@ 2013-05-30T12:45:38Z <?php
/**
* A Compatibility library with PHP 5.5's simplified password hashing API.
*
* @author Anthony Ferrara <ircmaxell@php.net>
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @copyright 2012 The Authors
*/
if (!defined('PASSWORD_DEFAULT')) {
define('PASSWORD_BCRYPT', 1);
define('PASSWORD_DEFAULT', PASSWORD_BCRYPT);
/**
* Hash the password using the specified algorithm
*
* @param string $password The password to hash
* @param int $algo The algorithm to use (Defined by PASSWORD_* constants)
* @param array $options The options for the algorithm to use
*
* @return string|false The hashed password, or false on error.
*/
function password_hash($password, $algo, array $options = array()) {
if (!function_exists('crypt')) {
trigger_error("Crypt must be loaded for password_hash to function", E_USER_WARNING);
return null;
}
if (!is_string($password)) {
trigger_error("password_hash(): Password must be a string", E_USER_WARNING);
return null;
}
if (!is_int($algo)) {
trigger_error("password_hash() expects parameter 2 to be long, " . gettype($algo) . " given", E_USER_WARNING);
return null;
}
switch ($algo) {
case PASSWORD_BCRYPT:
// Note that this is a C constant, but not exposed to PHP, so we don't define it here.
$cost = 10;
if (isset($options['cost'])) {
$cost = $options['cost'];
if ($cost < 4 || $cost > 31) {
trigger_error(sprintf("password_hash(): Invalid bcrypt cost parameter specified: %d", $cost), E_USER_WARNING);
return null;
}
}
// The length of salt to generate
$raw_salt_len = 16;
// The length required in the final serialization
$required_salt_len = 22;
$hash_format = sprintf("$2y$%02d$", $cost);
break;
default:
trigger_error(sprintf("password_hash(): Unknown password hashing algorithm: %s", $algo), E_USER_WARNING);
return null;
}
if (isset($options['salt'])) {
switch (gettype($options['salt'])) {
case 'NULL':
case 'boolean':
case 'integer':
case 'double':
case 'string':
$salt = (string) $options['salt'];
break;
case 'object':
if (method_exists($options['salt'], '__tostring')) {
$salt = (string) $options['salt'];
break;
}
case 'array':
case 'resource':
default:
trigger_error('password_hash(): Non-string salt parameter supplied', E_USER_WARNING);
return null;
}
if (strlen($salt) < $required_salt_len) {
trigger_error(sprintf("password_hash(): Provided salt is too short: %d expecting %d", strlen($salt), $required_salt_len), E_USER_WARNING);
return null;
} elseif (0 == preg_match('#^[a-zA-Z0-9./]+$#D', $salt)) {
$salt = str_replace('+', '.', base64_encode($salt));
}
} else {
$buffer = '';
$buffer_valid = false;
if (function_exists('mcrypt_create_iv') && !defined('PHALANGER')) {
$buffer = mcrypt_create_iv($raw_salt_len, MCRYPT_DEV_URANDOM);
if ($buffer) {
$buffer_valid = true;
}
}
if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) {
$buffer = openssl_random_pseudo_bytes($raw_salt_len);
if ($buffer) {
$buffer_valid = true;
}
}
if (!$buffer_valid && is_readable('/dev/urandom')) {
$f = fopen('/dev/urandom', 'r');
$read = strlen($buffer);
while ($read < $raw_salt_len) {
$buffer .= fread($f, $raw_salt_len - $read);
$read = strlen($buffer);
}
fclose($f);
if ($read >= $raw_salt_len) {
$buffer_valid = true;
}
}
if (!$buffer_valid || strlen($buffer) < $raw_salt_len) {
$bl = strlen($buffer);
for ($i = 0; $i < $raw_salt_len; $i++) {
if ($i < $bl) {
$buffer[$i] = $buffer[$i] ^ chr(mt_rand(0, 255));
} else {
$buffer .= chr(mt_rand(0, 255));
}
}
}
$salt = str_replace('+', '.', base64_encode($buffer));
}
$salt = substr($salt, 0, $required_salt_len);
$hash = $hash_format . $salt;
$ret = crypt($password, $hash);
if (!is_string($ret) || strlen($ret) <= 13) {
return false;
}
return $ret;
}
/**
* Get information about the password hash. Returns an array of the information
* that was used to generate the password hash.
*
* array(
* 'algo' => 1,
* 'algoName' => 'bcrypt',
* 'options' => array(
* 'cost' => 10,
* ),
* )
*
* @param string $hash The password hash to extract info from
*
* @return array The array of information about the hash.
