diff options
| -rw-r--r-- | _test/cases/inc/auth_password.test.php | 2 | ||||
| -rw-r--r-- | inc/PassHash.class.php | 375 | ||||
| -rw-r--r-- | inc/auth.php | 181 | ||||
| -rw-r--r-- | inc/load.php | 1 |
4 files changed, 388 insertions, 171 deletions
diff --git a/_test/cases/inc/auth_password.test.php b/_test/cases/inc/auth_password.test.php index 140c7c23e..d19b2a0e7 100644 --- a/_test/cases/inc/auth_password.test.php +++ b/_test/cases/inc/auth_password.test.php @@ -18,6 +18,8 @@ class auth_password_test extends UnitTestCase { 'kmd5' => 'a579299436d7969791189acadd86fcb716', 'pmd5' => '$P$abcdefgh1RC6Fd32heUzl7EYCG9uGw.', 'hmd5' => '$H$abcdefgh1ZbJodHxmeXVAhEzTG7IAp.', + 'djangomd5' => '$md5$abcde$d0fdddeda8cd92725d2b54148ac09158', + 'djangosha1' => '$sha1$abcde$c8e65a7f0acc9158843048a53dcc5a6bc4d17678', ); diff --git a/inc/PassHash.class.php b/inc/PassHash.class.php new file mode 100644 index 000000000..dce1a5ace --- /dev/null +++ b/inc/PassHash.class.php @@ -0,0 +1,375 @@ +<?php +/** + * Password Hashing Class + * + * This class implements various mechanisms used to hash passwords + * + * @author Andreas Gohr <andi@splitbrain.org> + * @license LGPL2 + */ +class PassHash { + /** + * Verifies a cleartext password against a crypted hash + * + * The method and salt used for the crypted hash is determined automatically, + * then the clear text password is crypted using the same method. If both hashs + * match true is is returned else false + * + * @author Andreas Gohr <andi@splitbrain.org> + * @return bool + */ + function verify_hash($clear,$hash){ + $method=''; + $salt=''; + $magic=''; + + //determine the used method and salt + $len = strlen($hash); + if(preg_match('/^\$1\$([^\$]{0,8})\$/',$hash,$m)){ + $method = 'smd5'; + $salt = $m[1]; + $magic = '1'; + }elseif(preg_match('/^\$apr1\$([^\$]{0,8})\$/',$hash,$m)){ + $method = 'apr1'; + $salt = $m[1]; + $magic = 'apr1'; + }elseif(preg_match('/^\$P\$(.{31})$/',$hash,$m)){ + $method = 'pmd5'; + $salt = $m[1]; + $magic = 'P'; + }elseif(preg_match('/^\$H\$(.{31})$/',$hash,$m)){ + $method = 'pmd5'; + $salt = $m[1]; + $magic = 'H'; + }elseif(preg_match('/^\$sha1\$(.{5})\$/',$hash,$m)){ + $method = 'djangosha1'; + $salt = $m[1]; + }elseif(preg_match('/^\$md5\$(.{5})\$/',$hash,$m)){ + $method = 'djangomd5'; + $salt = $m[1]; + }elseif(substr($hash,0,6) == '{SSHA}'){ + $method = 'ssha'; + $salt = substr(base64_decode(substr($hash, 6)),20); + }elseif($len == 32){ + $method = 'md5'; + }elseif($len == 40){ + $method = 'sha1'; + }elseif($len == 16){ + $method = 'mysql'; + }elseif($len == 41 && $hash[0] == '*'){ + $method = 'my411'; + }elseif($len == 34){ + $method = 'kmd5'; + $salt = $hash; + }else{ + $method = 'crypt'; + $salt = substr($hash,0,2); + } + + //crypt and compare + $call = 'hash_'.$method; + if($this->$call($clear,$salt,$magic) === $hash){ + return true; + } + return false; + } + + /** + * Create a random salt + * + * @todo use full range of characters instead of hex values only + * @param int $len - The length of the salt + */ + public function gen_salt($len=32){ + return substr(md5(uniqid(rand(), true)),0,$len); + } + + /** + * Initialize the passed variable with a salt if needed. + * + * If $salt is not null, the value is kept, but the lenght restriction is + * applied. + * + * @param stringref $salt - The salt, pass null if you want one generated + * @param int $len - The length of the salt + */ + public function init_salt(&$salt,$len=32){ + if(is_null($salt)) $salt = $this->gen_salt($len); + if(strlen($salt) > $len) $salt = substr($salt,0,$len); + } + + // Password hashing methods follow below + + /** + * Password hashing method 'smd5' + * + * Uses salted MD5 hashs. Salt is 8 bytes long. + * + * The same mechanism is used by Apache's 'apr1' method. This will + * fallback to a implementation in pure PHP if MD5 support is not + * available in crypt() + * + * @author Andreas Gohr <andi@splitbrain.org> + * @author <mikey_nich at hotmail dot com> + * @link http://de.php.net/manual/en/function.crypt.php#73619 + * @param string $clear - the clear text to hash + * @param string $salt - the salt to use, null for random + * @param string $magic - the hash identifier (apr1 or 1) + * @returns string - hashed password + */ + public function hash_smd5($clear, $salt=null){ + $this->init_salt($salt,8); + + if(defined('CRYPT_MD5') && CRYPT_MD5){ + return crypt($clear,'$1$'.$salt.'$'); + }else{ + // Fall back to PHP-only implementation + return $this->apr1($clear, $salt, '1'); + } + } + + /** + * Password hashing method 'apr1' + * + * Uses salted MD5 hashs. Salt is 8 bytes long. + * + * This is basically the same as smd1 above, but as used by Apache. + * + * @author <mikey_nich at hotmail dot com> + * @link http://de.php.net/manual/en/function.crypt.php#73619 + * @param string $clear - the clear text to hash + * @param string $salt - the salt to use, null for random + * @param string $magic - the hash identifier (apr1 or 1) + * @returns string - hashed password + */ + public function hash_apr1($clear, $salt=null, $magic='apr1'){ + $this->init_salt($salt,8); + + $len = strlen($clear); + $text = $clear.'$'.$magic.'$'.$salt; + $bin = pack("H32", md5($clear.$salt.$clear)); + for($i = $len; $i > 0; $i -= 16) { + $text .= substr($bin, 0, min(16, $i)); + } + for($i = $len; $i > 0; $i >>= 1) { + $text .= ($i & 1) ? chr(0) : $clear{0}; + } + $bin = pack("H32", md5($text)); + for($i = 0; $i < 1000; $i++) { + $new = ($i & 1) ? $clear : $bin; + if ($i % 3) $new .= $salt; + if ($i % 7) $new .= $clear; + $new .= ($i & 1) ? $bin : $clear; + $bin = pack("H32", md5($new)); + } + $tmp = ''; + for ($i = 0; $i < 5; $i++) { + $k = $i + 6; + $j = $i + 12; + if ($j == 16) $j = 5; + $tmp = $bin[$i].$bin[$k].$bin[$j].$tmp; + } + $tmp = chr(0).chr(0).$bin[11].$tmp; + $tmp = strtr(strrev(substr(base64_encode($tmp), 2)), + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/", + "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"); + return '$'.$magic.'$'.$salt.'$'.$tmp; + } + + /** + * Password hashing method 'md5' + * + * Uses MD5 hashs. + * + * @param string $clear - the clear text to hash + * @returns string - hashed password + */ + public function hash_md5($clear){ + return md5($clear); + } + + /** + * Password hashing method 'sha1' + * + * Uses SHA1 hashs. + * + * @param string $clear - the clear text to hash + * @returns string - hashed password + */ + public function hash_sha1($clear){ + return sha1($clear); + } + + /** + * Password hashing method 'ssha' as used by LDAP + * + * Uses salted SHA1 hashs. Salt is 4 bytes long. + * + * @param string $clear - the clear text to hash + * @param string $salt - the salt to use, null for random + * @returns string - hashed password + */ + public function hash_ssha($clear, $salt=null){ + $this->init_salt($salt,4); + return '{SSHA}'.base64_encode(pack("H*", sha1($clear.$salt)).