Forum PHP.pl > [PHP] logowanie

Pomoc - Szukaj - Użytkownicy - Kalendarz

damain1960

15.03.2016, 21:35:38

czy ktoś mógł by usunąć "hash" i zamienić go na "md5" z tego kodu

[PHP] pobierz, plaintext 
<?php
 
class Password
{
	// these constants may be changed without breaking existing hashes.
	const PBKDF2_HASH_ALGORITHM = 'sha256';
	const PBKDF2_ITERATIONS	 = 1000;
	const PBKDF2_SALT_BYTE_SIZE = 24;
	const PBKDF2_HASH_BYTE_SIZE = 24;
	const HASH_SECTIONS		 = 4;
	const HASH_ALGORITHM_INDEX  = 0;
	const HASH_ITERATION_INDEX  = 1;
	const HASH_SALT_INDEX	   = 2;
	const HASH_PBKDF2_INDEX	 = 3;
 
	static function createHash($password)
	{
		// format: algorithm:iterations:salt:hash
		$salt = base64_encode(mcrypt_create_iv(self::PBKDF2_SALT_BYTE_SIZE, MCRYPT_DEV_URANDOM));
		return self::PBKDF2_HASH_ALGORITHM . ":" . self::PBKDF2_ITERATIONS . ":" . $salt . ":" .
			base64_encode(self::pbkdf2(
					self::PBKDF2_HASH_ALGORITHM, $password, $salt, self::PBKDF2_ITERATIONS, self::PBKDF2_HASH_BYTE_SIZE, true
		));
	}
 
	static function validatePassword($password, $correct_hash)
	{
		$params = explode(":", $correct_hash);
		if (count($params) < self::HASH_SECTIONS)
			return false;
		$pbkdf2 = base64_decode($params[self::HASH_PBKDF2_INDEX]);
		return self::slowEquals(
				$pbkdf2, self::pbkdf2(
					$params[self::HASH_ALGORITHM_INDEX], $password, $params[self::HASH_SALT_INDEX], (int) $params[self::HASH_ITERATION_INDEX], strlen($pbkdf2), true
				)
		);
	}
 
	// compares two strings $a and $b in length-constant time.
	static function slowEquals($a, $b)
	{
		$diff = strlen($a) ^ strlen($b);
		for ($i = 0; $i < strlen($a) && $i < strlen($b); $i++)
		{
			$diff |= ord($a[$i]) ^ ord($b[$i]);
		}
		return $diff === 0;
	}
 
	static function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false)
	{
		$algorithm = strtolower($algorithm);
		if (!in_array($algorithm, hash_algos(), true))
			trigger_error('PBKDF2 ERROR: Invalid hash algorithm.', E_USER_ERROR);
		if ($count <= 0 || $key_length <= 0)
			trigger_error('PBKDF2 ERROR: Invalid parameters.', E_USER_ERROR);
 
		if (function_exists("hash_pbkdf2"))
		{
			// The output length is in NIBBLES (4-bits) if $raw_output is false!
			if (!$raw_output)
			{
				$key_length = $key_length * 2;
			}
			return hash_pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output);
		}
 
		$hash_length = strlen(hash($algorithm, "", true));
		$block_count = ceil($key_length / $hash_length);
 
		$output = "";
		for ($i = 1; $i <= $block_count; $i++)
		{
			// $i encoded as 4 bytes, big endian.
			$last   = $salt . pack("N", $i);
			// first iteration
			$last   = $xorsum = hash_hmac($algorithm, $last, $password, true);
			// perform the other $count - 1 iterations
			for ($j = 1; $j < $count; $j++)
			{
				$xorsum ^= ($last = hash_hmac($algorithm, $last, $password, true));
			}
			$output .= $xorsum;
		}
 
		if ($raw_output)
			return substr($output, 0, $key_length);
		else
			return bin2hex(substr($output, 0, $key_length));
	}
 
}
[PHP] pobierz, plaintext

pomoże ktoś?

proszę niech ktoś mi pomoże.

viking

16.03.2016, 06:24:13

Po co chcesz zmieniać jakiś tam algorytm szyfrujący na funkcję hashującą?

[PHP] pobierz, plaintext 
public static function validatePassword($pass1, $pass2) {
    return md5($pass1)===md5($pass2);
}
[PHP] pobierz, plaintext

com

19.03.2016, 00:00:30

Zapomnij o md5

To jest wersja lo-fi głównej zawartości. Aby zobaczyć pełną wersję z większą zawartością, obrazkami i formatowaniem proszę kliknij tutaj.