deon/phpldapadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Crypt based password functions

Browse Source
This commit is contained in:
Deon George
2025-01-18 21:47:49 +11:00
parent d3d7881e3b
commit 2445cac6a6
14 changed files with 180 additions and 938 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/Classes/LDAP/Attribute/Password.php
View File

@@ -49,7 +49,7 @@ final class Password extends Attribute
$hash = Arr::get($m,1,'*clear*');
if (($potential=static::helpers()->filter(fn($hasher)=>str_starts_with($hasher::id(),$hash)))->count() > 1) {
if (($potential=static::helpers()->filter(fn($hasher)=>str_starts_with($hasher::key,$hash)))->count() > 1) {
foreach ($potential as $item) {
if ($item::subid($password))
return new $item;
@@ -82,7 +82,7 @@ final class Password extends Attribute
->with('edit',$edit)
->with('old',$old)
->with('new',$new)
->with('helpers',static::helpers()->map(fn($item,$key)=>['id'=>$key,'value'=>$key]));
->with('helpers',static::helpers()->map(fn($item,$key)=>['id'=>$key,'value'=>$key])->sort());
}
public function render_item_old(int $key): ?string

2
app/Classes/LDAP/Attribute/Password/Argon2i.php
View File

@@ -5,7 +5,7 @@ namespace App\Classes\LDAP\Attribute\Password;
final class Argon2i extends Base
{
public const key = 'ARGON2';
protected const subkey = 'i';
protected const subkey = 'argon2i';
protected const identifier = '$argon2i';
public static function subid(string $password): bool

2
app/Classes/LDAP/Attribute/Password/Argon2id.php
View File

@@ -5,7 +5,7 @@ namespace App\Classes\LDAP\Attribute\Password;
final class Argon2id extends Base
{
public const key = 'ARGON2';
protected const subkey = 'id';
protected const subkey = 'argon2id';
protected const identifier = '$argon2id';
public static function subid(string $password): bool

2
app/Classes/LDAP/Attribute/Password/Base.php
View File

@@ -10,7 +10,7 @@ abstract class Base
public static function id(): string
{
return static::key.(static::subkey ? ':'.static::subkey : '');
return static::subkey ? strtoupper(static::subkey) : static::key;
}
/**

30
app/Classes/LDAP/Attribute/Password/Blowfish.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
namespace App\Classes\LDAP\Attribute\Password;
final class Blowfish extends Base
{
public const key = 'CRYPT';
protected const subkey = 'blowfish';
private const cost = 12;
protected const salt = 22;
private const identifier = '$2a$';
public static function subid(string $password): bool
{
return preg_match('/^\\$2.\\$/',self::password($password));
}
public function compare(string $source,string $compare): bool
{
return hash_equals($cp=self::password($source),crypt($compare,$cp));
}
public function encode(string $password,string $salt=NULL): string
{
if (is_null($salt))
$salt = sprintf('%s%d$%s',self::identifier,self::cost,random_salt(self::salt));
return sprintf('{%s}%s',self::key,crypt($password,$salt));
}
}

29
app/Classes/LDAP/Attribute/Password/Crypt.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
namespace App\Classes\LDAP\Attribute\Password;
final class Crypt extends Base
{
public const key = 'CRYPT';
protected const subkey = 'crypt';
protected const salt = 2;
private const identifier = '';
public static function subid(string $password): bool
{
return preg_match('/^[\da-f]{2}/',self::password($password));
}
public function compare(string $source,string $compare): bool
{
return hash_equals($cp=self::password($source),crypt($compare,$cp));
}
public function encode(string $password,string $salt=NULL): string
{
if (is_null($salt))
$salt = sprintf('%s%s',self::identifier,random_salt(self::salt));
return sprintf('{%s}%s',self::key,crypt($password,$salt));
}
}

29
app/Classes/LDAP/Attribute/Password/ExtDes.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
namespace App\Classes\LDAP\Attribute\Password;
final class ExtDes extends Base
{
public const key = 'CRYPT';
protected const subkey = 'ext_des';
protected const salt = 8;
private const identifier = '_';
public static function subid(string $password): bool
{
return str_starts_with(self::password($password),self::identifier);
}
public function compare(string $source,string $compare): bool
{
return hash_equals($cp=self::password($source),crypt($compare,$cp));
}
public function encode(string $password,string $salt=NULL): string
{
if (is_null($salt))
$salt = sprintf('%s%s',self::identifier,random_salt(self::salt));
return sprintf('{%s}%s',self::key,crypt($password,$salt));
}
}

29
app/Classes/LDAP/Attribute/Password/MD5crypt.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
namespace App\Classes\LDAP\Attribute\Password;
final class MD5crypt extends Base
{
public const key = 'CRYPT';
protected const subkey = 'md5crypt';
protected const salt = 9;
private const identifier = '$1$';
public static function subid(string $password): bool
{
return str_starts_with(self::password($password),self::identifier);
}
public function compare(string $source,string $compare): bool
{
return hash_equals($cp=self::password($source),crypt($compare,$cp));
}
public function encode(string $password,string $salt=NULL): string
{
if (is_null($salt))
$salt = sprintf('%s$%s',self::identifier,random_salt(self::salt));
return sprintf('{%s}%s',self::key,crypt($password,$salt));
}
}

29
app/Classes/LDAP/Attribute/Password/SHA256crypt.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
namespace App\Classes\LDAP\Attribute\Password;
final class SHA256crypt extends Base
{
public const key = 'CRYPT';
protected const subkey = 'sha256crypt';
protected const salt = 5;
private const identifier = '$5$';
public static function subid(string $password): bool
{
return str_starts_with(self::password($password),self::identifier);
}
public function compare(string $source,string $compare): bool
{
return hash_equals($cp=self::password($source),crypt($compare,$cp));
}
public function encode(string $password,string $salt=NULL): string
{
if (is_null($salt))
$salt = sprintf('%s%s',self::identifier,random_salt(self::salt));
return sprintf('{%s}%s',self::key,crypt($password,$salt));
}
}

29
app/Classes/LDAP/Attribute/Password/SHA512crypt.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
namespace App\Classes\LDAP\Attribute\Password;
final class SHA512crypt extends Base
{
public const key = 'CRYPT';
protected const subkey = 'sha512crypt';
protected const salt = 2;
private const identifier = '$6$';
public static function subid(string $password): bool
{
return str_starts_with(self::password($password),self::identifier);
}
public function compare(string $source,string $compare): bool
{
return hash_equals($cp=self::password($source),crypt($compare,$cp));
}
public function encode(string $password,string $salt=NULL): string
{
if (is_null($salt))
$salt = sprintf('%s%s',self::identifier,random_salt(self::salt));
return sprintf('{%s}%s',self::key,crypt($password,$salt));
}
}