     * Uses salted MD5, this is referred to as Method B in MediaWiki docs. Unsalted md5
     * method 'A' is not supported.
     *
     * @link  http://www.mediawiki.org/wiki/Manual_talk:User_table#user_password_column
     *
     * @param string $clear The clear text to hash
     * @param string $salt  The salt to use, null for random
     * @return string Hashed password
     */
    public function hash_mediawiki($clear, $salt = null) {
        $this->init_salt($salt, 8, false);
        return ':B:'.$salt.':'.md5($salt.'-'.md5($clear));
    }

    /**
     * Wraps around native hash_hmac() or reimplents it
     *
     * This is not directly used as password hashing method, and thus isn't callable via the
     * verify_hash() method. It should be used to create signatures and might be used in other
     * password hashing methods.
     *
     * @see hash_hmac()
     * @author KC Cloyd
     * @link http://php.net/manual/en/function.hash-hmac.php#93440
     *
     * @param string $algo Name of selected hashing algorithm (i.e. "md5", "sha256", "haval160,4",
     *                     etc..) See hash_algos() for a list of supported algorithms.
     * @param string $data Message to be hashed.
     * @param string $key  Shared secret key used for generating the HMAC variant of the message digest.
     * @param bool $raw_output When set to TRUE, outputs raw binary data. FALSE outputs lowercase hexits.
     * @return string
     */
    public static function hmac($algo, $data, $key, $raw_output = false) {
        // use native function if available and not in unit test
        if(function_exists('hash_hmac') && !defined('SIMPLE_TEST')){
            return hash_hmac($algo, $data, $key, $raw_output);
        }

        $algo = strtolower($algo);
        $pack = 'H' . strlen($algo('test'));
        $size = 64;
        $opad = str_repeat(chr(0x5C), $size);
        $ipad = str_repeat(chr(0x36), $size);

        if(strlen($key) > $size) {
            $key = str_pad(pack($pack, $algo($key)), $size, chr(0x00));
        } else {
            $key = str_pad($key, $size, chr(0x00));
        }

        for($i = 0; $i < strlen($key) - 1; $i++) {
            $opad[$i] = $opad[$i] ^ $key[$i];
            $ipad[$i] = $ipad[$i] ^ $key[$i];
        }

        $output = $algo($opad . pack($pack, $algo($ipad . $data)));

        return ($raw_output) ? pack($pack, $output) : $output;
    }

    /**
     * Use a secure random generator
     *
     * @param int $min
     * @param int $max
     * @return int
     */
    protected function random($min, $max){
        try {
            return random_int($min, $max);
        } catch (\Exception $e) {
            // availability of random source is checked elsewhere in DokuWiki
            // we demote this to an unchecked runtime exception here
            throw new \RuntimeException($e->getMessage(), $e->getCode(), $e);
        }
    }
}


