diff options
Diffstat (limited to 'inc/crypto.inc.php')
| -rw-r--r-- | inc/crypto.inc.php | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/inc/crypto.inc.php b/inc/crypto.inc.php index 56f5073c..acefcf67 100644 --- a/inc/crypto.inc.php +++ b/inc/crypto.inc.php @@ -1,5 +1,7 @@ <?php +declare(strict_types=1); + class Crypto { @@ -8,19 +10,25 @@ class Crypto * which translates to ~130 bit salt * and 5000 rounds of hashing with SHA-512. */ - public static function hash6($password) + public static function hash6(string $password): string { - $salt = substr(str_replace('+', '.', base64_encode(pack('N4', mt_rand(), mt_rand(), mt_rand(), mt_rand()))), 0, 16); + $bytes = Util::randomBytes(16); + if ($bytes === null) + ErrorHandler::traceError('Could not get random bytes'); + $salt = substr(str_replace('+', '.', + base64_encode($bytes)), 0, 16); $hash = crypt($password, '$6$' . $salt); - if (strlen($hash) < 60) Util::traceError('Error hashing password using SHA-512'); + if ($hash === null || strlen($hash) < 60) { + ErrorHandler::traceError('Error hashing password using SHA-512'); + } return $hash; } /** - * Check if the given password matches the given cryp hash. + * Check if the given password matches the given crypt hash. * Useful for checking a hashed password. */ - public static function verify($password, $hash) + public static function verify(string $password, string $hash): bool { return crypt($password, $hash) === $hash; } |