patternphpMinor
Hasher class for PHP<5.3
Viewed 0 times
phpclassforhasher
Problem
I've constructed a simple class whose entire purpose is to hash passwords securely and simply.
The catch is the PHP version is probably going to be 5.2.x. This means:
The question is, is the following secure? Can it be improved?
The catch is the PHP version is probably going to be 5.2.x. This means:
- No
CRYPT_BLOWFISH
- Obviously no
password_hash().
The question is, is the following secure? Can it be improved?
/**
* Class Hasher
*
* @package Dependencies\Hasher
*
* Defines hashing mechanism for password saving.
*/
class Hasher {
/**
* @param string $string String for hashing
* @param string $salt Unique salt. The salt is best kept as a very long, very random string.
* @param int $cost Cost parameter. 2^$cost iterations over the hashing algorithm.
*
* @return string
*/
public function algo($string, $salt, $cost) {
$iterations = pow(2, $cost);
$result = "";
for ($i = 0; $i algo($password, $salt, $cost);
}
/**
* Match password through the hashing algorithm against an existing hash to make sure there's a match.
*
* @param string $hash
* @param string $password
* @param string $salt
* @param int $cost
*
* @return bool
*/
public final function verify($hash, $password, $salt, $cost = 10) {
return $this->algo($password, $salt, $cost) == $hash;
}
}Solution
There are several improvements to this that involve various algorithms that are more cryptographically secure than sha1 (such as sha256 or higher, blowfish, whirlpool, etc.), using strict comparison (to avoid that gotcha with very long hashes loosely comparing when not equal), and including a CSPRNG salting function in the class, that takes over when a user does not supply a salt.
However,
If you really must roll your own, then consider implementing blowfish manually.
However,
CRYPT_BLOWFISH is still very usable in PHP < 5.3. In fact, It's usable in PHP 3.0.18 and over, with the use of PHPass, by the same security company who make John the Ripper (which you should be using to test your class. Try and get the UNIQPASS wordlist. It's really effective!). An alternative to JtR is hashcat. There are several defcon talks about correct usage of password crackers to test strength (by the feds), among other uses (by the non-feds).If you really must roll your own, then consider implementing blowfish manually.
Context
StackExchange Code Review Q#24643, answer score: 6
Revisions (0)
No revisions yet.