Mercurial > hg > rr-repo

annotate includes/password.inc @ 13:134d4b2e75f6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated quicktabs and google analytics modules
author danieleb <danielebarchiesi@me.com>
date Tue, 29 Oct 2013 13:48:59 +0000
parents ff03f76ab3fe
children
rev   line source
danielebarchiesi@0 1 <?php
danielebarchiesi@0 2
danielebarchiesi@0 3 /**
danielebarchiesi@0 4 * @file
danielebarchiesi@0 5 * Secure password hashing functions for user authentication.
danielebarchiesi@0 6 *
danielebarchiesi@0 7 * Based on the Portable PHP password hashing framework.
danielebarchiesi@0 8 * @see http://www.openwall.com/phpass/
danielebarchiesi@0 9 *
danielebarchiesi@0 10 * An alternative or custom version of this password hashing API may be
danielebarchiesi@0 11 * used by setting the variable password_inc to the name of the PHP file
danielebarchiesi@0 12 * containing replacement user_hash_password(), user_check_password(), and
danielebarchiesi@0 13 * user_needs_new_hash() functions.
danielebarchiesi@0 14 */
danielebarchiesi@0 15
danielebarchiesi@0 16 /**
danielebarchiesi@0 17 * The standard log2 number of iterations for password stretching. This should
danielebarchiesi@0 18 * increase by 1 every Drupal version in order to counteract increases in the
danielebarchiesi@0 19 * speed and power of computers available to crack the hashes.
danielebarchiesi@0 20 */
danielebarchiesi@0 21 define('DRUPAL_HASH_COUNT', 15);
danielebarchiesi@0 22
danielebarchiesi@0 23 /**
danielebarchiesi@0 24 * The minimum allowed log2 number of iterations for password stretching.
danielebarchiesi@0 25 */
danielebarchiesi@0 26 define('DRUPAL_MIN_HASH_COUNT', 7);
danielebarchiesi@0 27
danielebarchiesi@0 28 /**
danielebarchiesi@0 29 * The maximum allowed log2 number of iterations for password stretching.
danielebarchiesi@0 30 */
danielebarchiesi@0 31 define('DRUPAL_MAX_HASH_COUNT', 30);
danielebarchiesi@0 32
danielebarchiesi@0 33 /**
danielebarchiesi@0 34 * The expected (and maximum) number of characters in a hashed password.
danielebarchiesi@0 35 */
danielebarchiesi@0 36 define('DRUPAL_HASH_LENGTH', 55);
danielebarchiesi@0 37
danielebarchiesi@0 38 /**
danielebarchiesi@0 39 * Returns a string for mapping an int to the corresponding base 64 character.
danielebarchiesi@0 40 */
danielebarchiesi@0 41 function _password_itoa64() {
danielebarchiesi@0 42 return './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
danielebarchiesi@0 43 }
danielebarchiesi@0 44
danielebarchiesi@0 45 /**
danielebarchiesi@0 46 * Encodes bytes into printable base 64 using the *nix standard from crypt().
danielebarchiesi@0 47 *
danielebarchiesi@0 48 * @param $input
danielebarchiesi@0 49 * The string containing bytes to encode.
danielebarchiesi@0 50 * @param $count
danielebarchiesi@0 51 * The number of characters (bytes) to encode.
danielebarchiesi@0 52 *
danielebarchiesi@0 53 * @return
danielebarchiesi@0 54 * Encoded string
danielebarchiesi@0 55 */
danielebarchiesi@0 56 function _password_base64_encode($input, $count) {
danielebarchiesi@0 57 $output = '';
danielebarchiesi@0 58 $i = 0;
danielebarchiesi@0 59 $itoa64 = _password_itoa64();
danielebarchiesi@0 60 do {
danielebarchiesi@0 61 $value = ord($input[$i++]);
danielebarchiesi@0 62 $output .= $itoa64[$value & 0x3f];
danielebarchiesi@0 63 if ($i < $count) {
danielebarchiesi@0 64 $value |= ord($input[$i]) << 8;
danielebarchiesi@0 65 }
danielebarchiesi@0 66 $output .= $itoa64[($value >> 6) & 0x3f];
danielebarchiesi@0 67 if ($i++ >= $count) {
danielebarchiesi@0 68 break;
danielebarchiesi@0 69 }
danielebarchiesi@0 70 if ($i < $count) {
danielebarchiesi@0 71 $value |= ord($input[$i]) << 16;
danielebarchiesi@0 72 }
danielebarchiesi@0 73 $output .= $itoa64[($value >> 12) & 0x3f];
danielebarchiesi@0 74 if ($i++ >= $count) {
danielebarchiesi@0 75 break;
danielebarchiesi@0 76 }
danielebarchiesi@0 77 $output .= $itoa64[($value >> 18) & 0x3f];
danielebarchiesi@0 78 } while ($i < $count);
danielebarchiesi@0 79
danielebarchiesi@0 80 return $output;
danielebarchiesi@0 81 }
danielebarchiesi@0 82
danielebarchiesi@0 83 /**
danielebarchiesi@0 84 * Generates a random base 64-encoded salt prefixed with settings for the hash.
