From 85a327f45f53c0e72c4b9a4af921a2ad3903aa0a Mon Sep 17 00:00:00 2001 From: Clemens Schwaighofer Date: Wed, 9 May 2018 11:47:16 +0900 Subject: [PATCH] Backport new password interface to legacy classes --- www/libs/Class.Basic.inc | 72 ++++++++++++++++++++++++++++++-- www/libs/Class.Form.Generate.inc | 31 +++++++------- www/libs/Class.Login.inc | 14 ++++++- 3 files changed, 97 insertions(+), 20 deletions(-) diff --git a/www/libs/Class.Basic.inc b/www/libs/Class.Basic.inc index 61ff157b..bf0f972f 100644 --- a/www/libs/Class.Basic.inc +++ b/www/libs/Class.Basic.inc @@ -145,12 +145,13 @@ class basic // error char for the char conver public $mbErrorChar; - // crypt saslt prefix + // [!!! DEPRECATED !!!] crypt saslt prefix public $cryptSaltPrefix = ''; public $cryptSaltSuffix = ''; public $cryptIterationCost = 7; // this is for staying backwards compatible with the old ones public $cryptSaltSize = 22; // default 22 chars for blowfish, 2 for STD DES, 8 for MD5, - + // new better password management + protected $password_options = array (); // session name private $session_name = ''; private $session_id = ''; @@ -337,8 +338,10 @@ class basic $this->session_id = session_id(); } - // init crypt settings + // [!!! DEPRECATED !!!] init crypt settings $this->cryptInit(); + // new better password init + $this->passwordInit(); // start logging running time $this->running_time(); @@ -1572,6 +1575,11 @@ class basic return false; } + // [!!! DEPRECATED !!!] + // ALL crypt* methids are DEPRECATED and SHALL NOT BE USED + // use the new password* instead + + // [!!! DEPRECATED !!!] -> passwordInit // METHOD: cryptInit // PARAMS: none // RETURN: none @@ -1618,6 +1626,7 @@ class basic } } + // [!!! DEPRECATED !!!] -> not needed // METHOD: cryptSaltString // PARAMS: random string length, default is 22 (for blowfish crypt) // RETURN: random string @@ -1645,6 +1654,7 @@ class basic return $salt_string; } + // [!!! DEPRECATED !!!] -> passwordSet // METHOD: cryptString // PARAMS: string to be crypted (one way) // RETURN: encrypted string @@ -1656,6 +1666,7 @@ class basic return crypt($string, $this->cryptSaltPrefix.$this->cryptSaltString($this->cryptSaltSize).$this->cryptSaltSuffix); } + // [!!! DEPRECATED !!!] -> passwordVerify // METHOD: verifyCryptString // PARAMS: plain string (eg password) // full crypted string (from cryptString @@ -1671,6 +1682,61 @@ class basic } } + // *** BETTER PASSWORD OPTIONS, must be used *** + // METHOD: passwordInit + // PARAMS: none + // RETURN: none + // DESC : inits the password options set + // currently this is et empty, and the default options are used + private function passwordInit() + { + // set default password cost: use default set automatically + $this->password_options = array ( + // 'cost' => PASSWORD_BCRYPT_DEFAULT_COST + ); + } + + // METHOD: passwordSet + // PARAMS: password + // RETURN: hashed password + // DESC : creates the password hash + public function passwordSet($password) + { + // always use the PHP default for the password + // password options ca be set in the password init, but should be kept as default + return password_hash($password, PASSWORD_DEFAULT, $this->password_options); + } + + // METHOD: passwordVerify + // PARAMS: password and hash + // RETURN: true or false + // DESC : checks if the entered password matches the hash + public function passwordVerify($password, $hash) + { + if (password_verify($password, $hash)) { + return true; + } else { + return false; + } + // in case something strange, return false on default + return false; + } + + // METHOD: passwordRehashCheck + // PARAMS: hash + // RETURN: true or false + // DESC : checks if the password needs to be rehashed + public function passwordRehashCheck($hash) + { + if (password_needs_rehash($hash, PASSWORD_DEFAULT, $this->password_options)) { + return true; + } else { + return false; + } + // in case of strange, force re-hash + return true; + } + // *** COLORS *** // METHOD: hex2rgb diff --git a/www/libs/Class.Form.Generate.inc b/www/libs/Class.Form.Generate.inc index 00eed11c..b4f21ecf 100644 --- a/www/libs/Class.Form.Generate.inc +++ b/www/libs/Class.Form.Generate.inc @@ -917,16 +917,16 @@ class form extends db_array_io } // switch } // for each error to check } elseif ($value["mandatory"] && - ( - // for all "normal" fields - ($this->table_array[$key]["type"] != "password" && $this->table_array[$key]["type"] != "drop_down_db_input" && !$this->table_array[$key]["value"]) || - // for drop_down_db_input check if one of both fields filled - ($this->table_array[$key]["type"] == "drop_down_db_input" && !$this->table_array[$key]["input_value"] && !$this->table_array[$key]["value"]) || - // for password - ($this->table_array[$key]["type"] == "password" && !$this->table_array[$key]["value"] && !$this->table_array[$key]["HIDDEN_value"]) - ) - // main if end - ) { + ( + // for all "normal" fields + ($this->table_array[$key]["type"] != "password" && $this->table_array[$key]["type"] != "drop_down_db_input" && !