function encrypt_password in Lightweight Directory Access Protocol (LDAP) 6
Encrypt Password Method
Parameters
string clear_txt: Plaintext password.
Return value
string Encrypted text, formatted for use as an LDAP password.
File
- includes/
ldap.encryption.inc, line 45 - Provides functions for encryption/decryption.
Code
function encrypt_password($clear_txt) {
global $_ldapdata_ldap;
switch ($_ldapdata_ldap
->getOption('enc_type')) {
case 1:
// MD5
$cipher_txt = '{MD5}' . base64_encode(pack('H*', md5($clear_txt)));
break;
case 2:
// Crypt
$cipher_txt = '{CRYPT}' . crypt($clear_txt, substr($clear_txt, 0, 2));
break;
case 3:
// Salted Crypt
$cipher_txt = '{CRYPT}' . crypt($clear_txt, random_salt(2));
break;
case 4:
// Extended DES
$cipher_txt = '{CRYPT}' . crypt($clear_txt, '_' . random_salt(8));
break;
case 5:
// MD5Crypt
$cipher_txt = '{CRYPT}' . crypt($clear_txt, '$1$' . random_salt(9));
break;
case 6:
// Blowfish
$cipher_txt = '{CRYPT}' . crypt($clear_txt, '$2a$12$' . random_salt(13));
break;
case 7:
// Salted MD5
mt_srand((double) microtime() * 1000000);
$salt = mhash_keygen_s2k(MHASH_MD5, $clear_txt, substr(pack("h*", md5(mt_rand())), 0, 8), 4);
$cipher_txt = "{SMD5}" . base64_encode(mhash(MHASH_MD5, $clear_txt . $salt) . $salt);
break;
case 8:
// SHA
if (function_exists('sha1')) {
$cipher_txt = '{SHA}' . base64_encode(pack('H*', sha1($clear_txt)));
}
elseif (function_exists('mhash')) {
$cipher_txt = '{SHA}' . base64_encode(mhash(MHASH_SHA1, $clear_txt));
}
break;
case 9:
// Salted SHA
mt_srand((double) microtime() * 1000000);
$salt = mhash_keygen_s2k(MHASH_SHA1, $clear_txt, substr(pack("h*", md5(mt_rand())), 0, 8), 4);
$cipher_txt = "{SSHA}" . base64_encode(mhash(MHASH_SHA1, $clear_txt . $salt) . $salt);
break;
default:
// Cleartext
$cipher_txt = $clear_txt;
}
return $cipher_txt;
}