1			<?php
2			// phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
3
4			namespace dokuwiki;
5
6			/**
7			* Password Hashing Class
8			*
9			* This class implements various mechanisms used to hash passwords
10			*
11			* @author Andreas Gohr <[email protected]>
12			* @license LGPL2
13			*/
14			class PassHash {
15			/**
16			* Verifies a cleartext password against a crypted hash
17			*
18			* The method and salt used for the crypted hash is determined automatically,
19			* then the clear text password is crypted using the same method. If both hashs
20			* match true is is returned else false
21			*
22			* @author Andreas Gohr <[email protected]>
23			*
24			* @param string $clear Clear-Text password
25			* @param string $hash Hash to compare against
26			* @return bool
27			*/
28			public function verify_hash($clear, $hash) {
29			$method = '';
			0 ignored issues – show Unused Code introduced 2019-03-06 19:27 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$method` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
30			$salt = '';
31			$magic = '';
32
33			//determine the used method and salt
34			$len = strlen($hash);
35			if(preg_match('/^\$1\$([^\$]{0,8})\$/', $hash, $m)) {
36			$method = 'smd5';
37			$salt = $m[1];
38			$magic = '1';
39			} elseif(preg_match('/^\$apr1\$([^\$]{0,8})\$/', $hash, $m)) {
40			$method = 'apr1';
41			$salt = $m[1];
42			$magic = 'apr1';
43			} elseif(preg_match('/^\$P\$(.{31})$/', $hash, $m)) {
44			$method = 'pmd5';
45			$salt = $m[1];
46			$magic = 'P';
47			} elseif(preg_match('/^\$H\$(.{31})$/', $hash, $m)) {
48			$method = 'pmd5';
49			$salt = $m[1];
50			$magic = 'H';
51			} elseif(preg_match('/^pbkdf2_(\w+?)\$(\d+)\$(.{12})\$/', $hash, $m)) {
52			$method = 'djangopbkdf2';
53			$magic = array(
54			'algo' => $m[1],
55			'iter' => $m[2],
56			);
57			$salt = $m[3];
58			} elseif(preg_match('/^sha1\$(.{5})\$/', $hash, $m)) {
59			$method = 'djangosha1';
60			$salt = $m[1];
61			} elseif(preg_match('/^md5\$(.{5})\$/', $hash, $m)) {
62			$method = 'djangomd5';
63			$salt = $m[1];
64			} elseif(preg_match('/^\$2(a\|y)\$(.{2})\$/', $hash, $m)) {
65			$method = 'bcrypt';
66			$salt = $hash;
67			} elseif(substr($hash, 0, 6) == '{SSHA}') {
68			$method = 'ssha';
69			$salt = substr(base64_decode(substr($hash, 6)), 20);
70			} elseif(substr($hash, 0, 6) == '{SMD5}') {
71			$method = 'lsmd5';
72			$salt = substr(base64_decode(substr($hash, 6)), 16);
73			} elseif(preg_match('/^:B:(.+?):.{32}$/', $hash, $m)) {
74			$method = 'mediawiki';
75			$salt = $m[1];
76			} elseif(preg_match('/^\$6\$(rounds=\d+)?\$?(.+?)\$/', $hash, $m)) {
77			$method = 'sha512';
78			$salt = $m[2];
79			$magic = $m[1];
80			} elseif($len == 32) {
81			$method = 'md5';
82			} elseif($len == 40) {
83			$method = 'sha1';
84			} elseif($len == 16) {
85			$method = 'mysql';
86			} elseif($len == 41 && $hash[0] == '*') {
87			$method = 'my411';
88			} elseif($len == 34) {
89			$method = 'kmd5';
90			$salt = $hash;
91			} else {
92			$method = 'crypt';
93			$salt = substr($hash, 0, 2);
94			}
95
96			//crypt and compare
97			$call = 'hash_'.$method;
98			$newhash = $this->$call($clear, $salt, $magic);
99			if(\hash_equals($newhash, $hash)) {
100			return true;
101			}
102			return false;
103			}
104
105			/**
106			* Create a random salt
107			*
108			* @param int $len The length of the salt
109			* @return string
110			*/
111			public function gen_salt($len = 32) {
112			$salt = '';
113			$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
114			for($i = 0; $i < $len; $i++) {
115			$salt .= $chars[$this->random(0, 61)];
116			}
117			return $salt;
118			}
119
120			/**
121			* Initialize the passed variable with a salt if needed.
122			*
123			* If $salt is not null, the value is kept, but the lenght restriction is
124			* applied (unless, $cut is false).
125			*
126			* @param string\|null &$salt The salt, pass null if you want one generated
127			* @param int $len The length of the salt
128			* @param bool $cut Apply length restriction to existing salt?
129			*/
130			public function init_salt(&$salt, $len = 32, $cut = true) {
131			if(is_null($salt)) {
132			$salt = $this->gen_salt($len);
133			$cut = true; // for new hashes we alway apply length restriction
134			}
135			if(strlen($salt) > $len && $cut) $salt = substr($salt, 0, $len);
136			}
137
138			// Password hashing methods follow below
