3 * A helper class for cryptographical things like hashing passwords and so on
5 * @author Roland Haeder <webmaster@ship-simu.org>
7 * @copyright Copyright(c) 2007, 2008 Roland Haeder, this is free software
8 * @license GNU GPL 3.0 or any newer version
9 * @link http://www.mxchange.org
11 * This program is free software: you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation, either version 3 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 class CryptoHelper extends BaseFrameworkSystem {
26 * An instance of this own clas
28 private static $selfInstance = null;
31 * Instance of the random number generator
33 private $rngInstance = null;
36 * Salt for hashing operations
41 * Protected constructor
45 protected function __construct () {
46 // Call parent constructor
47 parent::__construct(__CLASS__);
49 // Set part description
50 $this->setObjectDescription("Cryptographical helper");
52 // Create unique ID number
53 $this->createUniqueID();
56 $this->removeNumberFormaters();
57 $this->removeSystemArray();
61 * Creates an instance of this class
63 * @return $cryptoInstance An instance of this crypto helper class
65 public final static function createCryptoHelper () {
67 $cryptoInstance = self::getInstance();
69 // Initialize the hasher
70 $cryptoInstance->initHasher();
72 // Return the instance
73 return $cryptoInstance;
77 * Get a singleton instance of this class
79 * @return $selfInstance An instance of this crypto helper class
81 public final static function getInstance () {
82 // Is no instance there?
83 if (is_null(self::$selfInstance)) {
85 self::$selfInstance = new CryptoHelper();
88 // Return the instance
89 return self::$selfInstance;
93 * Initializes the hasher for different purposes.
97 protected function initHasher () {
98 // Initialize the random number generator which is required by some crypto methods
99 $this->rngInstance = ObjectFactory::createObjectByConfiguredName('rng_class');
101 // Generate a salt for the hasher
102 $this->generateSalt();
106 * Generates the salt based on configured length
110 private function generateSalt () {
111 // Get a random string from the RNG
112 $randomString = $this->rngInstance->makeRandomString();
114 // Get config entry for salt length
115 $length = $this->getConfigInstance()->readConfig('salt_length');
117 // Keep only defined number of characters
118 $this->salt = substr(sha1($randomString), -$length, $length);
122 * Hashes a password with salt and returns the hash. If an old previous hash
123 * is supplied the method will use the first X chars of that hash for hashing
124 * the password. This is useful if you want to check if the password is
125 * identical for authorization purposes.
127 * @param $plainPassword The plain password to use
128 * @param $oldHash A previously hashed password
129 * @return $hashed The hashed and salted password
131 public function hashPassword ($plainPassword, $oldHash = "") {
132 // Is the old password set?
133 if (empty($oldHash)) {
134 // No, then use the current salt
137 // Use the salt from hash, first get length
138 $length = $this->getConfigInstance()->readConfig('salt_length');
140 // Then extract the X first characters from the hash as our salt
141 $salt = substr($oldHash, 0, $length);
144 // Hash the password with salt
145 $hashed = $salt . md5(sprintf($this->getConfigInstance()->readConfig('hash_mask'),
147 $this->rngInstance->getExtraSalt(),