Implemented SHA

2024-06-03 19:34:54 +12:00 · 2022-05-06 14:35:08 +00:00 · 2022-05-06 14:35:08 +00:00 · deb1c95c47
parent b0df349a23
commit deb1c95c47
6 changed files with 58 additions and 3 deletions
--- a/src/Appwrite/Auth/Auth.php
+++ b/src/Appwrite/Auth/Auth.php
@ -12,6 +12,7 @@ class Auth
        'argon2' => 'Argon2',
        'bcrypt' => 'BCrypt',
        'md5' => 'MD5',
+        'sha' => 'SHA',
        'phpass' => 'PHPass',
        'scrypt' => 'SCrypt',
        'scrypt_mod' => 'SCryptModified',
--- a/src/Appwrite/Auth/Hash/MD5.php
+++ b/src/Appwrite/Auth/Hash/MD5.php
@ -27,7 +27,7 @@ class MD5 extends Hash
     * @return boolean true if password matches hash
     */
    public function verify(string $password, string $hash): bool {
-        return \md5($password) === $hash;
+        return $this->hash($password) === $hash;
    }
    
    /**
--- a/src/Appwrite/Auth/Hash/SCrypt.php
+++ b/src/Appwrite/Auth/Hash/SCrypt.php
@ -34,7 +34,7 @@ class SCrypt extends Hash
     * @return boolean true if password matches hash
     */
    public function verify(string $password, string $hash): bool {
-        return $hash === $this->hash($password);
+        return $this->hash($password) === $hash;
    }

    /**
--- a/src/Appwrite/Auth/Hash/SCryptModified.php
+++ b/src/Appwrite/Auth/Hash/SCryptModified.php
@ -39,7 +39,7 @@ class SCryptModified extends Hash
     */
    public function verify(string $password, string $hash): bool {

-        return $hash === $this->hash($password);
+        return $this->hash($password) === $hash;
    }

    /**
--- a/src/Appwrite/Auth/Hash/SHA.php
+++ b/src/Appwrite/Auth/Hash/SHA.php
@ -0,0 +1,47 @@
+<?php
+
+namespace Appwrite\Auth\Hash;
+
+use Appwrite\Auth\Hash;
+
+/*
+ * SHA accepted options:
+ * string? type. Allowed:
+ *  - Version 1: sha1
+ *  - Version 2: sha224, sha256, sha384, sha512/224, sha512/256, sha512
+ *  - Version 3: sha3-224, sha3-256, sha3-384, sha3-512
+ * 
+ * Refference: https://www.php.net/manual/en/function.hash-algos.php
+*/
+class SHA extends Hash
+{
+    /**
+     * @param string $password Input password to hash
+     * 
+     * @return string hash
+     */
+    public function hash(string $password): string {
+        $algo = $this->getOptions()['type'];
+
+        return \hash($algo, $password);
+    }
+
+    /**
+     * @param string $password Input password to validate
+     * @param string $hash Hash to verify password against
+     * 
+     * @return boolean true if password matches hash
+     */
+    public function verify(string $password, string $hash): bool {
+        return $this->hash($password) === $hash;
+    }
+    
+    /**
+     * Get default options for specific hashing algo
+     * 
+     * @return mixed options named array
+     */
+    public function getDefaultOptions(): mixed {
+        return [ 'type' => 'sha3-512' ];
+    }
+}
--- a/tests/unit/Auth/AuthTest.php
+++ b/tests/unit/Auth/AuthTest.php
@ -101,6 +101,13 @@ class AuthTest extends TestCase
        $this->assertEquals(true, Auth::passwordVerify($plain, $generatedHash, 'phpass'));
        $this->assertEquals(true, Auth::passwordVerify($plain, $hash, 'phpass'));

+        // SHA
+        $plain = 'developersAreAwesome!';
+        $hash = '2455118438cb125354b89bb5888346e9bd23355462c40df393fab514bf2220b5a08e4e2d7b85d7327595a450d0ac965cc6661152a46a157c66d681bed20a4735';
+        $generatedHash = Auth::passwordHash($plain, 'sha');
+        $this->assertEquals(true, Auth::passwordVerify($plain, $generatedHash, 'sha'));
+        $this->assertEquals(true, Auth::passwordVerify($plain, $hash, 'sha'));
+
        // Argon2
        $plain = 'safe-argon-password';
        $hash = '$argon2id$v=19$m=2048,t=3,p=4$MWc5NWRmc2QxZzU2$41mp7rSgBZ49YxLbbxIac7aRaxfp5/e1G45ckwnK0g8';