Changeset View
Changeset View
Standalone View
Standalone View
src/infrastructure/util/PhabricatorHash.php
| <?php | <?php | ||||
| final class PhabricatorHash extends Phobject { | final class PhabricatorHash extends Phobject { | ||||
| const INDEX_DIGEST_LENGTH = 12; | const INDEX_DIGEST_LENGTH = 12; | ||||
| /** | /** | ||||
| * Digest a string for general use, including use which relates to security. | * Digest a string using HMAC+SHA1. | ||||
| * | |||||
| * Because a SHA1 collision is now known, this method should be considered | |||||
| * weak. Callers should prefer @{method:digestWithNamedKey}. | |||||
| * | * | ||||
| * @param string Input string. | * @param string Input string. | ||||
| * @return string 32-byte hexidecimal SHA1+HMAC hash. | * @return string 32-byte hexidecimal SHA1+HMAC hash. | ||||
| */ | */ | ||||
| public static function digest($string, $key = null) { | public static function weakDigest($string, $key = null) { | ||||
| if ($key === null) { | if ($key === null) { | ||||
| $key = PhabricatorEnv::getEnvConfig('security.hmac-key'); | $key = PhabricatorEnv::getEnvConfig('security.hmac-key'); | ||||
| } | } | ||||
| if (!$key) { | if (!$key) { | ||||
| throw new Exception( | throw new Exception( | ||||
| pht( | pht( | ||||
| "Set a '%s' in your Phabricator configuration!", | "Set a '%s' in your Phabricator configuration!", | ||||
| Show All 10 Lines | final class PhabricatorHash extends Phobject { | ||||
| */ | */ | ||||
| public static function digestPassword(PhutilOpaqueEnvelope $envelope, $salt) { | public static function digestPassword(PhutilOpaqueEnvelope $envelope, $salt) { | ||||
| $result = $envelope->openEnvelope(); | $result = $envelope->openEnvelope(); | ||||
| if (!$result) { | if (!$result) { | ||||
| throw new Exception(pht('Trying to digest empty password!')); | throw new Exception(pht('Trying to digest empty password!')); | ||||
| } | } | ||||
| for ($ii = 0; $ii < 1000; $ii++) { | for ($ii = 0; $ii < 1000; $ii++) { | ||||
| $result = self::digest($result, $salt); | $result = self::weakDigest($result, $salt); | ||||
| } | } | ||||
| return $result; | return $result; | ||||
| } | } | ||||
| /** | /** | ||||
| * Digest a string for use in, e.g., a MySQL index. This produces a short | * Digest a string for use in, e.g., a MySQL index. This produces a short | ||||
| ▲ Show 20 Lines • Show All 179 Lines • Show Last 20 Lines | |||||