--- /dev/null
+<?php
+/**
+ * @author Jan Altensen (Stricted)
+ * @copyright 2013-2014 Jan Altensen (Stricted)
+ * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
+ */
+class LDAPHash {
+
+ /**
+ * compare given ldap hash with given password
+ *
+ * @param string $password
+ * @param string $hash
+ * @return boolean
+ */
+ public function compare($password, $hash) {
+ // replace hash method to lowercase
+ $search = array("SSHA", "SHA256", "SHA384", "SHA512", "SSHA256", "SSHA384", "SSHA512", "MD5", "SMD5", "SHA", "CRYPT");
+ $replace = array("ssha", "sha256", "sha384", "sha512", "ssha256", "ssha384", "ssha512", "md5", "smd5", "sha", "crypt");
+ $hash = str_replace($search, $replace, $hash);
+
+ $encrypted_password = '';
+
+ // plain password
+ if ($password == $hash) {
+ return true;
+ }
+
+ preg_match("/^{([a-z0-9]+)}([\s\S]+)/i", $hash, $method);
+ if (isset($method[1]) && !empty($method[1]) && isset($method[2]) && !empty($method[2])) {
+ switch ($method[1]) {
+ case "md5":
+ $encrypted_password = '{md5}' . base64_encode(hash("md5", $password, true));
+ break;
+
+ case "smd5":
+ $salt = substr(base64_decode($method[2]),16);
+ $encrypted_password = '{smd5}' . base64_encode(hash("md5", $password.$salt, true).$salt);
+ break;
+
+ case "sha":
+ $encrypted_password = '{sha}' . base64_encode(hash("sha1", $password, true));
+ break;
+
+ case "ssha":
+ $salt = substr(base64_decode($method[2]),20);
+ $encrypted_password = '{ssha}' . base64_encode(hash("sha1", $password.$salt, true).$salt);
+ break;
+
+ case "sha256":
+ $encrypted_password = "{sha256}".base64_encode(hash("sha256", $password, true));
+ break;
+
+ case "ssha256":
+ $salt = substr(base64_decode($method[2]),32);
+ $encrypted_password = "{ssha256}".base64_encode(hash("sha256", $password.$salt, true).$salt);
+ break;
+
+ case "sha384":
+ $encrypted_password = "{sha384}".base64_encode(hash("sha348", $password, true));
+ break;
+
+ case "ssha384":
+ $salt = substr(base64_decode($method[2]),48);
+ $encrypted_password = "{ssha384}".base64_encode(hash("sha384", $password.$salt, true).$salt);
+ break;
+
+ case "sha512":
+ $encrypted_password = "{sha512}".base64_encode(hash("sha512", $password, true));
+ break;
+
+ case "ssha512":
+ $salt = substr(base64_decode($method[2]),64);
+ $encrypted_password = "{sha512}".base64_encode(hash("sha512", $password.$salt, true).$salt);
+ break;
+
+ case "crypt":
+ $encrypted_password = "{crypt}".crypt($password, $method[2]);
+ break;
+
+ default:
+ die("Unsupported password hash format");
+ break;
+ }
+ }
+
+ if ($hash == $encrypted_password) {
+ return true;
+ }
+ else {
+ return false;
+ }
+ }
+
+ /**
+ * return supported hash methods
+ *
+ * @return array
+ */
+ public function supportedMethods () {
+ return array("ssha", "sha256", "sha384", "sha512", "ssha256", "ssha384", "ssha512", "md5", "smd5", "sha", "crypt", "plain");
+ }
+
+ /**
+ * hash given password with given hash method
+ *
+ * @param string $password
+ * @param string $method
+ * @return string
+ */
+ public function hash($password, $method) {
+ $salt = substr(sha1(time()), 0, 4);
+ $method = strtolower($method);
+ switch ($method) {
+ case "ssha":
+ $hash = base64_encode(hash("sha1", $password.$salt, true).$salt);
+ break;
+
+ case "sha256":
+ $hash = base64_encode(hash("sha256", $password, true));
+ break;
+
+ case "sha384":
+ $hash = base64_encode(hash("sha384", $password, true));
+ break;
+
+ case "sha512":
+ $hash = base64_encode(hash("sha512", $password, true));
+ break;
+
+ case "ssha256":
+ $hash = base64_encode(hash("sha256", $password.$salt, true).$salt);
+ break;
+
+ case "ssha384":
+ $hash = base64_encode(hash("sha384", $password.$salt, true).$salt);
+ break;
+
+ case "ssha512":
