diff --git a/lib/functions.php b/lib/functions.php index 51d856a..513638c 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -2166,6 +2166,10 @@ function password_types() { 'sha'=>'sha', 'smd5'=>'smd5', 'ssha'=>'ssha', + 'sha256'=>'sha256', + 'ssha256'=>'ssha256', + 'sha384'=>'sha384', + 'ssha384'=>'ssha384', 'sha512'=>'sha512', 'sha256crypt'=>'sha256crypt', 'sha512crypt'=>'sha512crypt', @@ -2284,6 +2288,28 @@ function pla_password_hash($password_clear,$enc_type) { break; + case 'sha256': + $new_value = sprintf('{SHA256}%s', base64_encode(hash('sha256', $password_clear, true))); + + break; + + case 'ssha256': + $salt = hex2bin(random_salt(8)); + $new_value = sprintf('{SSHA256}%s', base64_encode(hash('sha256', $password_clear.$salt, true).$salt)); + + break; + + case 'sha384': + $new_value = sprintf('{SHA384}%s', base64_encode(hash('sha384', $password_clear, true))); + + break; + + case 'ssha384': + $salt = hex2bin(random_salt(8)); + $new_value = sprintf('{SSHA384}%s', base64_encode(hash('sha384', $password_clear.$salt, true).$salt)); + + break; + case 'sha512': if (function_exists('openssl_digest') && function_exists('base64_encode')) { $new_value = sprintf('{SHA512}%s', base64_encode(openssl_digest($password_clear, 'sha512', true))); @@ -2489,6 +2515,50 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword break; + # SHA256 crypted passwords + case 'sha256': + if (strcasecmp(pla_password_hash($plainpassword,'sha256'),'{SHA256}'.$cryptedpassword) == 0) + return true; + else + return false; + + break; + + # Salted SHA256 crypted passwords + case 'ssha256': + $hash = base64_decode($cryptedpassword); + $salt = substr($hash,64); + $new_hash = base64_encode(hash('sha256', $plainpassword.$salt, true).$salt); + + if (strcmp($cryptedpassword,$new_hash) == 0) + return true; + else + return false; + + break; + + # SHA384 crypted passwords + case 'sha384': + if (strcasecmp(pla_password_hash($plainpassword,'sha384'),'{SHA384}'.$cryptedpassword) == 0) + return true; + else + return false; + + break; + + # Salted SHA384 crypted passwords + case 'ssha384': + $hash = base64_decode($cryptedpassword); + $salt = substr($hash,64); + $new_hash = base64_encode(hash('sha384', $plainpassword.$salt, true).$salt); + + if (strcmp($cryptedpassword,$new_hash) == 0) + return true; + else + return false; + + break; + # SHA512 crypted passwords case 'sha512': if (strcasecmp(pla_password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)