139
140			/**
141			* Password hashing method 'smd5'
142			*
143			* Uses salted MD5 hashs. Salt is 8 bytes long.
144			*
145			* The same mechanism is used by Apache's 'apr1' method. This will
146			* fallback to a implementation in pure PHP if MD5 support is not
147			* available in crypt()
148			*
149			* @author Andreas Gohr <[email protected]>
150			* @author <mikey_nich at hotmail dot com>
151			* @link http://php.net/manual/en/function.crypt.php#73619
152			*
153			* @param string $clear The clear text to hash
154			* @param string $salt The salt to use, null for random
155			* @return string Hashed password
156			*/
157			public function hash_smd5($clear, $salt = null) {
158			$this->init_salt($salt, 8);
159
160			if(defined('CRYPT_MD5') && CRYPT_MD5 && $salt !== '') {
161			return crypt($clear, '$1$'.$salt.'$');
162			} else {
163			// Fall back to PHP-only implementation
164			return $this->hash_apr1($clear, $salt, '1');
165			}
166			}
167
168			/**
169			* Password hashing method 'lsmd5'
170			*
171			* Uses salted MD5 hashs. Salt is 8 bytes long.
172			*
173			* This is the format used by LDAP.
174			*
175			* @param string $clear The clear text to hash
176			* @param string $salt The salt to use, null for random
177			* @return string Hashed password
178			*/
179			public function hash_lsmd5($clear, $salt = null) {
180			$this->init_salt($salt, 8);
181			return "{SMD5}".base64_encode(md5($clear.$salt, true).$salt);
182			}
183
184			/**
185			* Password hashing method 'apr1'
186			*
187			* Uses salted MD5 hashs. Salt is 8 bytes long.
188			*
189			* This is basically the same as smd1 above, but as used by Apache.
190			*
191			* @author <mikey_nich at hotmail dot com>
192			* @link http://php.net/manual/en/function.crypt.php#73619
193			*
194			* @param string $clear The clear text to hash
195			* @param string $salt The salt to use, null for random
196			* @param string $magic The hash identifier (apr1 or 1)
197			* @return string Hashed password
198			*/
199			public function hash_apr1($clear, $salt = null, $magic = 'apr1') {
200			$this->init_salt($salt, 8);
201
202			$len = strlen($clear);
203			$text = $clear.'$'.$magic.'$'.$salt;
204			$bin = pack("H32", md5($clear.$salt.$clear));
205			for($i = $len; $i > 0; $i -= 16) {
206			$text .= substr($bin, 0, min(16, $i));
207			}
208			for($i = $len; $i > 0; $i >>= 1) {
209			$text .= ($i & 1) ? chr(0) : $clear{0};
210			}
211			$bin = pack("H32", md5($text));
212			for($i = 0; $i < 1000; $i++) {
213			$new = ($i & 1) ? $clear : $bin;
214			if($i % 3) $new .= $salt;
215			if($i % 7) $new .= $clear;
216			$new .= ($i & 1) ? $bin : $clear;
217			$bin = pack("H32", md5($new));
218			}
219			$tmp = '';
220			for($i = 0; $i < 5; $i++) {
221			$k = $i + 6;
222			$j = $i + 12;
223			if($j == 16) $j = 5;
224			$tmp = $bin[$i].$bin[$k].$bin[$j].$tmp;
225			}
226			$tmp = chr(0).chr(0).$bin[11].$tmp;
227			$tmp = strtr(
228			strrev(substr(base64_encode($tmp), 2)),
229			"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",
230			"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
231			);
232			return '$'.$magic.'$'.$salt.'$'.$tmp;
233			}
234
235			/**
236			* Password hashing method 'md5'
237			*
238			* Uses MD5 hashs.
239			*
240			* @param string $clear The clear text to hash
241			* @return string Hashed password
242			*/
243			public function hash_md5($clear) {
244			return md5($clear);
245			}
246
247			/**
248			* Password hashing method 'sha1'
249			*
250			* Uses SHA1 hashs.
251			*
252			* @param string $clear The clear text to hash
253			* @return string Hashed password
254			*/
255			public function hash_sha1($clear) {
256			return sha1($clear);
257			}
258
259			/**
260			* Password hashing method 'ssha' as used by LDAP
261			*
262			* Uses salted SHA1 hashs. Salt is 4 bytes long.
263			*
264			* @param string $clear The clear text to hash
265			* @param string $salt The salt to use, null for random
266			* @return string Hashed password
267			*/
268			public function hash_ssha($clear, $salt = null) {
269			$this->init_salt($salt, 4);
270			return '{SSHA}'.base64_encode(pack("H*", sha1($clear.$salt)).$salt);
271			}
272
273			/**
274			* Password hashing method 'crypt'
275			*
276			* Uses salted crypt hashs. Salt is 2 bytes long.
277			*
278			* @param string $clear The clear text to hash
