1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63: 64: 65: 66: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 93: 94: 95: 96: 97: 98: 99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233: 234: 235: 236: 237: 238: 239: 240: 241: 242: 243: 244: 245: 246: 247: 248: 249: 250: 251: 252: 253: 254: 255: 256: 257: 258: 259: 260: 261: 262: 263: 264: 265: 266: 267: 268: 269: 270: 271: 272: 273: 274: 275: 276: 277: 278: 279: 280: 281: 282: 283: 284: 285: 286: 287: 288: 289: 290: 291: 292: 293: 294: 295: 296: 297: 298: 299: 300: 301: 302: 303: 304: 305: 306: 307: 308: 309: 310: 311: 312: 313: 314: 315: 316: 317: 318: 319: 320: 321: 322: 323: 324: 325: 326: 327: 328: 329: 330: 331: 332: 333: 334: 335: 336: 337: 338: 339: 340: 341: 342: 343: 344: 345: 346: 347: 348: 349: 350: 351: 352: 353: 354: 355: 356: 357: 358: 359: 360: 361: 362: 363: 364: 365: 366: 367: 368: 369: 370: 371: 372: 373: 374: 375: 376: 377: 378: 379: 380: 381: 382: 383: 384: 385: 386: 387: 388: 389: 390: 391: 392: 393: 394: 395: 396: 397: 398: 399: 400: 401: 402: 403: 404: 405: 406: 407: 408: 409: 410: 411: 412: 413: 414: 415: 416: 417: 418: 419: 420: 421: 422: 423: 424: 425: 426: 427: 428: 429:
| <?
include "salt_api.php"; include "random_gendata.php";
if(!function_exists('sha512')) { function sha512($data,$raw=false){
return hash('sha512', $data, $raw); } }
function crypt_sha512($password, $salt = "") { $i_rounds = 5000; $i_salt = ''; $i_has_rounds = false;
if(!empty($salt)) { if(substr($salt, 0, 3) != '$6$') { return false; }
$salt = substr($salt, 3);
if(strtolower(substr($salt, 0, 7)) == 'rounds=') { $i = strpos($salt, '$'); if(false !== $i) { $s = substr($salt, 7, $i-7); $i_rounds = @(int)$s; $i_has_rounds = true; $salt = substr($salt, $i+1); } }
$i = strpos($salt, '$'); if(false !== $i) { $salt = substr($salt, 0, $i); }
$i_salt = $salt; } else { $i_salt = gen_salt(16); }
if($i_rounds < 1000) { $i_rounds = 1000; } else if($i_rounds > 999999999) { $i_rounds = 999999999; }
$i_salt = substr($i_salt, 0, 16);
unset($i); unset($rounds); unset($salt);
$d_A = hash_init('sha512'); hash_update($d_A, $password); hash_update($d_A, $i_salt);
$d_B = hash_init('sha512'); hash_update($d_B, $password); hash_update($d_B, $i_salt); hash_update($d_B, $password); $B = hash_final($d_B, true);
for($i = strlen($password); $i >= strlen($B); $i -= strlen($B)) { hash_update($d_A, $B); } hash_update($d_A, substr($B, 0, $i));
$i = strlen($password); while($i) { if($i&1) { hash_update($d_A, $B); } else { hash_update($d_A, $password); } $i >>= 1; }
$A = hash_final($d_A, true);
$d_DP = hash_init('sha512'); for($i = strlen($password); $i; $i--) { hash_update($d_DP, $password); } $DP = hash_final($d_DP, true);
$P = ''; for($i = strlen($password); $i >= strlen($DP); $i -= strlen($DP)) { $P .= $DP; } $P .= substr($DP, 0, $i);
$d_DS = hash_init('sha512'); for($i = 16+ord($A[0]); $i; $i--) { hash_update($d_DS, $i_salt); } $DS = hash_final($d_DS, true);
$S = ''; for($i = strlen($i_salt); $i >= strlen($DS); $i -= strlen($DS)) { $S .= $DS; } $S .= substr($DS, 0, $i);
for($round = 0; $round < $i_rounds; $round++) { $d_C = hash_init('sha512');
if($round&1) { hash_update($d_C, $P); } else { hash_update($d_C, $A); }
if($round%3) { hash_update($d_C, $S); } if($round%7) { hash_update($d_C, $P); } if($round&1) { hash_update($d_C, $A); } else { hash_update($d_C, $P); } $A = hash_final($d_C, true); }
$result = '$6$';
if($i_has_rounds || ($i_rounds != 5000)) { $result .= "rounds={$i_rounds}\$"; }
$result .= $i_salt . '$';
$pos = array( 42, 21, 0, 1, 43, 22, 23, 2, 44, 45, 24, 3, 4, 46, 25, 26, 5, 47, 48, 27, 6, 7, 49, 28, 29, 8, 50, 51, 30, 9, 10, 52, 31, 32, 11, 53, 54, 33, 12, 13, 55, 34, 35, 14, 56, 57, 36, 15, 16, 58, 37, 38, 17, 59, 60, 39, 18, 19, 61, 40, 41, 20, 62, 63);
$tmp = ''; for($i = 0; $i < 64; $i++) { $tmp .= $A[$pos[$i]]; }
$tmp = strtr(base64_encode($tmp), "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/", "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"); $tmp = str_replace('=', '', $tmp);
$result .= $tmp; return $result; }
$tv = array( array( '$6$saltstring', 'Hello world!', '$6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1' ), array( '$6$rounds=10000$saltstringsaltstring', 'Hello world!', '$6$rounds=10000$saltstringsaltst$OW1/O6BYHV6BcXZu8QVeXbDWra3Oeqh0sbHbbMCVNSnCM/UrjmM0Dp8vOuZeHBy/YTBmSK6H9qs/y3RnOaw5v.' ), array( '$6$rounds=5000$toolongsaltstring', 'This is just a test', '$6$rounds=5000$toolongsaltstrin$lQ8jolhgVRVhY4b5pZKaysCLi0QBxGoNeKQzQ3glMhwllF7oGDZxUhx1yxdYcz/e1JSbq3y6JMxxl8audkUEm0' ), array( '$6$rounds=1400$anotherlongsaltstring', 'a very much longer text to encrypt. This one even stretches over morethan one line.', '$6$rounds=1400$anotherlongsalts$POfYwTEok97VWcjxIiSOjiykti.o/pQs.wPvMxQ6Fm7I6IoYN3CmLs66x9t0oSwbtEW7o7UmJEiDwGqd8p4ur1' ), array( '$6$rounds=77777$short', 'we have a short salt string but not a short password', '$6$rounds=77777$short$WuQyW2YR.hBNpjjRhpYD/ifIw05xdfeEyQoMxIXbkvr0gge1a1x3yRULJ5CCaUeOxFmtlcGZelFl5CxtgfiAc0' ), array( '$6$rounds=123456$asaltof16chars..', 'a short string', '$6$rounds=123456$asaltof16chars..$BtCwjqMJGx5hrJhZywWvt0RLE8uZ4oPwcelCjmw2kSYu.Ec6ycULevoBK25fs2xXgMNrCzIMVcgEJAstJeonj1' ), array( '$6$rounds=10$roundstoolow', 'the minimum number is still observed', '$6$rounds=1000$roundstoolow$kUMsbe306n21p9R.FRkW3IGn.S9NPN0x50YhH1xhLsPuWGsUSklZt58jaTfF4ZEQpyUNGc0dqbpBYYBaHHrsX.' ) );
foreach($tv as $tvd) { echo crypt_sha512($tvd[1], $tvd[0]) . "\n" . $tvd[2] . "\n<br/>\n"; }
?> |