From 7ae6f87a6c547c0bed9f52e628c050551529259a Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Fri, 14 Oct 2011 16:05:57 +0200
Subject: [PATCH] Fixed test and broken salt generation in PassHash class

Turned out a test wasn't really testing what it should have been testing
and thus did hide a bug. Still puzzles me why it still worked some
times.
This patch also sets the default iteration count for bmd5 and pmd5 to 8.
---
 _test/cases/inc/auth_password.test.php |  3 +--
 inc/PassHash.class.php                 | 17 ++++++++++-------
 2 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/_test/cases/inc/auth_password.test.php b/_test/cases/inc/auth_password.test.php
index 8646e3226..928552a14 100644
--- a/_test/cases/inc/auth_password.test.php
+++ b/_test/cases/inc/auth_password.test.php
@@ -43,8 +43,7 @@ class auth_password_test extends UnitTestCase {
         foreach($this->passes as $method => $hash){
             $info = "testing method $method";
             $this->signal('failinfo',$info);
-
-            $hash = auth_cryptPassword('foo'.$method);
+            $hash = auth_cryptPassword('foo'.$method,$method);
             $this->assertTrue(auth_verifyPassword('foo'.$method,$hash));
         }
     }
diff --git a/inc/PassHash.class.php b/inc/PassHash.class.php
index 541de6752..31493c022 100644
--- a/inc/PassHash.class.php
+++ b/inc/PassHash.class.php
@@ -82,7 +82,7 @@ class PassHash {
     public function gen_salt($len=32){
         $salt  = '';
         $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
-        for($i=0;$i<$len,$i++;) $salt .= $chars[mt_rand(0,61)];
+        for($i=0;$i<$len;$i++) $salt .= $chars[mt_rand(0,61)];
         return $salt;
     }
 
@@ -292,17 +292,20 @@ class PassHash {
      * Password hashing method 'pmd5'
      *
      * Uses salted MD5 hashs. Salt is 1+8 bytes long, 1st byte is the
-     * iteration count.
+     * iteration count when given, for null salts $compute is used.
      *
      * @param string $clear - the clear text to hash
      * @param string $salt  - the salt to use, null for random
      * @param string $magic - the hash identifier (P or H)
+     * @param int  $compute - the iteration count for new passwords
      * @returns string - hashed password
      */
-    public function hash_pmd5($clear, $salt=null, $magic='P'){
-        $this->init_salt($salt);
-
+    public function hash_pmd5($clear, $salt=null, $magic='P',$compute=8){
         $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
+        if(is_null($salt)){
+            $this->init_salt($salt);
+            $salt = $itoa64[$compute].$salt; // prefix iteration count
+        }
         $iterc = $salt[0]; // pos 0 of salt is iteration count
         $iter = strpos($itoa64,$iterc);
         $iter = 1 << $iter;
@@ -340,8 +343,8 @@ class PassHash {
     /**
      * Alias for hash_pmd5
      */
-    public function hash_hmd5($clear, $salt=null, $magic='H'){
-        return $this->hash_pmd5($clear, $salt, $magic);
+    public function hash_hmd5($clear, $salt=null, $magic='H', $compute=8){
+        return $this->hash_pmd5($clear, $salt, $magic, $compute);
     }
 
     /**
-- 
GitLab