首頁 探索 說明
登入
Flo
/
HTAdmin
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
目錄樹: 515316cf27
分支列表 標籤列表
HTAdmin
/
sites
/
html
/
htadmin
/
tools
/
hash_tool.php

hash_tool.php 1.9 KB
文件歷史 原始文件

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 
  1. <?php
    2. 

  2. 

  3. interface i_password_hash_tool {
    4. 

  4. 		public function check_password_hash($password, $hash);
    5. 

  5. 		public function crypt($password);
    6. 

  6. 	}
    7. 

  7. 	
    8. 

  8. 	class md5_hash_tool implements i_password_hash_tool {
    9. 

  9. 		
    10. 

  10. 		public function check_password_hash($password, $hash) {
    11. 

  11. 			$passParts = explode('$', $hash);
    12. 

  12.             $salt = $passParts[2];
    13. 

  13.             $hashed = $this->crypt_apr_md5($password, $salt);
    14. 

  14.             return $hashed == $hash;
    15. 

  15. 		}
    16. 

  16. 		
    17. 

  17. 		public function crypt($password) {
    18. 

  18. 				
    19. 

  19. 		}
    20. 

  20. 		
    21. 

  21. 		protected function crypt_apr_md5($password, $salt)
    22. 

  22. 		{
    23. 

  23. 			$len = strlen($password);
    24. 

  24. 			$text = $password.'$apr1$'.$salt;
    25. 

  25. 			$bin = pack("H32", md5($password.$salt.$password));
    26. 

  26. 			for($i = $len; $i > 0; $i -= 16) { $text .= substr($bin, 0, min(16, $i)); }
    27. 

  27. 			for($i = $len; $i > 0; $i >>= 1) { $text .= ($i & 1) ? chr(0) : $password{0}; }
    28. 

  28. 			$bin = pack("H32", md5($text));
    29. 

  29. 			for($i = 0; $i < 1000; $i++) {
    30. 

  30. 				$new = ($i & 1) ? $password : $bin;
    31. 

  31. 				if ($i % 3) $new .= $salt;
    32. 

  32. 				if ($i % 7) $new .= $password;
    33. 

  33. 				$new .= ($i & 1) ? $bin : $password;
    34. 

  34. 				$bin = pack("H32", md5($new));
    35. 

  35. 			}
    36. 

  36. 			$tmp = '';
    37. 

  37. 			for ($i = 0; $i < 5; $i++) {
    38. 

  38. 				$k = $i + 6;
    39. 

  39. 				$j = $i + 12;
    40. 

  40. 				if ($j == 16) $j = 5;
    41. 

  41. 				$tmp = $bin[$i].$bin[$k].$bin[$j].$tmp;
    42. 

  42. 			}
    43. 

  43. 			$tmp = chr(0).chr(0).$bin[11].$tmp;
    44. 

  44. 			$tmp = strtr(strrev(substr(base64_encode($tmp), 2)),
    45. 

  45. 			"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",
    46. 

  46. 			"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz");
    47. 

  47. 			return "$"."apr1"."$".$salt."$".$tmp;
    48. 

  48. 		}
    49. 

  49. 		
    50. 

  50. 

  51. 		
    52. 

  52. 	}
    53. 

  53. 	
    54. 

  54. 	class crypt_hash_tool implements i_password_hash_tool {	
    55. 

  55. 		public function check_password_hash($password, $hash) {
    56. 

  56. 			$salt = substr ( $hash, 0, 2 );
    57. 

  57. 			if (crypt ( $password, $salt ) == $hash) {
    58. 

  58. 				return true;
    59. 

  59. 			} else {
    60. 

  60. 				return false;
    61. 

  61. 			}
    62. 

  62. 		}
    63. 

  63. 		
    64. 

  64. 		public function crypt($password) {
    65. 

  65. 			return crypt ( $password, substr ( str_replace ( '+', '.', base64_encode ( pack ( 'N4', mt_rand (), mt_rand (), mt_rand (), mt_rand () ) ) ), 0, 22 ) );
    66. 

  66. 		}
    67. 

  67. 	}
    68. 

  68. 	
    69. 

  69. 	
    70. 

  70. ?>
    71.