added SHA512 hashing method FS#2663

2013-01-26 13:38:20 +01:00 · 2013-01-26 13:38:20 +01:00 · dfbe4adfd0
parent 925ad1487c
commit dfbe4adfd0
3 changed files with 24 additions and 1 deletions
--- a/_test/tests/inc/auth_password.test.php
+++ b/_test/tests/inc/auth_password.test.php
@ -16,6 +16,7 @@ class auth_password_test extends PHPUnit_Framework_TestCase {
        'kmd5'  => 'a579299436d7969791189acadd86fcb716',
        'djangomd5'  => 'md5$abcde$d0fdddeda8cd92725d2b54148ac09158',
        'djangosha1' => 'sha1$abcde$c8e65a7f0acc9158843048a53dcc5a6bc4d17678',
+        'sha512' => '$6$abcdefgh12345678$J9.zOcgx0lotwZdcz0uulA3IVQMinZvFZVjA5vapRLVAAqtay23XD4xeeUxQ3B4JvDWYFBIxVWW1tOYlHX13k1'
    );


--- a/inc/PassHash.class.php
+++ b/inc/PassHash.class.php
@ -61,6 +61,9 @@ class PassHash {
        } elseif(preg_match('/^:B:(.+?):.{32}$/', $hash, $m)) {
            $method = 'mediawiki';
            $salt   = $m[1];
+        } elseif(preg_match('/^\$6\$(.+?)\$/', $hash, $m)) {
+            $method = 'sha512';
+            $salt   = $m[1];
        } elseif($len == 32) {
            $method = 'md5';
        } elseif($len == 40) {
@ -457,6 +460,25 @@ class PassHash {
        return crypt($clear, $salt);
    }

+    /**
+     * Password hashing method SHA512
+     *
+     * This is only supported on PHP 5.3.2 or higher and will throw an exception if
+     * the needed crypt support is not available
+     *
+     * @param string $clear The clear text to hash
+     * @param string $salt  The salt to use, null for random
+     * @return string Hashed password
+     * @throws Exception
+     */
+    public function hash_sha512($clear, $salt = null) {
+        if(!defined('CRYPT_SHA512') || CRYPT_SHA512 != 1) {
+            throw new Exception('This PHP installation has no SHA512 support');
+        }
+        $this->init_salt($salt, 8, false);
+        return crypt($clear, '$6$'.$salt.'$');
+    }
+
    /**
     * Password hashing method 'mediawiki'
     *
--- a/lib/plugins/config/settings/config.metadata.php
+++ b/lib/plugins/config/settings/config.metadata.php
@ -126,7 +126,7 @@ $meta['_authentication'] = array('fieldset');
 $meta['useacl']      = array('onoff');
 $meta['autopasswd']  = array('onoff');
 $meta['authtype']    = array('authtype');
-$meta['passcrypt']   = array('multichoice','_choices' => array('smd5','md5','apr1','sha1','ssha','lsmd5','crypt','mysql','my411','kmd5','pmd5','hmd5','mediawiki','bcrypt'));
+$meta['passcrypt']   = array('multichoice','_choices' => array('smd5','md5','apr1','sha1','ssha','lsmd5','crypt','mysql','my411','kmd5','pmd5','hmd5','mediawiki','bcrypt','sha512'));
 $meta['defaultgroup']= array('string');
 $meta['superuser']   = array('string');
 $meta['manager']     = array('string');