3 * @author Jan Altensen (Stricted)
4 * @copyright 2013-2014 Jan Altensen (Stricted)
5 * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
9 * compare given ldap hash with given password
11 * @param string $password
15 public function compare($password, $hash) {
16 // replace hash method to lowercase
17 $search = array("SSHA", "SHA256", "SHA384", "SHA512", "SSHA256", "SSHA384", "SSHA512", "MD5", "SMD5", "SHA", "CRYPT");
18 $replace = array("ssha", "sha256", "sha384", "sha512", "ssha256", "ssha384", "ssha512", "md5", "smd5", "sha", "crypt");
19 $hash = str_replace($search, $replace, $hash);
21 $encrypted_password = '';
24 if ($password == $hash) {
28 preg_match("/^{([a-z0-9]+)}([\s\S]+)/i", $hash, $method);
29 if (isset($method[1]) && !empty($method[1]) && isset($method[2]) && !empty($method[2])) {
32 $encrypted_password = '{md5}' . base64_encode(hash("md5", $password, true));
36 $salt = substr(base64_decode($method[2]), 16);
37 $encrypted_password = '{smd5}' . base64_encode(hash("md5", $password.$salt, true).$salt);
41 $encrypted_password = '{sha}' . base64_encode(hash("sha1", $password, true));
45 $salt = substr(base64_decode($method[2]), 20);
46 $encrypted_password = '{ssha}' . base64_encode(hash("sha1", $password.$salt, true).$salt);
50 $encrypted_password = "{sha256}".base64_encode(hash("sha256", $password, true));
54 $salt = substr(base64_decode($method[2]), 32);
55 $encrypted_password = "{ssha256}".base64_encode(hash("sha256", $password.$salt, true).$salt);
59 $encrypted_password = "{sha384}".base64_encode(hash("sha348", $password, true));
63 $salt = substr(base64_decode($method[2]), 48);
64 $encrypted_password = "{ssha384}".base64_encode(hash("sha384", $password.$salt, true).$salt);
68 $encrypted_password = "{sha512}".base64_encode(hash("sha512", $password, true));
72 $salt = substr(base64_decode($method[2]), 64);
73 $encrypted_password = "{sha512}".base64_encode(hash("sha512", $password.$salt, true).$salt);
77 $encrypted_password = "{crypt}".crypt($password, $method[2]);
81 die("Unsupported password hash format");
86 if ($hash == $encrypted_password) {
95 * return supported hash methods
99 public function supportedMethods () {
100 return array("ssha", "sha256", "sha384", "sha512", "ssha256", "ssha384", "ssha512", "md5", "smd5", "sha", "crypt", "plain");
104 * hash given password with given hash method
106 * @param string $password
107 * @param string $method
110 public function hash($password, $method) {
111 $salt = substr(sha1(time()), 0, 4);
112 $method = strtolower($method);
115 $hash = base64_encode(hash("sha1", $password.$salt, true).$salt);
119 $hash = base64_encode(hash("sha256", $password, true));
123 $hash = base64_encode(hash("sha384", $password, true));
127 $hash = base64_encode(hash("sha512", $password, true));
131 $hash = base64_encode(hash("sha256", $password.$salt, true).$salt);
135 $hash = base64_encode(hash("sha384", $password.$salt, true).$salt);
139 $hash = base64_encode(hash("sha512", $password.$salt, true).$salt);
143 $hash = base64_encode(hash("md5", $password, true));
147 $hash = base64_encode(hash("md5", $password.$salt, true).$salt);
151 $hash = base64_encode(hash("sha1", $password, true));
155 $hash = crypt($password, $salt);
163 die("Unsupported hash method");
167 return ($method == "plain" ?
"" : "{".$method."}").$hash;