3 * A helper class for cryptographical things like hashing passwords and so on
5 * @author Roland Haeder <webmaster@ship-simu.org>
7 * @copyright Copyright (c) 2007 - 2009 Roland Haeder, this is free software
8 * @license GNU GPL 3.0 or any newer version
9 * @link http://www.ship-simu.org
11 * This program is free software: you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation, either version 3 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 class CryptoHelper extends BaseFrameworkSystem implements Cryptable {
25 // Exception constants
26 const EXCEPTION_ENCRYPT_MISSING = 0x1f0;
27 const EXCEPTION_ENCRYPT_INVALID = 0x1f1;
30 * An instance of this own clas
32 private static $selfInstance = null;
35 * Instance of the random number generator
37 private $rngInstance = null;
40 * Salt for hashing operations
45 * Seperator on many places
47 private $seperator '|';
50 * Protected constructor
54 protected function __construct () {
55 // Call parent constructor
56 parent::__construct(__CLASS__);
59 $this->removeNumberFormaters();
60 $this->removeSystemArray();
64 * Creates an instance of this class
66 * @return $cryptoInstance An instance of this crypto helper class
68 public final static function createCryptoHelper () {
70 $cryptoInstance = new CryptoHelper();
72 // Initialize the hasher
73 $cryptoInstance->initHasher();
75 // Return the instance
76 return $cryptoInstance;
80 * Get a singleton instance of this class
82 * @return $selfInstance An instance of this crypto helper class
84 public final static function getInstance () {
85 // Is no instance there?
86 if (is_null(self::$selfInstance)) {
88 self::$selfInstance = self::createCryptoHelper();
91 // Return the instance
92 return self::$selfInstance;
96 * Initializes the hasher for different purposes.
100 protected function initHasher () {
101 // Initialize the random number generator which is required by some crypto methods
102 $this->rngInstance = ObjectFactory::createObjectByConfiguredName('rng_class');
104 // Generate a salt for the hasher
105 $this->generateSalt();
109 * Generates the salt based on configured length
113 private function generateSalt () {
114 // Get a random string from the RNG
115 $randomString = $this->rngInstance->randomString();
117 // Get config entry for salt length
118 $length = $this->getConfigInstance()->readConfig('salt_length');
120 // Keep only defined number of characters
121 $this->salt = substr(sha1($randomString), -$length, $length);
125 * Hashes a string with salt and returns the hash. If an old previous hash
126 * is supplied the method will use the first X chars of that hash for hashing
127 * the password. This is useful if you want to check if password is identical
128 * for authorization purposes.
130 * @param $str Unhashed string
131 * @param $oldHash A hash from previous hashed string
132 * @return $hashed The hashed and salted string
134 public function hashString ($str, $oldHash = '') {
136 $str = (string) $str;
138 // Default is the default salt ;-)
141 // Is the old password set?
142 if (!empty($oldHash)) {
143 // Use the salt from hash, first get length
144 $length = $this->getConfigInstance()->readConfig('salt_length');
146 // Then extract the X first characters from the hash as our salt
147 $salt = substr($oldHash, 0, $length);
150 // Hash the password with salt
151 //* DEBUG: */ echo "salt=".$salt."/plain=".$str."<br />\n";
152 $hashed = $salt . md5(sprintf($this->getConfigInstance()->readConfig('hash_mask'),
154 $this->rngInstance->getFixedSalt(),
163 * Encrypt the string with fixed salt
165 * @param $str The unencrypted string
166 * @return $encrypted Encrypted string
168 public function encryptString ($str) {
169 // Init crypto module
170 $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
171 $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
174 if ($this->getConfigInstance()->readConfig('crypt_fixed_salt') == 'Y') {
175 $key = md5($this->rngInstance->getFixedSalt());
177 $key = md5($this->rngInstance->getExtraSalt());
180 // Add some "garbage" to the string
181 switch ($this->rngInstance->randomNumber(0, 8)) {
183 $garbageString = crc32($this->rngInstance->randomString(10)) . $this->seperator . base64_encode($str) . $this->seperator . crc32($this->rngInstance->randomString(20));
187 $garbageString = crc32($this->rngInstance->randomString(10)) . $this->seperator . base64_encode($str) . $this->seperator . md5($this->rngInstance->randomString(20));
191 $garbageString = crc32($this->rngInstance->randomString(10)) . $this->seperator . base64_encode($str) . $this->seperator . sha1($this->rngInstance->randomString(20));
195 $garbageString = md5($this->rngInstance->randomString(10)) . $this->seperator . base64_encode($str) . $this->seperator . crc32($this->rngInstance->randomString(20));
199 $garbageString = md5($this->rngInstance->randomString(10)) . $this->seperator . base64_encode($str) . $this->seperator . md5($this->rngInstance->randomString(20));
203 $garbageString = md5($this->rngInstance->randomString(10)) . $this->seperator . base64_encode($str) . $this->seperator . sha1($this->rngInstance->randomString(20));
207 $garbageString = sha1($this->rngInstance->randomString(10)) . $this->seperator . base64_encode($str) . $this->seperator . crc32($this->rngInstance->randomString(20));
211 $garbageString = sha1($this->rngInstance->randomString(10)) . $this->seperator . base64_encode($str) . $this->seperator . md5($this->rngInstance->randomString(20));
215 $garbageString = sha1($this->rngInstance->randomString(10)) . $this->seperator . base64_encode($str) . $this->seperator . sha1($this->rngInstance->randomString(20));
219 // Encrypt the string
220 $encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $garbageString, MCRYPT_MODE_ECB, $iv);
227 * Decrypt the string with fixed salt
229 * @param $encrypted Encrypted string
230 * @return $str The unencrypted string
232 public function decryptString ($encrypted) {
233 // Init crypto module
234 $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
235 $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
238 if ($this->getConfigInstance()->readConfig('crypt_fixed_salt') == 'Y') {
239 $key = md5($this->rngInstance->getFixedSalt());
241 $key = md5($this->rngInstance->getExtraSalt());
244 // Decrypt the string
245 $garbageString = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $encrypted, MCRYPT_MODE_ECB, $iv);
247 // Get the real string out
248 $strArray = explode($this->seperator, $garbageString);
250 // Does the element count match?
251 assert(count($strArray) == 3);
254 $str = base64_decode($strArray[1]);
256 // Trim trailing nulls away
257 $str = rtrim($str, "\0");