$this->table_array[$key]["value"]) || + // for drop_down_db_input check if one of both fields filled + ($this->table_array[$key]["type"] == "drop_down_db_input" && !$this->table_array[$key]["input_value"] && !$this->table_array[$key]["value"]) || + // for password + ($this->table_array[$key]["type"] == "password" && !$this->table_array[$key]["value"] && !$this->table_array[$key]["HIDDEN_value"]) + ) + // main if end + ) { // if mandatory && no input //$this->debug('form', "A: ".$this->table_array[$key]["type"]." -- ".$this->table_array[$key]["input_value"]." -- ".$this->table_array[$key]["value"]); if (!$this->table_array[$key]["value"] && $this->table_array[$key]["type"] != "binary") { @@ -1171,7 +1171,6 @@ class form extends db_array_io // DESC save a table, reference and all input fields public function form_save_table_array($addslashes = 0) { -// global $_FILES; // for drop_down_db_input check if text field is filled and if, if not yet in db ... // and upload files if (!is_array($this->table_array)) { @@ -1234,8 +1233,8 @@ class form extends db_array_io // if smth in $$key_file -> save or overwrite // if smth in $key && $$key_delete && !$$key_file-> delte // if smth in $key, keep as is -// $_file=$key."_file"; -// $_delete=$key."_delete"; + // $_file=$key."_file"; + // $_delete=$key."_delete"; //$this->debug('form', "UF: ".$GLOBALS["_FILES"][$key."_file"]['name']); //$this->debug('form', "delete: ".$key."_delete => ".$GLOBALS[$key.'_delete']); if ($GLOBALS["_FILES"][$key."_file"]['name']) { @@ -1266,11 +1265,11 @@ class form extends db_array_io // for password crypt it as blowfish, or if not available MD5 if ($this->table_array[$key]['type'] == 'password') { if ($this->table_array[$key]["value"]) { - // password is stored in blowfish format, or in the format supported by this PHP version - $this->table_array[$key]["value"] = $this->cryptString($this->table_array[$key]["value"]); + // use the better new passwordSet instead of crypt based + $this->table_array[$key]['value'] = $this->passwordSet($this->table_array[$key]['value']); $this->table_array[$key]["HIDDEN_value"] = $this->table_array[$key]["value"]; } else { -// $this->table_array[$key]["HIDDEN_value"] = + // $this->table_array[$key]["HIDDEN_value"] = } } } // go through each field diff --git a/www/libs/Class.Login.inc b/www/libs/Class.Login.inc index d19c20dd..ae2fc7bc 100644 --- a/www/libs/Class.Login.inc +++ b/www/libs/Class.Login.inc @@ -283,13 +283,25 @@ class login extends db_io } elseif ((preg_match("/^\\$2(a|y)\\$/", $res['password']) && CRYPT_BLOWFISH != 1) || (preg_match("/^\\$1\\$/", $res['password']) && CRYPT_MD5 != 1) || (preg_match("/^\\$[0-9A-Za-z.]{12}$/", $res['password']) && CRYPT_STD_DES != 1)) { // this means password cannot be decrypted because of missing crypt methods $this->login_error = 9999; - } elseif ((preg_match("/^\\$2(a|y)\\$/", $res['password']) || preg_match("/^\\$1\\$/", $res['password']) || preg_match("/^\\$[0-9A-Za-z.]{12}$/", $res['password'])) && !$this->verifyCryptString($this->password, $res['password'])) { + } elseif ((preg_match("/^\\$2(a|y)\\$/", $res['password']) || preg_match("/^\\$1\\$/", $res['password']) || preg_match("/^\\$[0-9A-Za-z.]{12}$/", $res['password'])) && preg_match("/\\$07\\$/", $res['password']) && !$this->verifyCryptString($this->password, $res['password'])) { // check passwword as crypted, $2a$ or $2y$ is blowfish start, $1$ is MD5 start, $\w{12} is standard DES + // this is only for OLD $07$ password $this->login_error = 1011; + } elseif (preg_match("/^\\$2y\\$/", $res['password']) && !preg_match("/\\$07\\$/", $res['password']) && !$this->passwordVerify($this->password, $res['password'])) { + // this is the new password hash methid, is only $2y$ + $this->login_error = 1013; } elseif (!preg_match("/^\\$2(a|y)\\$/", $res['password']) && !preg_match("/^\\$1\\$/", $res['password']) && !preg_match("/^\\$[0-9A-Za-z.]{12}$/", $res['password']) && $res['password'] != $this->password) { // check old plain password, non case sensitive $this->login_error = 1012; } else { + // check if the current password is an invalid hash and do a rehash and set password + // $this->debug('LOGIN', 'Hash: '.$res['password'].' -> VERIFY: '.($this->passwordVerify($this->password, $res['password']) ? 'OK' : 'FAIL').' => HASH: '.($this->passwordRehashCheck($res['password']) ? 'NEW NEEDED' : 'OK')); + if ($this->passwordRehashCheck($res['password'])) { + $new_hash = $this->passwordSet($this->password); + // update password hash to new one now + $q = "UPDATE edit_user SET password = '".$this->dbEscapeString($new_hash)."' WHERE edit_user_id = ".$res['edit_user_id']; + $this->dbExec($q); + } // normal user processing // set class var and session var $_SESSION["EUID"] = $this->euid = $res["edit_user_id"];