Method Crypto.Password.verify()
- Method
verify
intverify(string(8bit)password,string(7bit)hash)- Description
Verify a password against a hash.
This function attempts to support most common password hashing schemes.
- Parameter
password Binary password. This is typically is typically a textual string normalized according to
string_to_utf8(Unicode.normalize(raw_password, "NFC")), but some operating systems (eg MacOS X) may have other conventions.- Parameter
hash The
hashcan be on any of the following formats.LDAP-style (RFC 2307) hashes:
"{SHA}XXXXXXXXXXXXXXXXXXXXXXXXXXXX"The
XXXstring is taken to be a MIME.encode_base64 SHA1 hash of the password. Source: OpenLDAP FAQ http://www.openldap.org/faq/data/cache/347.html."{SSHA}XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"The
XXXstring is taken to be a MIME.encode_base64 string in which the first 20 chars are an SHA1 hash and the remaining chars the salt. The input for the hash is the password concatenated with the salt. Source: OpenLDAP FAQ http://www.openldap.org/faq/data/cache/347.html."{MD5}XXXXXXXXXXXXXXXXXXXXXXXX"The
XXXstring is taken to be a MIME.encode_base64 MD5 hash of the password. Source: OpenLDAP FAQ http://www.openldap.org/faq/data/cache/418.html."{SMD5}XXXXXXXXXXXXXXXXXXXXXXXXXXXX"The
XXXstring is taken to be a MIME.encode_base64 string in which the first 16 chars are an MD5 hash and the remaining chars the salt. The input for the hash is the password concatenated with the salt. Source: OpenLDAP FAQ http://www.openldap.org/faq/data/cache/418.html."{CRYPT}XXXXXXXXXXXXX"The
XXstring is taken to be a crypt(3C)-style hash. This is the same thing as passing theXXXstring without any preceding method name within{...}. I.e. it's interpreted according to the crypt-style hashes below.Crypt-style hashes:
"$6$SSSSSSSSSSSSSSSS$XXXXXXXXXXXXXXXXXXXXXX"The string is interpreted according to the "Unix crypt using SHA-256 and SHA-512" standard Version 0.4 2008-4-3, where
SSSSSSSSSSSSSSSSis up to 16 characters of salt, and the stringXXXthe result of SHA512.crypt_hash() with5000rounds. Source: Unix crypt using SHA-256 and SHA-512 http://www.akkadia.org/drepper/SHA-crypt.txt"$6$rounds=RR$SSSSSSSSSSSSSSSS$XXXXXXXXXXXXXXXXXXXXXX"This is the same algorithm as the one above, but with the number of rounds specified by
RRin decimal. Note that the number of rounds is clamped to be within1000and999999999(inclusive). Source: Unix crypt using SHA-256 and SHA-512 http://www.akkadia.org/drepper/SHA-crypt.txt"$5$SSSSSSSSSSSSSSSS$XXXXXXXXXXXXXXXXXXXXXX"The string is interpreted according to the "Unix crypt using SHA-256 and SHA-512" standard Version 0.4 2008-4-3, where
SSSSSSSSSSSSSSSSis up to 16 characters of salt, and the stringXXXthe result of SHA256.crypt_hash() with5000rounds. Source: Unix crypt using SHA-256 and SHA-512 http://www.akkadia.org/drepper/SHA-crypt.txt"$5$rounds=RR$SSSSSSSSSSSSSSSS$XXXXXXXXXXXXXXXXXXXXXX"This is the same algorithm as the one above, but with the number of rounds specified by
RRin decimal. Note that the number of rounds is clamped to be within1000and999999999(inclusive). Source: Unix crypt using SHA-256 and SHA-512 http://www.akkadia.org/drepper/SHA-crypt.txt"$3$$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"This is interpreted as the NT LANMANAGER (NTLM) password hash. It is a hex representation of MD4 of the password.
"$1$SSSSSSSS$XXXXXXXXXXXXXXXXXXXXXX"The string is interpreted according to the GNU libc2 extension of
crypt(3C)whereSSSSSSSSis up to 8 chars of salt and theXXXstring is an MD5-based hash created from the password and the salt. Source: GNU libc http://www.gnu.org/software/libtool/manual/libc/crypt.html."$sha1$RRRRR$SSSSSSSS$XXXXXXXXXXXXXXXXXXXX"The string is interpreted as a NetBSD-style SHA1.HMAC.crypt_hash() (aka crypt_sha1(3C)), where
RRRRRis the number of rounds (default 480000),SSSSSSSSis aMIME.crypt64()encoded salt. and theXXXstring is an SHA1.HMAC-based hash created from the password and the salt."$P$RSSSSSSSSXXXXXXXXXXXXXXXXXXXXXX"The string is interpreted as a PHPass' Portable Hash password hash, where
Ris an encoding of the 2-logarithm of the number of rounds,SSSSSSSSis a salt of 8 characters, andXXXis similarily the MIME.encode_crypt64 of running MD5.hash() repeatedly on the password and the salt."$H$RSSSSSSSS.XXXXXXXXXXXXXXXXXXXXXX"Same as
"$P$"above. Used by phpBB3."U$P$RSSSSSSSSXXXXXXXXXXXXXXXXXXXXXX"This is handled as a Drupal upgraded PHPass Portable Hash password. The password is run once through MD5.hash(), and then passed along to the
"$P$"-handler above."$Q$RSSSSSSSSXXXXXXXXXXXXXXXXXXXXXX"The string is interpreted as a PHPass' Portable Hash password hash, where the base hashing alorithm has been switched to SHA1. This method is apparently used by some versions of Escher CMS.
"$S$RSSSSSSSSXXXXXXXXXXXXXXXXXXXXXX"The string is interpreted as a PHPass' Portable Hash password hash, where the base hashing alorithm has been switched to SHA256. This method is apparently used by some versions of Drupal.
"$pbkdf2$RRRRR$SSSSS$XXXXXXXXXXXXX"The string is interpreted as SHA1.crypt_pbkdf2().
"$pbkdf2-sha256$RRRRR$SSSSS$XXXXXXXXXXXXX"The string is interpreted as SHA256.crypt_pbkdf2().
"$pbkdf2-sha512$RRRRR$SSSSS$XXXXXXXXXXXXX"The string is interpreted as SHA512.crypt_pbkdf2().
"pbkdf2_sha256$RRRRR$SSSSS$XXXXXXXXXXXXX"The string is interpreted as the Django variant of SHA256.crypt_pbkdf2(). This differs from the standard variant (
"$pbkdf2-sha256$") in that the hash is encoded with plain MIME.encode_base64() (ie including padding ('=') and plus ('+') characters)."XXXXXXXXXXXXX"The
XXXstring (which doesn't begin with"{") is taken to be a password hashed using the classic unixcrypt(3C)function. If the string contains only chars from the set[a-zA-Z0-9./]it uses DES and the first two characters as salt, but other alternatives may be possible depending on thecrypt(3C)implementation in the operating system.""The empty password hash matches all passwords.
- Returns
Returns
1on success, and0(zero) otherwise.- Note
This function was added in Pike 7.8.755.
- See also
hash(), crypt()