279			* @param string $salt The salt to use, null for random
280			* @return string Hashed password
281			*/
282			public function hash_crypt($clear, $salt = null) {
283			$this->init_salt($salt, 2);
284			return crypt($clear, $salt);
285			}
286
287			/**
288			* Password hashing method 'mysql'
289			*
290			* This method was used by old MySQL systems
291			*
292			* @link http://php.net/mysql
293			* @author <soren at byu dot edu>
294			* @param string $clear The clear text to hash
295			* @return string Hashed password
296			*/
297			public function hash_mysql($clear) {
298			$nr = 0x50305735;
299			$nr2 = 0x12345671;
300			$add = 7;
301			$charArr = preg_split("//", $clear);
302			foreach($charArr as $char) {
303			if(($char == '') \|\| ($char == ' ') \|\| ($char == '\t')) continue;
304			$charVal = ord($char);
305			$nr ^= ((($nr & 63) + $add) * $charVal) + ($nr << 8);
306			$nr2 += ($nr2 << 8) ^ $nr;
307			$add += $charVal;
308			}
309			return sprintf("%08x%08x", ($nr & 0x7fffffff), ($nr2 & 0x7fffffff));
310			}
311
312			/**
313			* Password hashing method 'my411'
314			*
315			* Uses SHA1 hashs. This method is used by MySQL 4.11 and above
316			*
317			* @param string $clear The clear text to hash
318			* @return string Hashed password
319			*/
320			public function hash_my411($clear) {
321			return ''.strtoupper(sha1(pack("H", sha1($clear))));
322			}
323
324			/**
325			* Password hashing method 'kmd5'
326			*
327			* Uses salted MD5 hashs.
328			*
329			* Salt is 2 bytes long, but stored at position 16, so you need to pass at
330			* least 18 bytes. You can pass the crypted hash as salt.
331			*
332			* @param string $clear The clear text to hash
333			* @param string $salt The salt to use, null for random
334			* @return string Hashed password
335			*/
336			public function hash_kmd5($clear, $salt = null) {
337			$this->init_salt($salt);
338
339			$key = substr($salt, 16, 2);
340			$hash1 = strtolower(md5($key.md5($clear)));
341			$hash2 = substr($hash1, 0, 16).$key.substr($hash1, 16);
342			return $hash2;
343			}
344
345			/**
346			* Password hashing method 'pmd5'
347			*
348			* Uses salted MD5 hashs. Salt is 1+8 bytes long, 1st byte is the
349			* iteration count when given, for null salts $compute is used.
350			*
351			* The actual iteration count is the given count squared, maximum is
352			* 30 (-> 1073741824). If a higher one is given, the function throws
353			* an exception.
354			*
355			* @link http://www.openwall.com/phpass/
356			*
357			* @param string $clear The clear text to hash
358			* @param string $salt The salt to use, null for random
359			* @param string $magic The hash identifier (P or H)
360			* @param int $compute The iteration count for new passwords
361			* @throws \Exception
362			* @return string Hashed password
363			*/
364			public function hash_pmd5($clear, $salt = null, $magic = 'P', $compute = 8) {
365			$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
366			if(is_null($salt)) {
367			$this->init_salt($salt);
368			$salt = $itoa64[$compute].$salt; // prefix iteration count
369			}
370			$iterc = $salt[0]; // pos 0 of salt is iteration count
371			$iter = strpos($itoa64, $iterc);
372
373			if($iter > 30) {
374			throw new \Exception("Too high iteration count ($iter) in ".
375			__CLASS__.'::'.__FUNCTION__);
376			}
377
378			$iter = 1 << $iter;
379			$salt = substr($salt, 1, 8);
380
381			// iterate
382			$hash = md5($salt.$clear, true);
383			do {
384			$hash = md5($hash.$clear, true);
385			} while(--$iter);
386
387			// encode
388			$output = '';
389			$count = 16;
390			$i = 0;
391			do {
392			$value = ord($hash[$i++]);
393			$output .= $itoa64[$value & 0x3f];
394			if($i < $count)
395			$value \|= ord($hash[$i]) << 8;
396			$output .= $itoa64[($value >> 6) & 0x3f];
397			if($i++ >= $count)
398			break;
399			if($i < $count)
400			$value \|= ord($hash[$i]) << 16;
401			$output .= $itoa64[($value >> 12) & 0x3f];
402			if($i++ >= $count)
403			break;
404			$output .= $itoa64[($value >> 18) & 0x3f];
405			} while($i < $count);
406
407			return '$'.$magic.'$'.$iterc.$salt.$output;
408			}
409
410			/**
411			* Alias for hash_pmd5
412			*
413			* @param string $clear
414			* @param null\|string $salt
415			* @param string $magic
416			* @param int $compute
417			*
418			* @return string
419			* @throws \Exception
420			*/
421			public function hash_hmd5($clear, $salt = null, $magic = 'H', $compute = 8) {
