Ticket #51549: 51549.diff
File 51549.diff, 6.3 KB (added by , 3 years ago) |
---|
-
src/wp-includes/class-phpass.php
3 3 * Portable PHP password hashing framework. 4 4 * @package phpass 5 5 * @since 2.5.0 6 * @version 0. 3/ WordPress6 * @version 0.5 / WordPress 7 7 * @link https://www.openwall.com/phpass/ 8 8 */ 9 9 10 10 # 11 # Portable PHP password hashing framework. 12 # 13 # Version 0.5 / WordPress. 14 # 11 15 # Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in 12 16 # the public domain. Revised in subsequent years, still public domain. 13 17 # 14 18 # There's absolutely no warranty. 15 19 # 20 # The homepage URL for this framework is: 21 # 22 # http://www.openwall.com/phpass/ 23 # 16 24 # Please be sure to update the Version line if you edit this file in any way. 17 25 # It is suggested that you leave the main version number intact, but indicate 18 26 # your project name (after the slash) and add your own revision information. … … 29 37 * Portable PHP password hashing framework. 30 38 * 31 39 * @package phpass 32 * @version 0. 3/ WordPress40 * @version 0.5 / WordPress 33 41 * @link https://www.openwall.com/phpass/ 34 42 * @since 2.5.0 35 43 */ … … 39 47 var $portable_hashes; 40 48 var $random_state; 41 49 42 /** 43 * PHP5 constructor. 44 */ 45 function __construct( $iteration_count_log2, $portable_hashes ) 50 function __construct($iteration_count_log2, $portable_hashes) 46 51 { 47 52 $this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; 48 53 … … 52 57 53 58 $this->portable_hashes = $portable_hashes; 54 59 55 $this->random_state = microtime() . uniqid(rand(), TRUE); // removed getmypid() for compatibility reasons 60 $this->random_state = microtime(); 61 if (function_exists('getmypid')) 62 $this->random_state .= getmypid(); 56 63 } 57 64 58 /** 59 * PHP4 constructor. 60 */ 61 public function PasswordHash( $iteration_count_log2, $portable_hashes ) { 62 self::__construct( $iteration_count_log2, $portable_hashes ); 65 function PasswordHash($iteration_count_log2, $portable_hashes) 66 { 67 self::__construct($iteration_count_log2, $portable_hashes); 63 68 } 64 69 65 70 function get_random_bytes($count) 66 71 { 67 72 $output = ''; 68 if ( 73 if (@is_readable('/dev/urandom') && 69 74 ($fh = @fopen('/dev/urandom', 'rb'))) { 70 75 $output = fread($fh, $count); 71 76 fclose($fh); … … 76 81 for ($i = 0; $i < $count; $i += 16) { 77 82 $this->random_state = 78 83 md5(microtime() . $this->random_state); 79 $output .= 80 pack('H*', md5($this->random_state)); 84 $output .= md5($this->random_state, TRUE); 81 85 } 82 86 $output = substr($output, 0, $count); 83 87 } … … 121 125 function crypt_private($password, $setting) 122 126 { 123 127 $output = '*0'; 124 if (substr($setting, 0, 2) == $output)128 if (substr($setting, 0, 2) === $output) 125 129 $output = '*1'; 126 130 127 131 $id = substr($setting, 0, 3); 128 132 # We use "$P$", phpBB3 uses "$H$" for the same thing 129 if ($id != '$P$' && $id != '$H$')133 if ($id !== '$P$' && $id !== '$H$') 130 134 return $output; 131 135 132 136 $count_log2 = strpos($this->itoa64, $setting[3]); … … 136 140 $count = 1 << $count_log2; 137 141 138 142 $salt = substr($setting, 4, 8); 139 if (strlen($salt) != 8)143 if (strlen($salt) !== 8) 140 144 return $output; 141 145 142 # We 're kind of forced to use MD5 here since it's the only143 # cryptographic primitive available in all versions of PHP144 # currently in use. To implement our own low-level crypto145 # in PHP would resultin much worse performance and146 # We were kind of forced to use MD5 here since it's the only 147 # cryptographic primitive that was available in all versions 148 # of PHP in use. To implement our own low-level crypto in PHP 149 # would have resulted in much worse performance and 146 150 # consequently in lower iteration counts and hashes that are 147 151 # quicker to crack (by non-PHP code). 148 if (PHP_VERSION >= '5') { 149 $hash = md5($salt . $password, TRUE); 150 do { 151 $hash = md5($hash . $password, TRUE); 152 } while (--$count); 153 } else { 154 $hash = pack('H*', md5($salt . $password)); 155 do { 156 $hash = pack('H*', md5($hash . $password)); 157 } while (--$count); 158 } 152 $hash = md5($salt . $password, TRUE); 153 do { 154 $hash = md5($hash . $password, TRUE); 155 } while (--$count); 159 156 160 157 $output = substr($setting, 0, 12); 161 158 $output .= $this->encode64($hash, 16); … … 163 160 return $output; 164 161 } 165 162 166 function gensalt_extended($input)167 {168 $count_log2 = min($this->iteration_count_log2 + 8, 24);169 # This should be odd to not reveal weak DES keys, and the170 # maximum valid value is (2**24 - 1) which is odd anyway.171 $count = (1 << $count_log2) - 1;172 173 $output = '_';174 $output .= $this->itoa64[$count & 0x3f];175 $output .= $this->itoa64[($count >> 6) & 0x3f];176 $output .= $this->itoa64[($count >> 12) & 0x3f];177 $output .= $this->itoa64[($count >> 18) & 0x3f];178 179 $output .= $this->encode64($input, 3);180 181 return $output;182 }183 184 163 function gensalt_blowfish($input) 185 164 { 186 165 # This one needs to use a different order of characters and a … … 230 209 231 210 $random = ''; 232 211 233 if (CRYPT_BLOWFISH == 1 && !$this->portable_hashes) {212 if (CRYPT_BLOWFISH === 1 && !$this->portable_hashes) { 234 213 $random = $this->get_random_bytes(16); 235 214 $hash = 236 215 crypt($password, $this->gensalt_blowfish($random)); 237 if (strlen($hash) == 60) 238 return $hash; 239 } 240 241 if (CRYPT_EXT_DES == 1 && !$this->portable_hashes) { 242 if (strlen($random) < 3) 243 $random = $this->get_random_bytes(3); 244 $hash = 245 crypt($password, $this->gensalt_extended($random)); 246 if (strlen($hash) == 20) 216 if (strlen($hash) === 60) 247 217 return $hash; 248 218 } 249 219 … … 252 222 $hash = 253 223 $this->crypt_private($password, 254 224 $this->gensalt_private($random)); 255 if (strlen($hash) == 34)225 if (strlen($hash) === 34) 256 226 return $hash; 257 227 258 228 # Returning '*' on error is safe here, but would _not_ be safe … … 268 238 } 269 239 270 240 $hash = $this->crypt_private($password, $stored_hash); 271 if ($hash[0] == '*')241 if ($hash[0] === '*') 272 242 $hash = crypt($password, $stored_hash); 273 243 244 # This is not constant-time. In order to keep the code simple, 245 # for timing safety we currently rely on the salts being 246 # unpredictable, which they are at least in the non-fallback 247 # cases (that is, when we use /dev/urandom and bcrypt). 274 248 return $hash === $stored_hash; 275 249 } 276 } 277 No newline at end of file 250 }