main_2lib_2security_2password_8php_source.html

<?php


namespace Bitrix\Main\Security;


class Password

{


    public static function equals($hash, $password, $original = true): bool

    {

        if($original)

        {

            $salt = "";

            $hashLength = strlen($hash);


            if($hashLength > 100)

            {

                //new SHA-512 method, format is $6${salt}${hash}

                $salt = substr($hash, 3, 16);


                $password = static::hash($password, $salt);

            }

            else

            {

                if($hashLength > 32)

                {

                    //old salt+md5 method, format is {salt}{hash}

                    $salt = substr($hash, 0, $hashLength - 32);

                }

                //else very old format {hash} without a salt


                $password = $salt.md5($salt.$password);

            }

        }


        return hash_equals($hash, $password);

    }


    public static function needRehash($hash): bool

    {

        if(CRYPT_SHA512 == 1)

        {

            if(strlen($hash) > 100)

            {

                //new SHA-512 hash usually 106 bytes long

                return false;

            }

        }

        else

        {

            if(strlen($hash) > 32)

            {

                //old md5+salt method

                return false;

            }

        }

        return true;

    }


    public static function hash($password, $salt = null): string

    {

        if(CRYPT_SHA512 == 1)

        {

            //new SHA-512 method

            if($salt === null)

            {

                $salt = Random::getString(16, true);

            }

            //by default rounds=5000

            return crypt($password, '$6$'.$salt.'$');

        }

        else

        {

            //old md5 method

            if($salt === null)

            {

                $salt = Random::getStringByAlphabet(8, Random::ALPHABET_ALL);

            }

            return $salt.md5($salt.$password);

        }

    }


}


$hash
$hash
Определения ajax_redirector.php:8

Bitrix\Main\Security\Password
Определения password.php:12

Bitrix\Main\Security\Password\needRehash
static needRehash($hash)
Определения password.php:55

Bitrix\Main\Security\Password\equals
static equals($hash, $password, $original=true)
Определения password.php:20

Bitrix\Main\Security\Password\hash
static hash($password, $salt=null)
Определения password.php:82

Bitrix\Main\Security\Random\getString
static getString($length, $caseSensitive=false)
Определения random.php:76

Bitrix\Main\Security\Random\ALPHABET_ALL
const ALPHABET_ALL
Определения random.php:13

Bitrix\Main\Security\Random\getStringByAlphabet
static getStringByAlphabet($length, $alphabet, $requireAll=false)
Определения random.php:94

Bitrix\Main\$password
$password
Определения mysql_to_pgsql.php:34