422			return $this->hash_pmd5($clear, $salt, $magic, $compute);
423			}
424
425			/**
426			* Password hashing method 'djangosha1'
427			*
428			* Uses salted SHA1 hashs. Salt is 5 bytes long.
429			* This is used by the Django Python framework
430			*
431			* @link http://docs.djangoproject.com/en/dev/topics/auth/#passwords
432			*
433			* @param string $clear The clear text to hash
434			* @param string $salt The salt to use, null for random
435			* @return string Hashed password
436			*/
437			public function hash_djangosha1($clear, $salt = null) {
438			$this->init_salt($salt, 5);
439			return 'sha1$'.$salt.'$'.sha1($salt.$clear);
440			}
441
442			/**
443			* Password hashing method 'djangomd5'
444			*
445			* Uses salted MD5 hashs. Salt is 5 bytes long.
446			* This is used by the Django Python framework
447			*
448			* @link http://docs.djangoproject.com/en/dev/topics/auth/#passwords
449			*
450			* @param string $clear The clear text to hash
451			* @param string $salt The salt to use, null for random
452			* @return string Hashed password
453			*/
454			public function hash_djangomd5($clear, $salt = null) {
455			$this->init_salt($salt, 5);
456			return 'md5$'.$salt.'$'.md5($salt.$clear);
457			}
458
459			/**
460			* Password hashing method 'djangopbkdf2'
461			*
462			* An algorithm and iteration count should be given in the opts array.
463			* Defaults to sha256 and 24000 iterations
464			*
465			* @param string $clear The clear text to hash
466			* @param string $salt The salt to use, null for random
467			* @param array $opts ('algo' => hash algorithm, 'iter' => iterations)
468			* @return string Hashed password
469			* @throws \Exception when PHP is missing support for the method/algo
470			*/
471			public function hash_djangopbkdf2($clear, $salt=null, $opts=array()) {
472			$this->init_salt($salt, 12);
473			if(empty($opts['algo'])) {
474			$algo = 'sha256';
475			} else {
476			$algo = $opts['algo'];
477			}
478			if(empty($opts['iter'])) {
479			$iter = 24000;
480			} else {
481			$iter = (int) $opts['iter'];
482			}
483			if(!function_exists('hash_pbkdf2')) {
484			throw new \Exception('This PHP installation has no PBKDF2 support');
485			}
486			if(!in_array($algo, hash_algos())) {
487			throw new \Exception("This PHP installation has no $algo support");
488			}
489
490			$hash = base64_encode(hash_pbkdf2($algo, $clear, $salt, $iter, 0, true));
491			return "pbkdf2_$algo\$$iter\$$salt\$$hash";
492			}
493
494			/**
495			* Alias for djangopbkdf2 defaulting to sha256 as hash algorithm
496			*
497			* @param string $clear The clear text to hash
498			* @param string $salt The salt to use, null for random
499			* @param array $opts ('iter' => iterations)
500			* @return string Hashed password
501			* @throws \Exception when PHP is missing support for the method/algo
502			*/
503			public function hash_djangopbkdf2_sha256($clear, $salt=null, $opts=array()) {
504			$opts['algo'] = 'sha256';
505			return $this->hash_djangopbkdf2($clear, $salt, $opts);
506			}
507
508			/**
509			* Alias for djangopbkdf2 defaulting to sha1 as hash algorithm
510			*
511			* @param string $clear The clear text to hash
512			* @param string $salt The salt to use, null for random
513			* @param array $opts ('iter' => iterations)
514			* @return string Hashed password
515			* @throws \Exception when PHP is missing support for the method/algo
516			*/
517			public function hash_djangopbkdf2_sha1($clear, $salt=null, $opts=array()) {
518			$opts['algo'] = 'sha1';
519			return $this->hash_djangopbkdf2($clear, $salt, $opts);
520			}
521
522			/**
523			* Passwordhashing method 'bcrypt'
524			*
525			* Uses a modified blowfish algorithm called eksblowfish
526			* This method works on PHP 5.3+ only and will throw an exception
527			* if the needed crypt support isn't available
528			*
529			* A full hash should be given as salt (starting with $a2$) or this
530			* will break. When no salt is given, the iteration count can be set
531			* through the $compute variable.
532			*
533			* @param string $clear The clear text to hash
534			* @param string $salt The salt to use, null for random
535			* @param int $compute The iteration count (between 4 and 31)
536			* @throws \Exception
537			* @return string Hashed password
538			*/
539			public function hash_bcrypt($clear, $salt = null, $compute = 10) {
