diff --git a/config.sample.php b/config.sample.php
index c97c004..807b803 100644
--- a/config.sample.php
+++ b/config.sample.php
@@ -13,4 +13,7 @@
// CURL
define('API_URI', '');
define('API_AUTH', null);
+
+ // ハッシュ
+ define('PASSWD_PEPPER', ''); // オススメ:pwgen -ycnB1 40
?>
diff --git a/helper/hash.php b/helper/hash.php
index acb6c35..1a80d93 100644
--- a/helper/hash.php
+++ b/helper/hash.php
@@ -1,2 +1,31 @@
$cost]);
+ $end = microtime(true);
+ } while (($end - $start) < $millisec);
+
+ $addpepper = hash_hmac('sha256', $password, PASSWD_PEPPER);
+ $addmd5 = md5($addpepper);
+
+ return password_hash($addmd5, PASSWORD_ARGON2ID, ['cost' => $cost]);
+ }
+
+ function verifypasswd (string $raw, string $crypt): bool {
+ $addpepper = hash_hmac('sha256', $raw, PASSWD_PEPPER);
+ $addmd5 = md5($addpepper);
+
+ return password_verify($addmd5, $crypt);
+ }
?>
diff --git a/src/hash/index.php b/src/hash/index.php
new file mode 100644
index 0000000..d78daa2
--- /dev/null
+++ b/src/hash/index.php
@@ -0,0 +1,9 @@
+
diff --git a/ui/hash/index.php b/ui/hash/index.php
new file mode 100644
index 0000000..1ce488d
--- /dev/null
+++ b/ui/hash/index.php
@@ -0,0 +1,13 @@
+「mysecurepassword」をお入り下さい。
+Please enter "mysecurepassword".
+