Fix SSHA hash

mlojewski-me · mlojewski-me · commit db6b5e0d2f14 · 2018-06-13T12:47:56.000+02:00
diff --git a/lib/Crypto/SSHA.php b/lib/Crypto/SSHA.php
@@ -48,7 +48,7 @@ public function checkPassword($password, $dbHash)
         $saltedPassword = base64_decode(
             preg_replace("/" . $this->getPrefix() . "/i", "", $dbHash)
         );
-        $salt = substr($saltedPassword, -32);
+        $salt = substr($saltedPassword, -(strlen($saltedPassword) - $this->getHashLength()));
         $hash = self::ssha($password, $salt);
 
         return hash_equals($dbHash, $hash);
@@ -84,6 +84,13 @@ private function ssha($password, $salt)
      */
     public abstract function getAlgorithm();
 
+    /**
+     * Get hash length.
+     *
+     * @return int The hash length.
+     */
+    public abstract function getHashLength();
+
     /**
      * @inheritdoc
      */
diff --git a/lib/Crypto/SSHA256.php b/lib/Crypto/SSHA256.php
@@ -56,6 +56,14 @@ public function getAlgorithm()
         return "sha256";
     }
 
+    /**
+     * @inheritdoc
+     */
+    public function getHashLength()
+    {
+        return 32;
+    }
+
     /**
      * @inheritdoc
      */
diff --git a/lib/Crypto/SSHA512.php b/lib/Crypto/SSHA512.php
@@ -56,6 +56,14 @@ public function getAlgorithm()
         return "sha512";
     }
 
+    /**
+     * @inheritdoc
+     */
+    public function getHashLength()
+    {
+        return 64;
+    }
+
     /**
      * @inheritdoc
      */