danielebarchiesi@0 85 *
danielebarchiesi@0 86 * Proper use of salts may defeat a number of attacks, including:
danielebarchiesi@0 87 * - The ability to try candidate passwords against multiple hashes at once.
danielebarchiesi@0 88 * - The ability to use pre-hashed lists of candidate passwords.
danielebarchiesi@0 89 * - The ability to determine whether two users have the same (or different)
danielebarchiesi@0 90 * password without actually having to guess one of the passwords.
danielebarchiesi@0 91 *
danielebarchiesi@0 92 * @param $count_log2
danielebarchiesi@0 93 * Integer that determines the number of iterations used in the hashing
danielebarchiesi@0 94 * process. A larger value is more secure, but takes more time to complete.
danielebarchiesi@0 95 *
danielebarchiesi@0 96 * @return
danielebarchiesi@0 97 * A 12 character string containing the iteration count and a random salt.
danielebarchiesi@0 98 */
danielebarchiesi@0 99 function _password_generate_salt($count_log2) {
danielebarchiesi@0 100 $output = '$S$';
danielebarchiesi@0 101 // Ensure that $count_log2 is within set bounds.
danielebarchiesi@0 102 $count_log2 = _password_enforce_log2_boundaries($count_log2);
danielebarchiesi@0 103 // We encode the final log2 iteration count in base 64.
danielebarchiesi@0 104 $itoa64 = _password_itoa64();
danielebarchiesi@0 105 $output .= $itoa64[$count_log2];
danielebarchiesi@0 106 // 6 bytes is the standard salt for a portable phpass hash.
danielebarchiesi@0 107 $output .= _password_base64_encode(drupal_random_bytes(6), 6);
danielebarchiesi@0 108 return $output;
danielebarchiesi@0 109 }
danielebarchiesi@0 110
danielebarchiesi@0 111 /**
danielebarchiesi@0 112 * Ensures that $count_log2 is within set bounds.
danielebarchiesi@0 113 *
danielebarchiesi@0 114 * @param $count_log2
danielebarchiesi@0 115 * Integer that determines the number of iterations used in the hashing
danielebarchiesi@0 116 * process. A larger value is more secure, but takes more time to complete.
danielebarchiesi@0 117 *
danielebarchiesi@0 118 * @return
danielebarchiesi@0 119 * Integer within set bounds that is closest to $count_log2.
danielebarchiesi@0 120 */
danielebarchiesi@0 121 function _password_enforce_log2_boundaries($count_log2) {
danielebarchiesi@0 122 if ($count_log2 < DRUPAL_MIN_HASH_COUNT) {
danielebarchiesi@0 123 return DRUPAL_MIN_HASH_COUNT;
danielebarchiesi@0 124 }
danielebarchiesi@0 125 elseif ($count_log2 > DRUPAL_MAX_HASH_COUNT) {
danielebarchiesi@0 126 return DRUPAL_MAX_HASH_COUNT;
danielebarchiesi@0 127 }
danielebarchiesi@0 128
danielebarchiesi@0 129 return (int) $count_log2;
danielebarchiesi@0 130 }
danielebarchiesi@0 131
danielebarchiesi@0 132 /**
danielebarchiesi@0 133 * Hash a password using a secure stretched hash.
danielebarchiesi@0 134 *
danielebarchiesi@0 135 * By using a salt and repeated hashing the password is "stretched". Its
danielebarchiesi@0 136 * security is increased because it becomes much more computationally costly
danielebarchiesi@0 137 * for an attacker to try to break the hash by brute-force computation of the
danielebarchiesi@0 138 * hashes of a large number of plain-text words or strings to find a match.
danielebarchiesi@0 139 *
danielebarchiesi@0 140 * @param $algo
danielebarchiesi@0 141 * The string name of a hashing algorithm usable by hash(), like 'sha256'.
danielebarchiesi@0 142 * @param $password
danielebarchiesi@0 143 * The plain-text password to hash.
danielebarchiesi@0 144 * @param $setting
danielebarchiesi@0 145 * An existing hash or the output of _password_generate_salt(). Must be
danielebarchiesi@0 146 * at least 12 characters (the settings and salt).
