Ejemplo n.º 1
0
function convBase($numberInput, $fromBaseInput, $toBaseInput)
{
    if ($fromBaseInput == $toBaseInput) {
        return $numberInput;
    }
    $fromBase = str_split($fromBaseInput, 1);
    $toBase = str_split($toBaseInput, 1);
    $number = str_split($numberInput, 1);
    $fromLen = strlen($fromBaseInput);
    $toLen = strlen($toBaseInput);
    $numberLen = strlen($numberInput);
    $retval = '';
    $base10 = '';
    if ($toBaseInput == '0123456789') {
        $retval = 0;
        for ($i = 1; $i <= $numberLen; $i++) {
            $retval = bcadd($retval, bcmul(array_search($number[$i - 1], $fromBase), bcpow($fromLen, $numberLen - $i)));
        }
        return $retval;
    }
    if ($fromBaseInput != '0123456789') {
        $base10 = convBase($numberInput, $fromBaseInput, '0123456789');
    } else {
        $base10 = $numberInput;
    }
    if ($base10 < strlen($toBaseInput)) {
        return $toBase[$base10];
    }
    while ($base10 != '0') {
        $retval = $toBase[bcmod($base10, $toLen)] . $retval;
        $base10 = bcdiv($base10, $toLen, 0);
    }
    return $retval;
}
Ejemplo n.º 2
0
 public static function generatePassword($request, $seed)
 {
     $context = $request['context'];
     $username = $request['username'];
     $pass = convBase(md5($context . $username . $seed), '0123456789abcdef', "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNIOPQRSTUVWXYZ()-_!\$%&=@#");
     return $pass;
 }
Ejemplo n.º 3
0
if (empty($_POST['password'])) {
    // Plaintext
    $passhash = 'nopass';
    $url = $_POST['url'];
    if (!preg_match('/^(http|ftp|https|irc):\\/\\//', $url)) {
        $url = "http://{$url}";
    }
} else {
    // 2012-09-07:
    // Updated the passhash algorithm. Prior to today, this was the line of code
    // that produced a hash for simple TLWSD links. Upgrade uses SHA-2 and bcrypt
    // $passhash = substr(hash('sha512', $_POST['password']), 0, 64); // Hash
    $cost = floor(10 + (date('Ym') - 201204) / 30);
    // Increase by 1 every 30 months
    // to conform to Moore's Law
    $random = convBase(raw2hex(openssl_random_pseudo_bytes(33)), '0123456789abcdef', './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz');
    if ($random[23]) {
        $random = substr($random, 0, 22);
    }
    $salt = "\$2a\${$cost}\${$random}";
    $passhash = substr(hash('sha512', $_POST['password']), 0, 64);
    // Step 1: Part of SHA512
    for ($i = 1; $i <= 1000; $i++) {
        // Step 2: HMAC-SHA256 with an increasing key
        $passhash = hash_hmac('sha256', $_POST['password'] . $passhash, $i);
    }
    $passhash = crypt($passhash, $salt);
    // Bcrypt the final result -- new feature!
    $key = substr(hash('sha512', $_POST['password'], 1), 32);
    // Encryption key
    $IV = hash('sha256', $_POST['password'], 1);