Bitrix-D7 23.9
 
Загрузка...
Поиск...
Не найдено
password.php
1<?php
9namespace Bitrix\Main\Security;
10
11class Password
12{
20 public static function equals($hash, $password, $original = true): bool
21 {
22 if($original)
23 {
24 $salt = "";
25 $hashLength = strlen($hash);
26
27 if($hashLength > 100)
28 {
29 //new SHA-512 method, format is $6${salt}${hash}
30 $salt = substr($hash, 3, 16);
31
32 $password = static::hash($password, $salt);
33 }
34 else
35 {
36 if($hashLength > 32)
37 {
38 //old salt+md5 method, format is {salt}{hash}
39 $salt = substr($hash, 0, $hashLength - 32);
40 }
41 //else very old format {hash} without a salt
42
43 $password = $salt.md5($salt.$password);
44 }
45 }
46
47 return hash_equals($hash, $password);
48 }
49
55 public static function needRehash($hash): bool
56 {
57 if(CRYPT_SHA512 == 1)
58 {
59 if(strlen($hash) > 100)
60 {
61 //new SHA-512 hash usually 106 bytes long
62 return false;
63 }
64 }
65 else
66 {
67 if(strlen($hash) > 32)
68 {
69 //old md5+salt method
70 return false;
71 }
72 }
73 return true;
74 }
75
82 public static function hash($password, $salt = null): string
83 {
84 if(CRYPT_SHA512 == 1)
85 {
86 //new SHA-512 method
87 if($salt === null)
88 {
89 $salt = Random::getString(16, true);
90 }
91 //by default rounds=5000
92 return crypt($password, '$6$'.$salt.'$');
93 }
94 else
95 {
96 //old md5 method
97 if($salt === null)
98 {
99 $salt = Random::getStringByAlphabet(8, Random::ALPHABET_ALL);
100 }
101 return $salt.md5($salt.$password);
102 }
103 }
104}
Bitrix\Main\Security\Password\equals
static equals($hash, $password, $original=true)
Definition password.php:20
Bitrix\Main\Security\Password\hash
static hash($password, $salt=null)
Definition password.php:82
Bitrix\Main\Security\Random\getString
static getString($length, $caseSensitive=false)
Definition random.php:76
Bitrix\Main\Security\Random\getStringByAlphabet
static getStringByAlphabet($length, $alphabet, $requireAll=false)
Definition random.php:94