From bc1691f5d2330a9ea3da1f72d5a6af6e4a2676a9 Mon Sep 17 00:00:00 2001
From: Bert Van de Poel <bert@bhack.net>
Date: Sat, 24 Apr 2021 04:02:56 +0200
Subject: [PATCH] Add hash support for ssha512

---
 lib/functions.php | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/lib/functions.php b/lib/functions.php
index 513638c..69fadd5 100644
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -2171,6 +2171,7 @@ function password_types() {
 		'sha384'=>'sha384',
 		'ssha384'=>'ssha384',
 		'sha512'=>'sha512',
+		'ssha512'=>'ssha512',
 		'sha256crypt'=>'sha256crypt',
 		'sha512crypt'=>'sha512crypt',
 	);
@@ -2320,6 +2321,12 @@ function pla_password_hash($password_clear,$enc_type) {
 
 			break;
 
+		case 'ssha512':
+			$salt = hex2bin(random_salt(8));
+			$new_value = sprintf('{SSHA512}%s', base64_encode(hash('sha512', $password_clear.$salt, true).$salt));
+
+			break;
+
 		case 'sha256crypt':
 			if (! defined('CRYPT_SHA256') || CRYPT_SHA256 == 0)
 				error(_('Your system crypt library does not support sha256crypt encryption.'),'error','index.php');
@@ -2568,6 +2575,19 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword
 
 			break;
 
+		# Salted SHA512 crypted passwords
+		case 'ssha512':
+			$hash = base64_decode($cryptedpassword);
+			$salt = substr($hash,64);
+			$new_hash = base64_encode(hash('sha512', $plainpassword.$salt, true).$salt);
+
+			if (strcmp($cryptedpassword,$new_hash) == 0)
+				return true;
+			else
+				return false;
+
+			break;
+
 		# No crypt is given assume plaintext passwords are used
 		default:
 			if ($plainpassword == $cryptedpassword)