Hasher.php 6.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * @copyright Copyright (c) 2016, ownCloud, Inc.
  5. *
  6. * @author Lukas Reschke <lukas@statuscode.ch>
  7. * @author Morris Jobke <hey@morrisjobke.de>
  8. * @author Roeland Jago Douma <roeland@famdouma.nl>
  9. *
  10. * @license AGPL-3.0
  11. *
  12. * This code is free software: you can redistribute it and/or modify
  13. * it under the terms of the GNU Affero General Public License, version 3,
  14. * as published by the Free Software Foundation.
  15. *
  16. * This program is distributed in the hope that it will be useful,
  17. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  19. * GNU Affero General Public License for more details.
  20. *
  21. * You should have received a copy of the GNU Affero General Public License, version 3,
  22. * along with this program. If not, see <http://www.gnu.org/licenses/>
  23. *
  24. */
  25. namespace OC\Security;
  26. use OCP\IConfig;
  27. use OCP\Security\IHasher;
  28. /**
  29. * Class Hasher provides some basic hashing functions. Furthermore, it supports legacy hashes
  30. * used by previous versions of ownCloud and helps migrating those hashes to newer ones.
  31. *
  32. * The hashes generated by this class are prefixed (version|hash) with a version parameter to allow possible
  33. * updates in the future.
  34. * Possible versions:
  35. * - 1 (Initial version)
  36. *
  37. * Usage:
  38. * // Hashing a message
  39. * $hash = \OC::$server->getHasher()->hash('MessageToHash');
  40. * // Verifying a message - $newHash will contain the newly calculated hash
  41. * $newHash = null;
  42. * var_dump(\OC::$server->getHasher()->verify('a', '86f7e437faa5a7fce15d1ddcb9eaeaea377667b8', $newHash));
  43. * var_dump($newHash);
  44. *
  45. * @package OC\Security
  46. */
  47. class Hasher implements IHasher {
  48. /** @var IConfig */
  49. private $config;
  50. /** @var array Options passed to password_hash and password_needs_rehash */
  51. private $options = [];
  52. /** @var string Salt used for legacy passwords */
  53. private $legacySalt = null;
  54. /**
  55. * @param IConfig $config
  56. */
  57. public function __construct(IConfig $config) {
  58. $this->config = $config;
  59. $hashingCost = $this->config->getSystemValue('hashingCost', null);
  60. if(!\is_null($hashingCost)) {
  61. $this->options['cost'] = $hashingCost;
  62. }
  63. }
  64. /**
  65. * Hashes a message using PHP's `password_hash` functionality.
  66. * Please note that the size of the returned string is not guaranteed
  67. * and can be up to 255 characters.
  68. *
  69. * @param string $message Message to generate hash from
  70. * @return string Hash of the message with appended version parameter
  71. */
  72. public function hash(string $message): string {
  73. if (\defined('PASSWORD_ARGON2I')) {
  74. return 2 . '|' . password_hash($message, PASSWORD_ARGON2I, $this->options);
  75. } else {
  76. return 1 . '|' . password_hash($message, PASSWORD_BCRYPT, $this->options);
  77. }
  78. }
  79. /**
  80. * Get the version and hash from a prefixedHash
  81. * @param string $prefixedHash
  82. * @return null|array Null if the hash is not prefixed, otherwise array('version' => 1, 'hash' => 'foo')
  83. */
  84. protected function splitHash(string $prefixedHash) {
  85. $explodedString = explode('|', $prefixedHash, 2);
  86. if(\count($explodedString) === 2) {
  87. if((int)$explodedString[0] > 0) {
  88. return ['version' => (int)$explodedString[0], 'hash' => $explodedString[1]];
  89. }
  90. }
  91. return null;
  92. }
  93. /**
  94. * Verify legacy hashes
  95. * @param string $message Message to verify
  96. * @param string $hash Assumed hash of the message
  97. * @param null|string &$newHash Reference will contain the updated hash
  98. * @return bool Whether $hash is a valid hash of $message
  99. */
  100. protected function legacyHashVerify($message, $hash, &$newHash = null): bool {
  101. if(empty($this->legacySalt)) {
  102. $this->legacySalt = $this->config->getSystemValue('passwordsalt', '');
  103. }
  104. // Verify whether it matches a legacy PHPass or SHA1 string
  105. $hashLength = \strlen($hash);
  106. if(($hashLength === 60 && password_verify($message.$this->legacySalt, $hash)) ||
  107. ($hashLength === 40 && hash_equals($hash, sha1($message)))) {
  108. $newHash = $this->hash($message);
  109. return true;
  110. }
  111. return false;
  112. }
  113. /**
  114. * Verify V1 (blowfish) hashes
  115. * @param string $message Message to verify
  116. * @param string $hash Assumed hash of the message
  117. * @param null|string &$newHash Reference will contain the updated hash if necessary. Update the existing hash with this one.
  118. * @return bool Whether $hash is a valid hash of $message
  119. */
  120. protected function verifyHashV1(string $message, string $hash, &$newHash = null): bool {
  121. if(password_verify($message, $hash)) {
  122. $algo = PASSWORD_BCRYPT;
  123. if (\defined('PASSWORD_ARGON2I')) {
  124. $algo = PASSWORD_ARGON2I;
  125. }
  126. if(password_needs_rehash($hash, $algo, $this->options)) {
  127. $newHash = $this->hash($message);
  128. }
  129. return true;
  130. }
  131. return false;
  132. }
  133. /**
  134. * Verify V2 (argon2i) hashes
  135. * @param string $message Message to verify
  136. * @param string $hash Assumed hash of the message
  137. * @param null|string &$newHash Reference will contain the updated hash if necessary. Update the existing hash with this one.
  138. * @return bool Whether $hash is a valid hash of $message
  139. */
  140. protected function verifyHashV2(string $message, string $hash, &$newHash = null) : bool {
  141. if(password_verify($message, $hash)) {
  142. if(password_needs_rehash($hash, PASSWORD_ARGON2I, $this->options)) {
  143. $newHash = $this->hash($message);
  144. }
  145. return true;
  146. }
  147. return false;
  148. }
  149. /**
  150. * @param string $message Message to verify
  151. * @param string $hash Assumed hash of the message
  152. * @param null|string &$newHash Reference will contain the updated hash if necessary. Update the existing hash with this one.
  153. * @return bool Whether $hash is a valid hash of $message
  154. */
  155. public function verify(string $message, string $hash, &$newHash = null): bool {
  156. $splittedHash = $this->splitHash($hash);
  157. if(isset($splittedHash['version'])) {
  158. switch ($splittedHash['version']) {
  159. case 2:
  160. return $this->verifyHashV2($message, $splittedHash['hash'], $newHash);
  161. case 1:
  162. return $this->verifyHashV1($message, $splittedHash['hash'], $newHash);
  163. }
  164. } else {
  165. return $this->legacyHashVerify($message, $hash, $newHash);
  166. }
  167. return false;
  168. }
  169. }