2017 © Pedro Peláez
 

library rspassword

RsPassword is a small PHP class for generating salted password hashes with rounds and for verifying salted password hashes with rounds.

image

reneschmidt/rspassword

RsPassword is a small PHP class for generating salted password hashes with rounds and for verifying salted password hashes with rounds.

  • Thursday, August 10, 2017
  • by rsdpkg
  • Repository
  • 1 Watchers
  • 0 Stars
  • 26 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 0 Open issues
  • 5 Versions
  • 0 % Grown

The README.md

RsPassword

RsPassword is a small PHP class for, (*1)

  1. generating salted password hashes with rounds and for
  2. verifying salted password hashes with rounds.
  3. It is supposed to adhere to the Public-Key Cryptography Standards (PKCS).

German Web Application Developer Available for Hire!

No marketing skills whatsoever, but low rates, nearly 20 years of experience, and german work attitude., (*2)

Get in touch now: https://sdo.sh/DevOps/#contact, (*3)

Build Status License, (*4)

Supported hashing algorithms

  1. bcrypt (with rounds)
  2. SHA256 (with rounds)
  3. SHA512 (with rounds)
  4. RIPEMD160 (with rounds)

Author

Me:, (*5)

  1. https://sdo.sh/
  2. I am available for hire

Licence

LGPL v3 or commercial licence :) from rene+_gth@sdo.sh., (*6)

Source/Download

Source can be found at GitHub, (*7)

Requirements

  1. PHP 5.3 ... PHP 7.1 (maybe also newer versions)
  2. php5-mcrypt for PHP 5.x (make sure it's installed AND enabled)

Please note that PHP 5.5+ provides password_hash() which basically does what RsPassword does. So you do not actually need RsPassword for secure passwords when using PHP 5.5+. I consider RsPassword easier do use though., (*8)

How to use

Example script

Run the example script and follow instructions:, (*9)

php ./hash.php [algorithm] [cost]

Create password hash

    // Create salted SHA256 hash of $password with 10250 rounds
    $rsPassword = new RsPassword("sha256");

    $saltedHash = $rsPassword->hashPassword("password", 10250); // choose 4-15 rounds when hashing using bcrypt

    // To do for you: save salted hash, number of rounds, and used hash algorithm ($saltedHash, 10250, "sha256")
    // to database for later verification, for example when the user logs in.

Verify password

    // To do for you: User logs in. Get the password from the form and get salted hash, number of rounds and hashing
    // algorithm from database ($passwordFromLoginForm, $saltedHashFromDb, $roundsFromDb, $hashingAlgoFromDb).

    // Verify password against saved salted hash
    $rsPassword = new RsPassword($hashingAlgoFromDb);

    $passwordMatches = $rsPassword->validatePassword($passwordFromLoginForm, $saltedHashFromDb, $roundsFromDb));

    if($passwordMatches) {
        // log in user now, grant access.
    } else {
        // passwords do not match, deny access.
    }

That's it., (*10)

The Versions

10/08 2017

dev-master

9999999-dev

RsPassword is a small PHP class for generating salted password hashes with rounds and for verifying salted password hashes with rounds.

  Sources   Download

LGPL-3.0

The Development Requires

10/08 2017

dev-develop

dev-develop

RsPassword is a small PHP class for generating salted password hashes with rounds and for verifying salted password hashes with rounds.

  Sources   Download

LGPL-3.0

The Development Requires

03/07 2015

v0.2.2

0.2.2.0

RsPassword is a small PHP class for generating salted password hashes with rounds and for verifying salted password hashes with rounds.

  Sources   Download

LGPL-3.0

The Development Requires

01/06 2015

v0.2.1

0.2.1.0

RsPassword is a small PHP class for generating salted password hashes with rounds and for verifying salted password hashes with rounds.

  Sources   Download

LGPL-3.0

The Development Requires

25/05 2015

v0.2.0

0.2.0.0

RsPassword is a small PHP class for generating salted password hashes with rounds and for verifying salted password hashes with rounds.

  Sources   Download

LGPL-3.0

The Development Requires