private function wordPressCryptPrivate(HiddenString $password, string $setting) : string
{
$output = '*0';
if (Binary::safeSubstr($setting, 0, 2) === $output) {
$output = '*1';
}
$id = Binary::safeSubstr($setting, 0, 3);
if ($id !== '$P$' && $id !== '$H$') {
return $output;
}
// This is a really weird way to encode iteration count.
$count_log2 = \strpos($this->itoa64, $setting[3]);
if ($count_log2 < 7 || $count_log2 > 30) {
return $output;
}
$count = 1 << $count_log2;
$salt = Binary::safeSubstr($setting, 4, 8);
if (Binary::safeStrlen($salt) !== 8) {
return $output;
}
// And now we do our (default 8192) rounds of MD5...
$hash = \md5($salt . $password->getString(), true);
do {
$hash = \md5($hash . $password->getString(), true);
} while (--$count);
$output = Binary::safeSubstr($setting, 0, 12);
$output .= $this->encode64($hash, 16);
return $output;
}