mirror of
https://github.com/mailcow/mailcow-dockerized.git
synced 2024-12-04 10:24:42 +02:00
[Web] Add SSHA
This commit is contained in:
parent
3234550a5b
commit
02b10b0ed4
@ -89,6 +89,10 @@ function hash_password($password) {
|
||||
global $default_pass_scheme;
|
||||
$pw_hash = NULL;
|
||||
switch (strtoupper($default_pass_scheme)) {
|
||||
case "SSHA":
|
||||
$salt_str = bin2hex(openssl_random_pseudo_bytes(8));
|
||||
$pw_hash = "{SSHA}".base64_encode(hash('sha1', $password . $salt_str, true) . $salt_str);
|
||||
break;
|
||||
case "SSHA256":
|
||||
$salt_str = bin2hex(openssl_random_pseudo_bytes(8));
|
||||
$pw_hash = "{SSHA256}".base64_encode(hash('sha256', $password . $salt_str, true) . $salt_str);
|
||||
@ -494,6 +498,20 @@ function verify_hash($hash, $password) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
elseif (preg_match('/^{SSHA}/i', $hash)) {
|
||||
// Remove tag if any
|
||||
$hash = preg_replace('/^{SSHA}/i', '', $hash);
|
||||
// Decode hash
|
||||
$dhash = base64_decode($hash);
|
||||
// Get first 20 bytes of binary which equals a SSHA hash
|
||||
$ohash = substr($dhash, 0, 20);
|
||||
// Remove SSHA hash from decoded hash to get original salt string
|
||||
$osalt = str_replace($ohash, '', $dhash);
|
||||
// Check single salted SSHA hash against extracted hash
|
||||
if (hash_equals(hash('sha1', $password . $osalt, true), $ohash)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
elseif (preg_match('/^{PLAIN-MD5}/i', $hash)) {
|
||||
$hash = preg_replace('/^{PLAIN-MD5}/i', '', $hash);
|
||||
if (md5($password) == $hash) {
|
||||
|
Loading…
Reference in New Issue
Block a user