@n0uur/wordpress-hash-node 2.0.0

package/README.md

@@ -0,0 +1,58 @@
+# @n0uur/wordpress-hash-node
+
+Wordpress hashes (phpass library portable hashes) port for Node.js with TypeScript support.
+
+Based on phpass for PHP 5 or greater.
+
+> **Original Author Credit:** This package is a TypeScript port of [wordpress-hash-node](https://github.com/AlexAlbala/wordpress-hash-node) by Alex Albalà.
+
+## Installation
+
+```bash
+npm install @n0uur/wordpress-hash-node
+```
+
+## Usage
+
+### JavaScript (CommonJS)
+
+```javascript
+const { HashPassword, CheckPassword } = require("@n0uur/wordpress-hash-node");
+
+const password = "testPassword";
+const hash = HashPassword(password);
+const checked = CheckPassword(password, hash); // This will return true
+```
+
+### TypeScript
+
+```typescript
+import { HashPassword, CheckPassword } from "@n0uur/wordpress-hash-node";
+
+const password = "testPassword";
+const hash: string = HashPassword(password);
+const checked: boolean = CheckPassword(password, hash); // This will return true
+```
+
+## API
+
+### `HashPassword(password: string): string`
+
+Generates a WordPress-compatible hash for the given password.
+
+- **Parameters:**
+  - `password` (string): The password to hash
+- **Returns:** The hashed password string
+
+### `CheckPassword(password: string, stored_hash: string): boolean`
+
+Verifies if a password matches the stored hash.
+
+- **Parameters:**
+  - `password` (string): The password to verify
+  - `stored_hash` (string): The hash to compare against
+- **Returns:** `true` if the password matches, `false` otherwise
+
+## License
+
+GPL

package/dist/hash.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Hashes a password using WordPress's phpass implementation
+ * @param password - The password to hash
+ * @returns The hashed password
+ */
+export declare function HashPassword(password: string): string;
+/**
+ * Checks if a password matches the stored hash
+ * @param password - The password to check
+ * @param stored_hash - The stored hash to compare against
+ * @returns True if the password matches the hash
+ */
+export declare function CheckPassword(password: string, stored_hash: string): boolean;

package/dist/hash.js

@@ -0,0 +1,108 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HashPassword = HashPassword;
+exports.CheckPassword = CheckPassword;
+const phpfunctions = __importStar(require("./phpfunctions"));
+const itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+const iteration_count_log2 = 8;
+function crypt_private(password, setting) {
+    let output = "*0";
+    if (phpfunctions.substr(setting, 0, 2) === output)
+        output = "*1";
+    if (phpfunctions.substr(setting, 0, 3) !== "$P$")
+        return output;
+    const count_log2 = phpfunctions.strpos(itoa64, setting[3]);
+    if (count_log2 < 7 || count_log2 > 30)
+        return output;
+    const count = 1 << count_log2;
+    const salt = phpfunctions.substr(setting, 4, 8);
+    if (phpfunctions.strlen(salt) !== 8)
+        return output;
+    let hash = phpfunctions.md5(salt + "" + password, true);
+    let remaining = count;
+    do {
+        hash = phpfunctions.md5(hash + "" + password, true);
+    } while (--remaining);
+    output = phpfunctions.substr(setting, 0, 12);
+    output += encode64(hash, 16);
+    return output;
+}
+function gensalt_private(input) {
+    let output = "$P$";
+    output += itoa64[Math.min(iteration_count_log2 + 5, 30)];
+    output += encode64(input, 6);
+    return output;
+}
+function encode64(input, count) {
+    let output = "";
+    let i = 0;
+    do {
+        let value = phpfunctions.ord(input[i++]);
+        output += itoa64[value & 0x3f];
+        if (i < count)
+            value |= phpfunctions.ord(input[i]) << 8;
+        output += itoa64[(value >> 6) & 0x3f];
+        if (i++ >= count)
+            break;
+        if (i < count)
+            value |= phpfunctions.ord(input[i]) << 16;
+        output += itoa64[(value >> 12) & 0x3f];
+        if (i++ >= count)
+            break;
+        output += itoa64[(value >> 18) & 0x3f];
+    } while (i < count);
+    return output;
+}
+/**
+ * Hashes a password using WordPress's phpass implementation
+ * @param password - The password to hash
+ * @returns The hashed password
+ */
+function HashPassword(password) {
+    const salt = gensalt_private(phpfunctions.sixCharRandom());
+    const hash = crypt_private(password, salt);
+    return hash;
+}
+/**
+ * Checks if a password matches the stored hash
+ * @param password - The password to check
+ * @param stored_hash - The stored hash to compare against
+ * @returns True if the password matches the hash
+ */
+function CheckPassword(password, stored_hash) {
+    const hash = crypt_private(password, stored_hash);
+    return hash === stored_hash;
+}

