|
| 1 | +<?php |
| 2 | +/** |
| 3 | + * Nextcloud - user_sql |
| 4 | + * |
| 5 | + * @copyright 2018 Marcin Łojewski <dev@mlojewski.me> |
| 6 | + * @author Marcin Łojewski <dev@mlojewski.me> |
| 7 | + * |
| 8 | + * This program is free software: you can redistribute it and/or modify |
| 9 | + * it under the terms of the GNU Affero General Public License as |
| 10 | + * published by the Free Software Foundation, either version 3 of the |
| 11 | + * License, or (at your option) any later version. |
| 12 | + * |
| 13 | + * This program is distributed in the hope that it will be useful, |
| 14 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 15 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 16 | + * GNU Affero General Public License for more details. |
| 17 | + * |
| 18 | + * You should have received a copy of the GNU Affero General Public License |
| 19 | + * along with this program. If not, see <https://www.gnu.org/licenses/>. |
| 20 | + */ |
| 21 | + |
| 22 | +namespace OCA\UserSQL\Crypto; |
| 23 | + |
| 24 | +use OCP\IL10N; |
| 25 | + |
| 26 | +require_once "Phpass.php"; |
| 27 | + |
| 28 | +/** |
| 29 | + * Drupal 7 overrides of phpass hash implementation. |
| 30 | + * |
| 31 | + * @author BrandonKerr |
| 32 | + */ |
| 33 | +class Drupal7 extends Phpass |
| 34 | +{ |
| 35 | + |
| 36 | + /** |
| 37 | + * The expected (and maximum) number of characters in a hashed password. |
| 38 | + */ |
| 39 | + const DRUPAL_HASH_LENGTH = 55; |
| 40 | + |
| 41 | + /** |
| 42 | + * @param string $password Password to encrypt. |
| 43 | + * @param string $setting Hash settings. |
| 44 | + * |
| 45 | + * @return string|null Generated hash. Null on invalid settings. |
| 46 | + */ |
| 47 | + private function crypt($password, $setting) |
| 48 | + { |
| 49 | + $countLog2 = strpos(self::ITOA64, $setting[3]); |
| 50 | + if ($countLog2 < 7 || $countLog2 > 30) { |
| 51 | + return null; |
| 52 | + } |
| 53 | + |
| 54 | + $count = 1 << $countLog2; |
| 55 | + |
| 56 | + $salt = substr($setting, 4, 8); |
| 57 | + if (strlen($salt) !== 8) { |
| 58 | + return null; |
| 59 | + } |
| 60 | + |
| 61 | + $hash = hash('sha512', $salt . $password, true); |
| 62 | + do { |
| 63 | + $hash = hash('sha512', $hash . $password, true); |
| 64 | + } while (--$count); |
| 65 | + |
| 66 | + $output = substr($setting, 0, 12); |
| 67 | + $output .= $this->encode64($hash, strlen($hash)); |
| 68 | + |
| 69 | + return substr($output, 0, self::DRUPAL_HASH_LENGTH); |
| 70 | + } |
| 71 | + |
| 72 | + |
| 73 | + /** |
| 74 | + * @inheritdoc |
| 75 | + */ |
| 76 | + protected function getAlgorithmName() |
| 77 | + { |
| 78 | + return "Drupal 7"; |
| 79 | + } |
| 80 | +} |
0 commit comments