Changeset 51008

Timestamp:

05/25/2021 06:46:39 PM (3 years ago)

Author:

desrosj

Message:

External Libraries: Update the phpass library to version 0.5.

This updates the phpass library from version 0.3 to the latest version of 0.5. This is a minor update that includes some adjustments to be more friendly with newer versions of PHP.

The changes made in [30466] have also been applied to the new version of the library. This should now be the only WordPress specific modification do this library.

Props ayeshrajans, dd32, otto42, desrosj.
Fixes #51549.

File:

• trunk/src/wp-includes/class-phpass.php (modified) (11 diffs)

trunk/src/wp-includes/class-phpass.php

@@ -4 +4 @@
  * @package phpass
  * @since 2.5.0
- * @version 0.3 / WordPress
+ * @version 0.5 / WordPress
  * @link https://www.openwall.com/phpass/
  */
 
 #
+# Portable PHP password hashing framework.
+#
+# Version 0.5 / WordPress.
+#
 # Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
 # the public domain.  Revised in subsequent years, still public domain.
 #
 # There's absolutely no warranty.
+#
+# The homepage URL for this framework is:
+#
+#   http://www.openwall.com/phpass/
 #
 # Please be sure to update the Version line if you edit this file in any way.
@@ -30 +38 @@
  *
  * @package phpass
- * @version 0.3 / WordPress
+ * @version 0.5 / WordPress
  * @link https://www.openwall.com/phpass/
  * @since 2.5.0
@@ -40 +48 @@
     var $random_state;
 
-    /**
-     * PHP5 constructor.
-     */
-    function __construct( $iteration_count_log2, $portable_hashes )
+    function __construct($iteration_count_log2, $portable_hashes)
     {
         $this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
@@ -53 +58 @@
         $this->portable_hashes = $portable_hashes;
 
-        $this->random_state = microtime() . uniqid(rand(), TRUE); // removed getmypid() for compatibility reasons
-    }
-
-    /**
-     * PHP4 constructor.
-     */
-    public function PasswordHash( $iteration_count_log2, $portable_hashes ) {
-        self::__construct( $iteration_count_log2, $portable_hashes );
+        $this->random_state = microtime();
+        if (function_exists('getmypid'))
+            $this->random_state .= getmypid();
+    }
+
+    function PasswordHash($iteration_count_log2, $portable_hashes)
+    {
+        self::__construct($iteration_count_log2, $portable_hashes);
     }
 
@@ -66 +71 @@
     {
         $output = '';
-        if ( @is_readable('/dev/urandom') &&
+        if (@is_readable('/dev/urandom') &&
             ($fh = @fopen('/dev/urandom', 'rb'))) {
             $output = fread($fh, $count);
@@ -77 +82 @@
                 $this->random_state =
                     md5(microtime() . $this->random_state);
-                $output .=
-                    pack('H*', md5($this->random_state));
+                $output .= md5($this->random_state, TRUE);
             }
             $output = substr($output, 0, $count);
@@ -122 +126 @@
     {
         $output = '*0';
-        if (substr($setting, 0, 2) == $output)
+        if (substr($setting, 0, 2) === $output)
             $output = '*1';
 
         $id = substr($setting, 0, 3);
         # We use "$P$", phpBB3 uses "$H$" for the same thing
-        if ($id != '$P$' && $id != '$H$')
+        if ($id !== '$P$' && $id !== '$H$')
             return $output;
 
@@ -137 +141 @@
 
         $salt = substr($setting, 4, 8);
-        if (strlen($salt) != 8)
+        if (strlen($salt) !== 8)
             return $output;
 
-        # We're kind of forced to use MD5 here since it's the only
-        # cryptographic primitive available in all versions of PHP
-        # currently in use.  To implement our own low-level crypto
-        # in PHP would result in much worse performance and
+        # We were kind of forced to use MD5 here since it's the only
+        # cryptographic primitive that was available in all versions
+        # of PHP in use.  To implement our own low-level crypto in PHP
+        # would have resulted in much worse performance and
         # consequently in lower iteration counts and hashes that are
         # quicker to crack (by non-PHP code).
-        if (PHP_VERSION >= '5') {
-            $hash = md5($salt . $password, TRUE);
-            do {
-                $hash = md5($hash . $password, TRUE);
-            } while (--$count);
-        } else {
-            $hash = pack('H*', md5($salt . $password));
-            do {
-                $hash = pack('H*', md5($hash . $password));
-            } while (--$count);
-        }
+        $hash = md5($salt . $password, TRUE);
+        do {
+            $hash = md5($hash . $password, TRUE);
+        } while (--$count);
 
         $output = substr($setting, 0, 12);
         $output .= $this->encode64($hash, 16);
-
-        return $output;
-    }
-
-    function gensalt_extended($input)
-    {
-        $count_log2 = min($this->iteration_count_log2 + 8, 24);
-        # This should be odd to not reveal weak DES keys, and the
-        # maximum valid value is (2**24 - 1) which is odd anyway.
-        $count = (1 << $count_log2) - 1;
-
-        $output = '_';
-        $output .= $this->itoa64[$count & 0x3f];
-        $output .= $this->itoa64[($count >> 6) & 0x3f];
-        $output .= $this->itoa64[($count >> 12) & 0x3f];
-        $output .= $this->itoa64[($count >> 18) & 0x3f];
-
-        $output .= $this->encode64($input, 3);
 
         return $output;
@@ -231 +210 @@
         $random = '';
 
-        if (CRYPT_BLOWFISH == 1 && !$this->portable_hashes) {
+        if (CRYPT_BLOWFISH === 1 && !$this->portable_hashes) {
             $random = $this->get_random_bytes(16);
             $hash =
                 crypt($password, $this->gensalt_blowfish($random));
-            if (strlen($hash) == 60)
-                return $hash;
-        }
-
-        if (CRYPT_EXT_DES == 1 && !$this->portable_hashes) {
-            if (strlen($random) < 3)
-                $random = $this->get_random_bytes(3);
-            $hash =
-                crypt($password, $this->gensalt_extended($random));
-            if (strlen($hash) == 20)
+            if (strlen($hash) === 60)
                 return $hash;
         }
@@ -253 +223 @@
             $this->crypt_private($password,
             $this->gensalt_private($random));
-        if (strlen($hash) == 34)
+        if (strlen($hash) === 34)
             return $hash;
 
@@ -269 +239 @@
 
         $hash = $this->crypt_private($password, $stored_hash);
-        if ($hash[0] == '*')
+        if ($hash[0] === '*')
             $hash = crypt($password, $stored_hash);
 
+        # This is not constant-time.  In order to keep the code simple,
+        # for timing safety we currently rely on the salts being
+        # unpredictable, which they are at least in the non-fallback
+        # cases (that is, when we use /dev/urandom and bcrypt).
         return $hash === $stored_hash;
     }