32 行
796 B
PHP
32 行
796 B
PHP
<?php
|
|
require_once("../config.php");
|
|
|
|
function tokengen (int $bytes=24): string {
|
|
return bin2hex(random_bytes($bytes));
|
|
}
|
|
|
|
function setpasswd (string $password): string {
|
|
$millisec = 0.05;
|
|
$cost = 8;
|
|
|
|
do {
|
|
$cost++;
|
|
$start = microtime(true);
|
|
password_hash("kero", PASSWORD_ARGON2ID, ["cost" => $cost]);
|
|
$end = microtime(true);
|
|
} while (($end - $start) < $millisec);
|
|
|
|
$addpepper = hash_hmac("sha256", $password, PASSWD_PEPPER);
|
|
$addmd5 = md5($addpepper);
|
|
|
|
return password_hash($addmd5, PASSWORD_ARGON2ID, ["cost" => $cost]);
|
|
}
|
|
|
|
function verifypasswd (string $raw, string $crypt): bool {
|
|
$addpepper = hash_hmac("sha256", $raw, PASSWD_PEPPER);
|
|
$addmd5 = md5($addpepper);
|
|
|
|
return password_verify($addmd5, $crypt);
|
|
}
|
|
?>
|