540			if(!defined('CRYPT_BLOWFISH') \|\| CRYPT_BLOWFISH != 1) {
541			throw new \Exception('This PHP installation has no bcrypt support');
542			}
543
544			if(is_null($salt)) {
545			if($compute < 4 \|\| $compute > 31) $compute = 8;
546			$salt = '$2y$'.str_pad($compute, 2, '0', STR_PAD_LEFT).'$'.
547			$this->gen_salt(22);
548			}
549
550			return crypt($clear, $salt);
551			}
552
553			/**
554			* Password hashing method SHA512
555			*
556			* This is only supported on PHP 5.3.2 or higher and will throw an exception if
557			* the needed crypt support is not available
558			*
559			* @param string $clear The clear text to hash
560			* @param string $salt The salt to use, null for random
561			* @param string $magic The rounds for sha512 (for example "rounds=3000"), null for default value
562			* @return string Hashed password
563			* @throws \Exception
564			*/
565			public function hash_sha512($clear, $salt = null, $magic = null) {
566			if(!defined('CRYPT_SHA512') \|\| CRYPT_SHA512 != 1) {
567			throw new \Exception('This PHP installation has no SHA512 support');
568			}
569			$this->init_salt($salt, 8, false);
570			if(empty($magic)) {
571			return crypt($clear, '$6$'.$salt.'$');
572			}else{
573			return crypt($clear, '$6$'.$magic.'$'.$salt.'$');
574			}
575			}
576
577			/**
578			* Password hashing method 'mediawiki'
579			*
580			* Uses salted MD5, this is referred to as Method B in MediaWiki docs. Unsalted md5
581			* method 'A' is not supported.
582			*
583			* @link http://www.mediawiki.org/wiki/Manual_talk:User_table#user_password_column
584			*
585			* @param string $clear The clear text to hash
586			* @param string $salt The salt to use, null for random
587			* @return string Hashed password
588			*/
589			public function hash_mediawiki($clear, $salt = null) {
590			$this->init_salt($salt, 8, false);
591			return ':B:'.$salt.':'.md5($salt.'-'.md5($clear));
592			}
593
594			/**
595			* Wraps around native hash_hmac() or reimplents it
596			*
597			* This is not directly used as password hashing method, and thus isn't callable via the
598			* verify_hash() method. It should be used to create signatures and might be used in other
599			* password hashing methods.
600			*
601			* @see hash_hmac()
602			* @author KC Cloyd
603			* @link http://php.net/manual/en/function.hash-hmac.php#93440
604			*
605			* @param string $algo Name of selected hashing algorithm (i.e. "md5", "sha256", "haval160,4",
606			* etc..) See hash_algos() for a list of supported algorithms.
607			* @param string $data Message to be hashed.
608			* @param string $key Shared secret key used for generating the HMAC variant of the message digest.
609			* @param bool $raw_output When set to TRUE, outputs raw binary data. FALSE outputs lowercase hexits.
610			* @return string
611			*/
612			public static function hmac($algo, $data, $key, $raw_output = false) {
613			// use native function if available and not in unit test
614			if(function_exists('hash_hmac') && !defined('SIMPLE_TEST')){
615			return hash_hmac($algo, $data, $key, $raw_output);
616			}
617
618			$algo = strtolower($algo);
619			$pack = 'H' . strlen($algo('test'));
620			$size = 64;
621			$opad = str_repeat(chr(0x5C), $size);
622			$ipad = str_repeat(chr(0x36), $size);
623
624			if(strlen($key) > $size) {
625			$key = str_pad(pack($pack, $algo($key)), $size, chr(0x00));
626			} else {
627			$key = str_pad($key, $size, chr(0x00));
628			}
629
630			for($i = 0; $i < strlen($key) - 1; $i++) {
631			$opad[$i] = $opad[$i] ^ $key[$i];
632			$ipad[$i] = $ipad[$i] ^ $key[$i];
633			}
634
635			$output = $algo($opad . pack($pack, $algo($ipad . $data)));
636
637			return ($raw_output) ? pack($pack, $output) : $output;
638			}
639
640			/**
641			* Use a secure random generator
642			*
643			* @param int $min
644			* @param int $max
645			* @return int
646			*/
647			protected function random($min, $max){
648			try {
649			return random_int($min, $max);
650			} catch (\Exception $e) {
651			// availability of random source is checked elsewhere in DokuWiki
652			// we demote this to an unchecked runtime exception here
653			throw new \RuntimeException($e->getMessage(), $e->getCode(), $e);
654			}
655			}
656			}
657

splitbrain / dokuwiki

Push — interwiki-remove-golucky ( 52fcdb...768be5 )

inc/PassHash.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like