+ $hash = base64_encode(hash("sha512", $password.$salt, true).$salt);
+ break;
+
+ case "md5":
+ $hash = base64_encode(hash("md5", $password, true));
+ break;
+
+ case "smd5":
+ $hash = base64_encode(hash("md5", $password.$salt, true).$salt);
+ break;
+
+ case "sha":
+ $hash = base64_encode(hash("sha1", $password, true));
+ break;
+
+ case "crypt":
+ $hash = crypt($password, $salt);
+ break;
+
+ case "plain":
+ $hash = $password;
+ break;
+
+ default :
+ die("Unsupported hash method");
+ break;
+ }
+
+ return ($method == "plain" ? "" : "{".$method."}").$hash;
+ }
+}
+?>
\ No newline at end of file
--- /dev/null
+<?php
+/**
+ * @author Jan Altensen (Stricted)
+ * @copyright 2013-2014 Jan Altensen (Stricted)
+ * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
+ */
+class bcrypt {
+ /**
+ * compare password with given hash
+ *
+ * @param string $password
+ * @param string $hash
+ * @return boolean
+ */
+ public function compare ($password, $hash) {
+ $salt = $this->getSalt($hash);
+
+ $new = crypt($password, $salt);
+ $doubleSalted = crypt(crypt($password, $salt), $salt);
+
+ if ($new == $hash) {
+ return true;
+ }
+ else if ($doubleSalted == $hash) {
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
+ * crypt new password
+ *
+ * @param string $password
+ * @param string $double <optional>
+ * @return string
+ */
+ public function crypt ($password, $double = false) {
+ $salt = $this->generateSalt();
+ if ($double) {
+ return crypt(crypt($password, $salt), $salt);
+ }
+ else {
+ return crypt($password, $salt);
+ }
+ }
+
+ /**
+ * generate new salt
+ *
+ * @return string
+ */
+ public function generateSalt() {
+ $blowfishCharacters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./';
+ $maxIndex = strlen($blowfishCharacters) - 1;
+ $salt = '';
+
+ for ($i = 0; $i < 22; $i++) {
+ $rand = mt_rand(0, $maxIndex);
+ $salt .= $blowfishCharacters[$rand];
+ }
+
+ return '$2a$08$' . $salt;
+ }
+
+ /**
+ * get salt from password hash
+ *
+ * @param string $hash
+ * @return string
+ */
+ private function getSalt($hash) {
+ $salt = '';
+ if (mb_substr($hash, 0, 7) == '$2a$08$') {
+ $salt = mb_substr($hash, 7, 22);
+ }
+ else {
+ $salt = mb_substr($hash, 0, 22);
+ }
+
+ return '$2a$08$' . $salt;
+ }
+}
+?>
\ No newline at end of file
+++ /dev/null
-<?php
-/* session.class.php
- * Copyright (C) 2011 - 2013 Jan Altensen (Stricted)
- * http://stricted.de/
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-class session {
-
- public function __construct () { /* not needed */ }
-
- public function start () {
- session_start();
- }
-
- public function status () {
- return session_status();
- }
-
- public function destroy () {
- return session_destroy();
- }
-
- public function unset () {
- session_unset();
- }
-
- public function cache_expire ($new_cache_expire = '') {
- session_cache_expire($new_cache_expire);
- }
-
- public function encode () {
- return session_encode();
- }
-
- public function decode ($data) {
- return session_decode($data);
- }
-
- public function shutdown () {
- session_register_shutdown();
- session_write_close();
- }
-
- public function getID ($set = '') {
- return session_id($set);
- }
-
- public function cache_limiter ($cache_limiter = '') {
- return session_cache_limiter($cache_limiter);
- }
-
- public function get_cookie_params () {
- return session_get_cookie_params();
- }
-
- public function module_name ($module = '') {
- return module_name($module);
- }
-
- public function regenerate_id ($delete_old_session = false) {
- return session_regenerate_id($delete_old_session);
- }
-
- public function save_path ($path = '') {
- return session_save_path($path);
- }
- /* too lazy to comment this class :D */
-}
-?>
\ No newline at end of file
projects / Snippets.git / commitdiff