package/dist/index.d.ts

@@ -0,0 +1 @@
+export { HashPassword, CheckPassword } from "./hash";

package/dist/index.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CheckPassword = exports.HashPassword = void 0;
+var hash_1 = require("./hash");
+Object.defineProperty(exports, "HashPassword", { enumerable: true, get: function () { return hash_1.HashPassword; } });
+Object.defineProperty(exports, "CheckPassword", { enumerable: true, get: function () { return hash_1.CheckPassword; } });

package/dist/phpfunctions.d.ts

@@ -0,0 +1,6 @@
+export declare function strlen(str: string): number;
+export declare function strpos(string: string, find: string): number;
+export declare function md5(string: string, raw?: boolean): string;
+export declare function sixCharRandom(): string;
+export declare function substr(string: string, start: number, count: number): string;
+export declare function ord(input: string): number;

package/dist/phpfunctions.js

@@ -0,0 +1,43 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.strlen = strlen;
+exports.strpos = strpos;
+exports.md5 = md5;
+exports.sixCharRandom = sixCharRandom;
+exports.substr = substr;
+exports.ord = ord;
+const crypto_1 = __importDefault(require("crypto"));
+function strlen(str) {
+    return str.length;
+}
+function strpos(string, find) {
+    return string.indexOf(find);
+}
+function md5(string, raw) {
+    const hash = crypto_1.default.createHash("md5");
+    hash.update(string, "binary");
+    if (raw) {
+        return hash.digest("binary");
+    }
+    else {
+        return hash.digest("hex");
+    }
+}
+function sixCharRandom() {
+    let text = "";
+    const possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+    for (let i = 0; i < 6; i++) {
+        text += possible.charAt(Math.floor(Math.random() * possible.length));
+    }
+    return text;
+}
+function substr(string, start, count) {
+    return string.substring(start, start + count);
+}
+function ord(input) {
+    const r = input.charCodeAt(0);
+    return r;
+}

package/package.json

@@ -0,0 +1,45 @@
+{
+  "name": "@n0uur/wordpress-hash-node",
+  "description": "A phpass portable hashing function compatible with wordpress passwords (TypeScript port)",
+  "author": "n0uur",
+  "contributors": [
+    {
+      "name": "Alex Albalà",
+      "email": "alexalbala88@gmail.com",
+      "url": "https://github.com/AlexAlbala/wordpress-hash-node"
+    }
+  ],
+  "dependencies": {},
+  "devDependencies": {
+    "@types/node": "^20.11.0",
+    "typescript": "^5.3.3"
+  },
+  "version": "2.0.0",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "prepublishOnly": "npm run build",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/n0uur/wordpress-hash-node"
+  },
+  "keywords": [
+    "wordpress",
+    "phpass",
+    "hash",
+    "typescript",
+    "password",
+    "hashing"
+  ],
+  "license": "GPL",
+  "bugs": {
+    "url": "https://github.com/n0uur/wordpress-hash-node/issues"
+  },
+  "homepage": "https://github.com/n0uur/wordpress-hash-node"
+}