diff options
author | Andreas Gohr <andi@splitbrain.org> | 2013-01-26 13:38:20 +0100 |
---|---|---|
committer | Andreas Gohr <andi@splitbrain.org> | 2013-01-26 13:38:20 +0100 |
commit | dfbe4adfd080433f91409f028935b9f9879fceca (patch) | |
tree | bd2579c92d5561caee8f194e0f6f00fab74366da | |
parent | 925ad1487c71b97ed6cdb2e339a8d84abd199fef (diff) | |
download | rpg-dfbe4adfd080433f91409f028935b9f9879fceca.tar.gz rpg-dfbe4adfd080433f91409f028935b9f9879fceca.tar.bz2 |
added SHA512 hashing method FS#2663
-rw-r--r-- | _test/tests/inc/auth_password.test.php | 1 | ||||
-rw-r--r-- | inc/PassHash.class.php | 22 | ||||
-rw-r--r-- | lib/plugins/config/settings/config.metadata.php | 2 |
3 files changed, 24 insertions, 1 deletions
diff --git a/_test/tests/inc/auth_password.test.php b/_test/tests/inc/auth_password.test.php index 53b9b2c6c..27e03be60 100644 --- a/_test/tests/inc/auth_password.test.php +++ b/_test/tests/inc/auth_password.test.php @@ -16,6 +16,7 @@ class auth_password_test extends PHPUnit_Framework_TestCase { 'kmd5' => 'a579299436d7969791189acadd86fcb716', 'djangomd5' => 'md5$abcde$d0fdddeda8cd92725d2b54148ac09158', 'djangosha1' => 'sha1$abcde$c8e65a7f0acc9158843048a53dcc5a6bc4d17678', + 'sha512' => '$6$abcdefgh12345678$J9.zOcgx0lotwZdcz0uulA3IVQMinZvFZVjA5vapRLVAAqtay23XD4xeeUxQ3B4JvDWYFBIxVWW1tOYlHX13k1' ); diff --git a/inc/PassHash.class.php b/inc/PassHash.class.php index 15ea8cbcf..080fb4778 100644 --- a/inc/PassHash.class.php +++ b/inc/PassHash.class.php @@ -61,6 +61,9 @@ class PassHash { } elseif(preg_match('/^:B:(.+?):.{32}$/', $hash, $m)) { $method = 'mediawiki'; $salt = $m[1]; + } elseif(preg_match('/^\$6\$(.+?)\$/', $hash, $m)) { + $method = 'sha512'; + $salt = $m[1]; } elseif($len == 32) { $method = 'md5'; } elseif($len == 40) { @@ -458,6 +461,25 @@ class PassHash { } /** + * Password hashing method SHA512 + * + * This is only supported on PHP 5.3.2 or higher and will throw an exception if + * the needed crypt support is not available + * + * @param string $clear The clear text to hash + * @param string $salt The salt to use, null for random + * @return string Hashed password + * @throws Exception + */ + public function hash_sha512($clear, $salt = null) { + if(!defined('CRYPT_SHA512') || CRYPT_SHA512 != 1) { + throw new Exception('This PHP installation has no SHA512 support'); + } + $this->init_salt($salt, 8, false); + return crypt($clear, '$6$'.$salt.'$'); + } + + /** * Password hashing method 'mediawiki' * * Uses salted MD5, this is referred to as Method B in MediaWiki docs. Unsalted md5 diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php index 06b58e572..89824381b 100644 --- a/lib/plugins/config/settings/config.metadata.php +++ b/lib/plugins/config/settings/config.metadata.php @@ -126,7 +126,7 @@ $meta['_authentication'] = array('fieldset'); $meta['useacl'] = array('onoff'); $meta['autopasswd'] = array('onoff'); $meta['authtype'] = array('authtype'); -$meta['passcrypt'] = array('multichoice','_choices' => array('smd5','md5','apr1','sha1','ssha','lsmd5','crypt','mysql','my411','kmd5','pmd5','hmd5','mediawiki','bcrypt')); +$meta['passcrypt'] = array('multichoice','_choices' => array('smd5','md5','apr1','sha1','ssha','lsmd5','crypt','mysql','my411','kmd5','pmd5','hmd5','mediawiki','bcrypt','sha512')); $meta['defaultgroup']= array('string'); $meta['superuser'] = array('string'); $meta['manager'] = array('string'); |