$salt); + } + + /** + * Password hashing method 'crypt' + * + * Uses salted crypt hashs. Salt is 2 bytes long. + * + * @param string $clear - the clear text to hash + * @param string $salt - the salt to use, null for random + * @returns string - hashed password + */ + public function hash_crypt($clear, $salt=null){ + $this->init_salt($salt,2); + return crypt($clear,$salt); + } + + /** + * Password hashing method 'mysql' + * + * This method was used by old MySQL systems + * + * @link http://www.php.net/mysql + * @author <soren at byu dot edu> + * @param string $clear - the clear text to hash + * @returns string - hashed password + */ + public function hash_mysql($clear){ + $nr=0x50305735; + $nr2=0x12345671; + $add=7; + $charArr = preg_split("//", $clear); + foreach ($charArr as $char) { + if (($char == '') || ($char == ' ') || ($char == '\t')) continue; + $charVal = ord($char); + $nr ^= ((($nr & 63) + $add) * $charVal) + ($nr << 8); + $nr2 += ($nr2 << 8) ^ $nr; + $add += $charVal; + } + return sprintf("%08x%08x", ($nr & 0x7fffffff), ($nr2 & 0x7fffffff)); + } + + /** + * Password hashing method 'my411' + * + * Uses SHA1 hashs. This method is used by MySQL 4.11 and above + * + * @param string $clear - the clear text to hash + * @returns string - hashed password + */ + public function hash_my411($clear){ + return '*'.sha1(pack("H*", sha1($clear))); + } + + /** + * Password hashing method 'kmd5' + * + * Uses salted MD5 hashs. + * + * Salt is 2 bytes long, but stored at position 16, so you need to pass at + * least 18 bytes. You can pass the crypted hash as salt. + * + * @param string $clear - the clear text to hash + * @param string $salt - the salt to use, null for random + * @returns string - hashed password + */ + public function hash_kmd5($clear, $salt=null){ + $this->init_salt($salt); + + $key = substr($salt, 16, 2); + $hash1 = strtolower(md5($key . md5($clear))); + $hash2 = substr($hash1, 0, 16) . $key . substr($hash1, 16); + return $hash2; + } + + /** + * Password hashing method 'pmd5' + * + * Uses salted MD5 hashs. Salt is 1+8 bytes long, 1st byte is the + * iteration count. + * + * @param string $clear - the clear text to hash + * @param string $salt - the salt to use, null for random + * @param string $magic - the hash identifier (P or H) + * @returns string - hashed password + */ + public function hash_pmd5($clear, $salt=null, $magic='P'){ + $this->init_salt($salt); + + $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; + $iterc = $salt[0]; // pos 0 of salt is iteration count + $iter = strpos($itoa64,$iterc); + $iter = 1 << $iter; + $salt = substr($salt,1,8); + + // iterate + $hash = md5($salt . $clear, true); + do { + $hash = md5($hash . $clear, true); + } while (--$iter); + + // encode + $output = ''; + $count = 16; + $i = 0; + do { + $value = ord($hash[$i++]); + $output .= $itoa64[$value & 0x3f]; + if ($i < $count) + $value |= ord($hash[$i]) << 8; + $output .= $itoa64[($value >> 6) & 0x3f]; + if ($i++ >= $count) + break; + if ($i < $count) + $value |= ord($hash[$i]) << 16; + $output .= $itoa64[($value >> 12) & 0x3f]; + if ($i++ >= $count) + break; + $output .= $itoa64[($value >> 18) & 0x3f]; + } while ($i < $count); + + return '$'.$magic.'$'.$iterc.$salt.$output; + } + + /** + * Alias for hash_pmd5 + */ + public function hash_hmd5($clear, $salt=null, $magic='H'){ + return $this->hash_pmd5($clear, $salt, $magic); + } + + /** + * Password hashing method 'djangosha1' + * + * Uses salted SHA1 hashs. Salt is 5 bytes long. + * This is used by the Django Python framework + * + * @param string $clear - the clear text to hash + * @param string $salt - the salt to use, null for random + * @returns string - hashed password + */ + public function hash_djangosha1($clear, $salt=null){ + $this->init_salt($salt,5); + return '$sha1$'.