*/
function password_get_info($hash) {
$return = array(
'algo' => 0,
'algoName' => 'unknown',
'options' => array(),
);
if (substr($hash, 0, 4) == '$2y$' && strlen($hash) == 60) {
$return['algo'] = PASSWORD_BCRYPT;
$return['algoName'] = 'bcrypt';
list($cost) = sscanf($hash, "$2y$%d$");
$return['options']['cost'] = $cost;
}
return $return;
}
/**
* Determine if the password hash needs to be rehashed according to the options provided
*
* If the answer is true, after validating the password using password_verify, rehash it.
*
* @param string $hash The hash to test
* @param int $algo The algorithm used for new password hashes
* @param array $options The options array passed to password_hash
*
* @return boolean True if the password needs to be rehashed.
*/
function password_needs_rehash($hash, $algo, array $options = array()) {
$info = password_get_info($hash);
if ($info['algo'] != $algo) {
return true;
}
switch ($algo) {
case PASSWORD_BCRYPT:
$cost = isset($options['cost']) ? $options['cost'] : 10;
if ($cost != $info['options']['cost']) {
return true;
}
break;
}
return false;
}
/**
* Verify a password against a hash using a timing attack resistant approach
*
* @param string $password The password to verify
* @param string $hash The hash to verify against
*
* @return boolean If the password matches the hash
*/
function password_verify($password, $hash) {
if (!function_exists('crypt')) {
trigger_error("Crypt must be loaded for password_verify to function", E_USER_WARNING);
return false;
}
$ret = crypt($password, $hash);
if (!is_string($ret) || strlen($ret) != strlen($hash) || strlen($ret) <= 13) {
return false;
}
$status = 0;
for ($i = 0; $i < strlen($ret); $i++) {
$status |= (ord($ret[$i]) ^ ord($hash[$i]));
}
return $status === 0;
}
}
echo password_hash('Admin',PASSWORD_DEFAULT);
if(password_verify('Admin', password_hash('Admin',PASSWORD_DEFAULT))){
echo "true";
}
Enable javascript to submit You have javascript disabled. You will not be able to edit any code.
Here you find the average performance (time & memory) of each version. A grayed out version indicates it didn't complete successfully (based on exit-code).
Version System time (s) User time (s) Memory (MiB) 7.2.0 0.003 0.191 19.34 7.1.7 0.003 0.189 17.09 7.1.6 0.013 0.261 19.17 7.1.5 0.007 0.267 16.89 7.1.0 0.007 0.257 22.54 7.0.20 0.040 0.184 14.76 7.0.14 0.003 0.283 22.09 7.0.10 0.017 0.277 20.13 7.0.9 0.007 0.280 20.12 7.0.8 0.027 0.207 20.04 7.0.7 0.000 0.197 20.10 7.0.6 0.010 0.197 20.11 7.0.5 0.007 0.193 20.39 7.0.4 0.000 0.237 20.09 7.0.3 0.000 0.190 20.08 7.0.2 0.003 0.213 19.98 7.0.1 0.010 0.197 20.07 7.0.0 0.007 0.283 19.93 5.6.28 0.010 0.283 20.96 5.6.25 0.003 0.277 20.80 5.6.24 0.007 0.263 20.63 5.6.23 0.017 0.240 20.67 5.6.22 0.007 0.250 20.56 5.6.21 0.000 0.227 20.72 5.6.20 0.003 0.283 21.08 5.6.19 0.000 0.200 21.14 5.6.18 0.010 0.220 21.18 5.6.17 0.003 0.190 21.07 5.6.16 0.020 0.267 21.08 5.6.15 0.013 0.283 21.05 5.6.14 0.027 0.250 21.11 5.6.13 0.003 0.260 21.05 5.6.12 0.017 0.273 20.97 5.6.11 0.007 0.293 20.96 5.6.10 0.003 0.270 21.07 5.6.9 0.013 0.263 