Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/postfixadmin/pacrypt
standalone PHP library for creating various password hashes
https://github.com/postfixadmin/pacrypt
Last synced: about 1 month ago
JSON representation
standalone PHP library for creating various password hashes
- Host: GitHub
- URL: https://github.com/postfixadmin/pacrypt
- Owner: postfixadmin
- License: gpl-2.0
- Created: 2021-07-02T13:48:11.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2022-01-21T20:46:42.000Z (almost 3 years ago)
- Last Synced: 2024-10-24T17:59:19.072Z (about 2 months ago)
- Language: PHP
- Size: 26.4 KB
- Stars: 2
- Watchers: 5
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# PostfixAdmin\PasswordHashing
Standalone PHP library for creating various password hashes
Note, this library is still quite new (2021/07/02). It's quite likely to have major refactoring / renaming as it's reviewed.
## Supported Mechanisms (hash formats)
See: https://github.com/postfixadmin/pacrypt/blob/46ddd21a28433faa8ea279e4161f7853a69b40cb/src/Crypt.php#L12
Some mechanisms support either HEX (.HEX) encoded or BASE64 (.B64) encoded output.
Currently:
* SHA1, SHA1.HEX, SHA1.B64
* SSHA
* SSHA512
* BLF-CRYPT, BLF-CRYPT.B64
* SHA512-CRYPT, SHA512-CRYPT.B64
* ARGON2I, ARGON2I.B64
* ARGON2ID, ARGON2ID.B64
* SHA256, SHA256-CRYPT, SHA256-CRYPT.B64
* SHA512, SHA512.B64
* MD5-CRYPT, MD5
* PLAIN-MD5
* CRYPT ({CRYPT} prefix, defaults to use Blowfish)
* SYSTEM (DES CRYPT, best avoid)
* PLAIN, CLEAR, CLEARTEXT (useful for testing)
* COURIER:MD5
* COURIER:MD5RAW
* COURIER:SSHA (same as SSHA)
* COURIER:SHA256 (same as SHA256)## Example usage
The main functionality reflects legacy behaviour in PostfixAdmin with a 'pacrypt' function, which when given ...
* one argument - clear text password - returns a hash.
* two arguments - clear text password and stored hash - if the return value matches the stored hash, then the clear text password was a match for the hash we have.```PHP
$tool = new \PostfixAdmin\PasswordHashing\Crypt('ARGON2I');// should output something to indicate what your system supports (may be dependent on PHP variant, PHP modules etc)
$hash = $tool->crypt('fishbeans');
echo "Hash is: $hash \n";
echo "Verify: " . json_encode($hash == $tool->crypt('fishbeans', $hash)) . "\n";
echo "Verify fails with: " . json_encode('cat' == $tool->crypt('fishbeans', $hash)) . "\n";```
the above code will output something similar to:
```text
Hash is: {ARGON2I}$argon2i$v=19$m=65536,t=4,p=1$d1JMUXVHSUtLTGhxYnowVQ$4raz6DDUbtRysi+1ZTdNL3L5j4tcSYnzWxyLVDtFjKc
Verify: true
Verify fails with: false
```## ChangeLog
2021/07/03 - Initial release / copying of code from https://github.com/postfixadmin/postfixadmin ...