HiveBrain v1.2.0
Get Started
← Back to all entries
patternphpMinor

Hasher class for PHP<5.3

Submitted by: @import:stackexchange-codereview··
0
Viewed 0 times
phpclassforhasher

Problem

I've constructed a simple class whose entire purpose is to hash passwords securely and simply.

The catch is the PHP version is probably going to be 5.2.x. This means:

  • No CRYPT_BLOWFISH



  • Obviously no password_hash().



The question is, is the following secure? Can it be improved?

/**
 * Class Hasher
 *
 * @package Dependencies\Hasher
 *
 * Defines hashing mechanism for password saving.
 */
class Hasher {

    /**
     * @param string $string String for hashing
     * @param string $salt   Unique salt. The salt is best kept as a very long, very random string.
     * @param int    $cost   Cost parameter. 2^$cost iterations over the hashing algorithm.
     *
     * @return string
     */
    public function algo($string, $salt, $cost) {
        $iterations = pow(2, $cost);
        $result     = "";

        for ($i = 0; $i algo($password, $salt, $cost);
    }

    /**
     * Match password through the hashing algorithm against an existing hash to make sure there's a match.
     *
     * @param string $hash
     * @param string $password
     * @param string $salt
     * @param int    $cost
     *
     * @return bool
     */
    public final function verify($hash, $password, $salt, $cost = 10) {
        return $this->algo($password, $salt, $cost) == $hash;
    }

}

Solution

There are several improvements to this that involve various algorithms that are more cryptographically secure than sha1 (such as sha256 or higher, blowfish, whirlpool, etc.), using strict comparison (to avoid that gotcha with very long hashes loosely comparing when not equal), and including a CSPRNG salting function in the class, that takes over when a user does not supply a salt.

However, CRYPT_BLOWFISH is still very usable in PHP < 5.3. In fact, It's usable in PHP 3.0.18 and over, with the use of PHPass, by the same security company who make John the Ripper (which you should be using to test your class. Try and get the UNIQPASS wordlist. It's really effective!). An alternative to JtR is hashcat. There are several defcon talks about correct usage of password crackers to test strength (by the feds), among other uses (by the non-feds).

If you really must roll your own, then consider implementing blowfish manually.

Context

StackExchange Code Review Q#24643, answer score: 6

Revisions (0)

No revisions yet.