danielebarchiesi@0 147 *
danielebarchiesi@0 148 * @return
danielebarchiesi@0 149 * A string containing the hashed password (and salt) or FALSE on failure.
danielebarchiesi@0 150 * The return string will be truncated at DRUPAL_HASH_LENGTH characters max.
danielebarchiesi@0 151 */
danielebarchiesi@0 152 function _password_crypt($algo, $password, $setting) {
danielebarchiesi@0 153 // The first 12 characters of an existing hash are its setting string.
danielebarchiesi@0 154 $setting = substr($setting, 0, 12);
danielebarchiesi@0 155
danielebarchiesi@0 156 if ($setting[0] != '$' || $setting[2] != '$') {
danielebarchiesi@0 157 return FALSE;
danielebarchiesi@0 158 }
danielebarchiesi@0 159 $count_log2 = _password_get_count_log2($setting);
danielebarchiesi@0 160 // Hashes may be imported from elsewhere, so we allow != DRUPAL_HASH_COUNT
danielebarchiesi@0 161 if ($count_log2 < DRUPAL_MIN_HASH_COUNT || $count_log2 > DRUPAL_MAX_HASH_COUNT) {
danielebarchiesi@0 162 return FALSE;
danielebarchiesi@0 163 }
danielebarchiesi@0 164 $salt = substr($setting, 4, 8);
danielebarchiesi@0 165 // Hashes must have an 8 character salt.
danielebarchiesi@0 166 if (strlen($salt) != 8) {
danielebarchiesi@0 167 return FALSE;
danielebarchiesi@0 168 }
danielebarchiesi@0 169
danielebarchiesi@0 170 // Convert the base 2 logarithm into an integer.
danielebarchiesi@0 171 $count = 1 << $count_log2;
danielebarchiesi@0 172
danielebarchiesi@0 173 // We rely on the hash() function being available in PHP 5.2+.
danielebarchiesi@0 174 $hash = hash($algo, $salt . $password, TRUE);
danielebarchiesi@0 175 do {
danielebarchiesi@0 176 $hash = hash($algo, $hash . $password, TRUE);
danielebarchiesi@0 177 } while (--$count);
danielebarchiesi@0 178
danielebarchiesi@0 179 $len = strlen($hash);
danielebarchiesi@0 180 $output = $setting . _password_base64_encode($hash, $len);
danielebarchiesi@0 181 // _password_base64_encode() of a 16 byte MD5 will always be 22 characters.
danielebarchiesi@0 182 // _password_base64_encode() of a 64 byte sha512 will always be 86 characters.
danielebarchiesi@0 183 $expected = 12 + ceil((8 * $len) / 6);
danielebarchiesi@0 184 return (strlen($output) == $expected) ? substr($output, 0, DRUPAL_HASH_LENGTH) : FALSE;
danielebarchiesi@0 185 }
danielebarchiesi@0 186
danielebarchiesi@0 187 /**
danielebarchiesi@0 188 * Parse the log2 iteration count from a stored hash or setting string.
danielebarchiesi@0 189 */
danielebarchiesi@0 190 function _password_get_count_log2($setting) {
danielebarchiesi@0 191 $itoa64 = _password_itoa64();
danielebarchiesi@0 192 return strpos($itoa64, $setting[3]);
danielebarchiesi@0 193 }
danielebarchiesi@0 194
danielebarchiesi@0 195 /**
danielebarchiesi@0 196 * Hash a password using a secure hash.
danielebarchiesi@0 197 *
danielebarchiesi@0 198 * @param $password
danielebarchiesi@0 199 * A plain-text password.
danielebarchiesi@0 200 * @param $count_log2
danielebarchiesi@0 201 * Optional integer to specify the iteration count. Generally used only during
danielebarchiesi@0 202 * mass operations where a value less than the default is needed for speed.
danielebarchiesi@0 203 *
danielebarchiesi@0 204 * @return
danielebarchiesi@0 205 * A string containing the hashed password (and a salt), or FALSE on failure.
danielebarchiesi@0 206 */
danielebarchiesi@0 207 function user_hash_password($password, $count_log2 = 0) {
danielebarchiesi@0 208 if (empty($count_log2)) {
danielebarchiesi@0 209 // Use the standard iteration count.
danielebarchiesi@0 210 $count_log2 = variable_get('password_count_log2', DRUPAL_HASH_COUNT);
danielebarchiesi@0 211 }
danielebarchiesi@0 212 return _password_crypt('sha512', $password, _password_generate_salt($count_log2));
danielebarchiesi@0 213 }
danielebarchiesi@0 214
danielebarchiesi@0 215 /**
danielebarchiesi@0 216 * Check whether a plain text password matches a stored hashed password.
