API tools faq
paste
RiptideTempora

TLWSD v0.06 Password upgrade

RiptideTempora
Sep 7th, 2012
187
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.17 KB | None | 0 0
raw download clone embed print report
  1. <?
  2. /*
  3.  * This is what the old password hashing looked like for This Link Will Self Destruct:
  4.  */
  5. $passhash = substr(hash('sha512', $_POST['password']), 0, 64);
  6. /*
  7.  * It's pretty okay, and it served its purpose (being a comparison value that's independent of
  8.  * the encryption key and IV, but related in that all three come from the $_POST['password']
  9.  * variable. But it could be better. Now, it looks like this:
  10.  */
  11.  
  12.   $cost = floor(10 + ((date('Ym') - 201204)/30)); // Increase by 1 every 30 months
  13.                                            // to conform to Moore's Law
  14.   $random = convBase(raw2hex(openssl_random_pseudo_bytes(33)), '0123456789abcdef', './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz');
  15.   if($random{23}) $random = substr($random, 0, 22);
  16.   $salt = "\$2a\${$cost}\${$random}";
  17.   $passhash = substr(hash('sha512', $_POST['password']), 0, 64); // Step 1: Part of SHA512
  18.   for($i = 1; $i <= 1000; $i++) { // Step 2: HMAC-SHA256 with an increasing key
  19.     $passhash = hash_hmac('sha256', $_POST['password'].$passhash, $i);
  20.   }
  21.   $passhash = crypt($passhash, $salt); // Bcrypt the final result -- new feature!
  22. /*
  23.  * At first, a random 136-bit salt (converted to the CRYPT_BLOWFISH compatible base64) truncated
  24.  * to 22 characters is generated.
  25.  *
  26.  * The comparison value is initially hashed the same way as the old one (SHA-512-LEFT). However,
  27.  * it is now also fed through a loop of hash_hmac('sha256') calls. The original password is
  28.  * prepended to the preceding hash for the data part of the HMAC algorithm. An increasing counter
  29.  * from 1 to 1000 is used as the HMAC key.
  30.  *
  31.  * The final result is passed to bcrypt for storage. Decryption code looks slightly different,
  32.  * due to the if($stored == crypt($userSupplied, $stored) approach to crypt() that PHP uses,
  33.  * but its effect is essentially the same.
  34.  *
  35.  * The cost parameter is set to 10 for April 2012 and increases by 1 every 30 months. (Current
  36.  * estimates for Moore's Law set the doubling time of processing power to 2-3 years. I went with
  37.  * the middle-ground. Feel free to adjust for your implementation.)
  38.  */
  39. ?>
  40.  
  41. That about covers all the weirdness from v0.05 to v0.06 of TLWSD
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!