$salt.'$'.sha1($salt.$clear); + } + + /** + * Password hashing method 'djangomd5' + * + * Uses salted MD5 hashs. Salt is 5 bytes long. + * This is used by the Django Python framework + * + * @param string $clear - the clear text to hash + * @param string $salt - the salt to use, null for random + * @returns string - hashed password + */ + public function hash_djangomd5($clear, $salt=null){ + $this->init_salt($salt,5); + return '$md5$'.$salt.'$'.md5($salt.$clear); + } + +} diff --git a/inc/auth.php b/inc/auth.php index 38d1c925d..7449fd635 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -932,20 +932,6 @@ function act_resendpwd(){ * If the selected method needs a salt and none was given, a random one * is chosen. * - * The following methods are understood: - * - * smd5 - Salted MD5 hashing - * apr1 - Apache salted MD5 hashing - * md5 - Simple MD5 hashing - * sha1 - SHA1 hashing - * ssha - Salted SHA1 hashing - * crypt - Unix crypt - * mysql - MySQL password (old method) - * my411 - MySQL 4.1.1 password - * kmd5 - Salted MD5 hashing as used by UNB - * pmd5 - Salted multi iteration MD5 as used by Wordpress - * hmd5 - Same as pmd5 but PhpBB3 flavour - * * @author Andreas Gohr <andi@splitbrain.org> * @return string The crypted password */ @@ -953,173 +939,26 @@ function auth_cryptPassword($clear,$method='',$salt=null){ global $conf; if(empty($method)) $method = $conf['passcrypt']; - //prepare a salt - if(is_null($salt)) $salt = md5(uniqid(rand(), true)); - - switch(strtolower($method)){ - case 'smd5': - if(defined('CRYPT_MD5') && CRYPT_MD5) return crypt($clear,'$1$'.substr($salt,0,8).'$'); - // when crypt can't handle SMD5, falls through to pure PHP implementation - $magic = '1'; - case 'apr1': - //from http://de.php.net/manual/en/function.crypt.php#73619 comment by <mikey_nich at hotmail dot com> - if(!isset($magic)) $magic = 'apr1'; - $salt = substr($salt,0,8); - $len = strlen($clear); - $text = $clear.'$'.$magic.'$'.$salt; - $bin = pack("H32", md5($clear.$salt.$clear)); - for($i = $len; $i > 0; $i -= 16) { - $text .= substr($bin, 0, min(16, $i)); - } - for($i = $len; $i > 0; $i >>= 1) { - $text .= ($i & 1) ? chr(0) : $clear{0}; - } - $bin = pack("H32", md5($text)); - for($i = 0; $i < 1000; $i++) { - $new = ($i & 1) ? $clear : $bin; - if ($i % 3) $new .= $salt; - if ($i % 7) $new .= $clear; - $new .= ($i & 1) ? $bin : $clear; - $bin = pack("H32", md5($new)); - } - $tmp = ''; - for ($i = 0; $i < 5; $i++) { - $k = $i + 6; - $j = $i + 12; - if ($j == 16) $j = 5; - $tmp = $bin[$i].$bin[$k].$bin[$j].$tmp; - } - $tmp = chr(0).chr(0).$bin[11].$tmp; - $tmp = strtr(strrev(substr(base64_encode($tmp), 2)), - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/", - "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"); - return '$'.$magic.'$'.$salt.'$'.$tmp; - case 'md5': - return md5($clear); - case 'sha1': - return sha1($clear); - case 'ssha': - $salt=substr($salt,0,4); - return '{SSHA}'.base64_encode(pack("H*", sha1($clear.$salt)).