danielebarchiesi@0 217 *
danielebarchiesi@0 218 * Alternative implementations of this function may use other data in the
danielebarchiesi@0 219 * $account object, for example the uid to look up the hash in a custom table
danielebarchiesi@0 220 * or remote database.
danielebarchiesi@0 221 *
danielebarchiesi@0 222 * @param $password
danielebarchiesi@0 223 * A plain-text password
danielebarchiesi@0 224 * @param $account
danielebarchiesi@0 225 * A user object with at least the fields from the {users} table.
danielebarchiesi@0 226 *
danielebarchiesi@0 227 * @return
danielebarchiesi@0 228 * TRUE or FALSE.
danielebarchiesi@0 229 */
danielebarchiesi@0 230 function user_check_password($password, $account) {
danielebarchiesi@0 231 if (substr($account->pass, 0, 2) == 'U$') {
danielebarchiesi@0 232 // This may be an updated password from user_update_7000(). Such hashes
danielebarchiesi@0 233 // have 'U' added as the first character and need an extra md5().
danielebarchiesi@0 234 $stored_hash = substr($account->pass, 1);
danielebarchiesi@0 235 $password = md5($password);
danielebarchiesi@0 236 }
danielebarchiesi@0 237 else {
danielebarchiesi@0 238 $stored_hash = $account->pass;
danielebarchiesi@0 239 }
danielebarchiesi@0 240
danielebarchiesi@0 241 $type = substr($stored_hash, 0, 3);
danielebarchiesi@0 242 switch ($type) {
danielebarchiesi@0 243 case '$S$':
danielebarchiesi@0 244 // A normal Drupal 7 password using sha512.
danielebarchiesi@0 245 $hash = _password_crypt('sha512', $password, $stored_hash);
danielebarchiesi@0 246 break;
danielebarchiesi@0 247 case '$H$':
danielebarchiesi@0 248 // phpBB3 uses "$H$" for the same thing as "$P$".
danielebarchiesi@0 249 case '$P$':
danielebarchiesi@0 250 // A phpass password generated using md5. This is an
danielebarchiesi@0 251 // imported password or from an earlier Drupal version.
danielebarchiesi@0 252 $hash = _password_crypt('md5', $password, $stored_hash);
danielebarchiesi@0 253 break;
danielebarchiesi@0 254 default:
danielebarchiesi@0 255 return FALSE;
danielebarchiesi@0 256 }
danielebarchiesi@0 257 return ($hash && $stored_hash == $hash);
danielebarchiesi@0 258 }
danielebarchiesi@0 259
danielebarchiesi@0 260 /**
danielebarchiesi@0 261 * Check whether a user's hashed password needs to be replaced with a new hash.
danielebarchiesi@0 262 *
danielebarchiesi@0 263 * This is typically called during the login process when the plain text
danielebarchiesi@0 264 * password is available. A new hash is needed when the desired iteration count
danielebarchiesi@0 265 * has changed through a change in the variable password_count_log2 or
danielebarchiesi@0 266 * DRUPAL_HASH_COUNT or if the user's password hash was generated in an update
danielebarchiesi@0 267 * like user_update_7000().
danielebarchiesi@0 268 *
danielebarchiesi@0 269 * Alternative implementations of this function might use other criteria based
danielebarchiesi@0 270 * on the fields in $account.
danielebarchiesi@0 271 *
danielebarchiesi@0 272 * @param $account
danielebarchiesi@0 273 * A user object with at least the fields from the {users} table.
danielebarchiesi@0 274 *
danielebarchiesi@0 275 * @return
danielebarchiesi@0 276 * TRUE or FALSE.
danielebarchiesi@0 277 */
danielebarchiesi@0 278 function user_needs_new_hash($account) {
danielebarchiesi@0 279 // Check whether this was an updated password.
danielebarchiesi@0 280 if ((substr($account->pass, 0, 3) != '$S$') || (strlen($account->pass) != DRUPAL_HASH_LENGTH)) {
danielebarchiesi@0 281 return TRUE;
danielebarchiesi@0 282 }
danielebarchiesi@0 283 // Ensure that $count_log2 is within set bounds.
danielebarchiesi@0 284 $count_log2 = _password_enforce_log2_boundaries(variable_get('password_count_log2', DRUPAL_HASH_COUNT));
danielebarchiesi@0 285 // Check whether the iteration count used differs from the standard number.
danielebarchiesi@0 286 return (_password_get_count_log2($account->pass) !== $count_log2);
danielebarchiesi@0 287 }