21.06 5.6.8 0.010 0.260 20.59 5.6.7 0.003 0.223 20.54 5.6.6 0.017 0.283 20.54 5.6.5 0.007 0.287 20.50 5.6.4 0.007 0.207 20.41 5.6.3 0.007 0.247 20.47 5.6.2 0.003 0.287 20.43 5.6.1 0.010 0.293 20.38 5.6.0 0.010 0.207 20.45 5.5.38 0.007 0.280 20.44 5.5.37 0.007 0.267 20.61 5.5.36 0.007 0.283 20.45 5.5.35 0.007 0.237 20.36 5.5.34 0.003 0.190 20.96 5.5.33 0.010 0.227 20.84 5.5.32 0.007 0.183 20.94 5.5.31 0.010 0.180 20.92 5.5.30 0.017 0.257 20.84 5.5.29 0.013 0.273 20.87 5.5.28 0.007 0.270 20.91 5.5.27 0.007 0.267 20.79 5.5.26 0.013 0.267 20.88 5.5.25 0.010 0.277 20.63 5.5.24 0.010 0.223 20.25 5.5.23 0.017 0.260 20.30 5.5.22 0.003 0.193 20.24 5.5.21 0.013 0.283 20.27 5.5.20 0.010 0.250 20.19 5.5.19 0.003 0.233 20.24 5.5.18 0.013 0.273 20.16 5.5.16 0.007 0.190 20.25 5.5.15 0.010 0.277 20.29 5.5.14 0.007 0.270 20.24 5.5.13 0.013 0.233 20.21 5.5.12 0.000 0.300 20.15 5.5.11 0.017 0.267 20.23 5.5.10 0.007 0.270 20.20 5.5.9 0.013 0.253 20.10 5.5.8 0.010 0.297 20.04 5.5.7 0.007 0.210 20.19 5.5.6 0.007 0.273 20.09 5.5.5 0.007 0.193 19.99 5.5.4 0.010 0.277 20.18 5.5.3 0.013 0.273 20.18 5.5.2 0.000 0.300 19.99 5.5.1 0.003 0.280 20.01 5.5.0 0.007 0.260 20.14 5.4.45 0.010 0.233 19.18 5.4.44 0.007 0.267 19.20 5.4.43 0.020 0.300 19.48 5.4.42 0.007 0.273 19.28 5.4.41 0.013 0.267 19.40 5.4.40 0.003 0.213 18.88 5.4.39 0.010 0.267 19.13 5.4.38 0.000 0.297 18.88 5.4.37 0.000 0.270 19.13 5.4.36 0.010 0.283 18.90 5.4.35 0.017 0.180 18.87 5.4.34 0.000 0.227 19.04 5.4.32 0.007 0.240 19.23 5.4.31 0.007 0.287 19.03 5.4.30 0.007 0.300 18.84 5.4.29 0.010 0.297 19.18 5.4.28 0.000 0.260 19.14 5.4.27 0.007 0.270 19.23 5.4.26 0.007 0.270 19.11 5.4.25 0.010 0.283 19.11 5.4.24 0.003 0.273 19.20 5.4.23 0.007 0.270 19.20 5.4.22 0.007 0.263 19.20 5.4.21 0.007 0.250 19.18 5.4.20 0.010 0.260 18.84 5.4.19 0.010 0.273 19.21 5.4.18 0.003 0.270 18.89 5.4.17 0.010 0.303 18.89 5.4.16 0.007 0.273 18.83 5.4.15 0.003 0.270 19.03 5.4.14 0.007 0.230 16.45 5.4.13 0.003 0.270 16.30 5.4.12 0.003 0.220 16.27 5.4.11 0.013 0.263 16.54 5.4.10 0.010 0.267 16.56 5.4.9 0.013 0.267 16.48 5.4.8 0.007 0.187 16.43 5.4.7 0.003 0.293 16.46 5.4.6 0.003 0.277 16.35 5.4.5 0.007 0.243 16.45 5.4.4 0.007 0.257 16.50 5.4.3 0.007 0.280 16.46 5.4.2 0.010 0.253 16.47 5.4.1 0.003 0.237 16.29 5.4.0 0.007 0.280 15.94 5.3.29 0.000 0.213 14.66 5.3.28 0.020 0.263 14.59 5.3.27 0.007 0.267 14.64 5.3.26 0.013 0.237 14.60 5.3.25 0.013 0.227 14.68 5.3.24 0.010 0.247 14.76 5.3.23 0.017 0.253 14.73 5.3.22 0.007 0.283 14.75 5.3.21 0.007 0.203 14.66 5.3.20 0.000 0.267 14.77 5.3.19 0.003 0.263 14.72 5.3.18 0.010 0.257 14.69 5.3.17 0.000 0.273 14.68 5.3.16 0.003 0.273 14.73 5.3.15 0.007 0.227 14.64 5.3.14 0.007 0.273 14.68 5.3.13 0.003 0.257 14.68 5.3.12 0.010 0.267 14.70 5.3.11 0.013 0.283 14.67 5.3.10 0.017 0.280 14.19 5.3.9 0.020 0.273 14.14 5.3.8 0.007 0.290 14.22 5.3.7 0.010 0.253 14.05 5.3.6 0.003 0.080 14.18 5.3.5 0.010 0.067 14.19 5.3.4 0.003 0.067 13.98 5.3.3 0.007 0.037 13.96 5.3.2 0.003 0.043 13.93 5.3.1 0.000 0.043 13.91 5.3.0 0.000 0.063 13.91
preferences:dark mode live preview
34.56 ms | 400 KiB | 5 Q