$salt); - case 'crypt': - return crypt($clear,substr($salt,0,2)); - case 'mysql': - //from http://www.php.net/mysql comment by <soren at byu dot edu> - $nr=0x50305735; - $nr2=0x12345671; - $add=7; - $charArr = preg_split("//", $clear); - foreach ($charArr as $char) { - if (($char == '') || ($char == ' ') || ($char == '\t')) continue; - $charVal = ord($char); - $nr ^= ((($nr & 63) + $add) * $charVal) + ($nr << 8); - $nr2 += ($nr2 << 8) ^ $nr; - $add += $charVal; - } - return sprintf("%08x%08x", ($nr & 0x7fffffff), ($nr2 & 0x7fffffff)); - case 'my411': - return '*'.sha1(pack("H*", sha1($clear))); - case 'kmd5': - $key = substr($salt, 16, 2); - $hash1 = strtolower(md5($key . md5($clear))); - $hash2 = substr($hash1, 0, 16) . $key . substr($hash1, 16); - return $hash2; - case 'hmd5': - $key = 'H'; - // hmd5 is exactly the same as pmd5, but uses an H as identifier - // PhpBB3 uses it that way, so we just fall through here - case 'pmd5': - if(!$key) $key = 'P'; - $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; - $iterc = $salt[0]; // pos 0 of salt is iteration count - $iter = strpos($itoa64,$iterc); - $iter = 1 << $iter; - $salt = substr($salt,1,8); - - // iterate - $hash = md5($salt . $clear, true); - do { - $hash = md5($hash . $clear, true); - } while (--$iter); - - // encode - $output = ''; - $count = 16; - $i = 0; - do { - $value = ord($hash[$i++]); - $output .= $itoa64[$value & 0x3f]; - if ($i < $count) - $value |= ord($hash[$i]) << 8; - $output .= $itoa64[($value >> 6) & 0x3f]; - if ($i++ >= $count) - break; - if ($i < $count) - $value |= ord($hash[$i]) << 16; - $output .= $itoa64[($value >> 12) & 0x3f]; - if ($i++ >= $count) - break; - $output .= $itoa64[($value >> 18) & 0x3f]; - } while ($i < $count); - - return '$'.$key.'$'.$iterc.$salt.$output; - default: - msg("Unsupported crypt method $method",-1); + $pass = new PassHash(); + $call = 'hash_'.$method; + + if(!method_exists($pass,$call)){ + msg("Unsupported crypt method $method",-1); + return false; } + + return $pass->$call($clear,$salt); } /** * Verifies a cleartext password against a crypted hash * - * The method and salt used for the crypted hash is determined automatically - * then the clear text password is crypted using the same method. If both hashs - * match true is is returned else false - * * @author Andreas Gohr <andi@splitbrain.org> * @return bool */ function auth_verifyPassword($clear,$crypt){ - $method=''; - $salt=''; - - //determine the used method and salt - $len = strlen($crypt); - if(preg_match('/^\$1\$([^\$]{0,8})\$/',$crypt,$m)){ - $method = 'smd5'; - $salt = $m[1]; - }elseif(preg_match('/^\$apr1\$([^\$]{0,8})\$/',$crypt,$m)){ - $method = 'apr1'; - $salt = $m[1]; - }elseif(preg_match('/^\$P\$(.{31})$/',$crypt,$m)){ - $method = 'pmd5'; - $salt = $m[1]; - }elseif(preg_match('/^\$H\$(.{31})$/',$crypt,$m)){ - $method = 'hmd5'; - $salt = $m[1]; - }elseif(substr($crypt,0,6) == '{SSHA}'){ - $method = 'ssha'; - $salt = substr(base64_decode(substr($crypt, 6)),20); - }elseif($len == 32){ - $method = 'md5'; - }elseif($len == 40){ - $method = 'sha1'; - }elseif($len == 16){ - $method = 'mysql'; - }elseif($len == 41 && $crypt[0] == '*'){ - $method = 'my411'; - }elseif($len == 34){ - $method = 'kmd5'; - $salt = $crypt; - }else{ - $method = 'crypt'; - $salt = substr($crypt,0,2); - } - - //crypt and compare - if(auth_cryptPassword($clear,$method,$salt) === $crypt){ - return true; - } - return false; + $pass = new PassHash(); + return $pass->verify_hash($clear,$crypt); } /** diff --git a/inc/load.php b/inc/load.php index 478ee7c76..ef6f7f31c 100644 --- a/inc/load.php +++ b/inc/load.php @@ -75,6 +75,7 @@ function load_autoload($name){ 'Doku_Parser_Mode' => DOKU_INC.'inc/parser/parser.php', 'SafeFN' => DOKU_INC.'inc/SafeFN.class.php', 'Sitemapper' => DOKU_INC.'inc/Sitemapper.php', + 'PassHash' => DOKU_INC.'inc/PassHash.class.php', 'DokuWiki_Action_Plugin' => DOKU_PLUGIN.'action.php', 'DokuWiki_Admin_Plugin' => DOKU_PLUGIN.'admin.php', |