From fece1fbc18b656a0c98470f2ca1d4f801c2e8caa Mon Sep 17 00:00:00 2001
From: Kijin Sung <kijin@kijinsung.com>
Date: Thu, 24 Sep 2015 12:09:22 +0900
Subject: [PATCH] Support additional check-only algorithms in Password class

---
 classes/security/Password.class.php | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/classes/security/Password.class.php b/classes/security/Password.class.php
index 049e9b276..1363eaec7 100644
--- a/classes/security/Password.class.php
+++ b/classes/security/Password.class.php
@@ -162,6 +162,10 @@ class Password
 				return $this->strcmpConstantTime($hash_to_compare, $hash);
 
 			default:
+				if(in_array($algorithm, hash_algos()))
+				{
+					return $this->strcmpConstantTime(hash($algorithm, $password), $hash);
+				}
 				return false;
 		}
 	}
@@ -185,6 +189,22 @@ class Password
 		{
 			return 'md5';
 		}
+		elseif(strlen($hash) === 40 && ctype_xdigit($hash))
+		{
+			return 'sha1';
+		}
+		elseif(strlen($hash) === 64 && ctype_xdigit($hash))
+		{
+			return 'sha256';
+		}
+		elseif(strlen($hash) === 96 && ctype_xdigit($hash))
+		{
+			return 'sha384';
+		}
+		elseif(strlen($hash) === 128 && ctype_xdigit($hash))
+		{
+			return 'sha512';
+		}
 		elseif(strlen($hash) === 16 && ctype_xdigit($hash))
 		{
 			return 'mysql_old_password';