--- /dev/null
+<?php
+/**
+ * A helper class for cryptographical things like hashing passwords and so on
+ *
+ * @author Roland Haeder <webmaster@ship-simu.org>
+ * @version 0.3.0
+ * @copyright Copyright(c) 2007, 2008 Roland Haeder, this is free software
+ * @license GNU GPL 3.0 or any newer version
+ * @link http://www.mxchange.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+class CryptoHelper extends BaseFrameworkSystem {
+ /**
+ * An instance of this own clas
+ */
+ private static $selfInstance = null;
+
+ /**
+ * Instance of the random number generator
+ */
+ private $rngInstance = null;
+
+ /**
+ * Salt for hashing operations
+ */
+ private $salt = "";
+
+ /**
+ * Protected constructor
+ *
+ * @return void
+ */
+ protected function __construct () {
+ // Call parent constructor
+ parent::__construct(__CLASS__);
+
+ // Set part description
+ $this->setObjectDescription("Cryptographical helper");
+
+ // Create unique ID number
+ $this->generateUniqueId();
+
+ // Clean up a little
+ $this->removeNumberFormaters();
+ $this->removeSystemArray();
+ }
+
+ /**
+ * Creates an instance of this class
+ *
+ * @return $cryptoInstance An instance of this crypto helper class
+ */
+ public final static function createCryptoHelper () {
+ // Get a new instance
+ $cryptoInstance = self::getInstance();
+
+ // Initialize the hasher
+ $cryptoInstance->initHasher();
+
+ // Return the instance
+ return $cryptoInstance;
+ }
+
+ /**
+ * Get a singleton instance of this class
+ *
+ * @return $selfInstance An instance of this crypto helper class
+ */
+ public final static function getInstance () {
+ // Is no instance there?
+ if (is_null(self::$selfInstance)) {
+ // Then get a new one
+ self::$selfInstance = new CryptoHelper();
+ }
+
+ // Return the instance
+ return self::$selfInstance;
+ }
+
+ /**
+ * Initializes the hasher for different purposes.
+ *
+ * @return void
+ */
+ protected function initHasher () {
+ // Initialize the random number generator which is required by some crypto methods
+ $this->rngInstance = ObjectFactory::createObjectByConfiguredName('rng_class');
+
+ // Generate a salt for the hasher
+ $this->generateSalt();
+ }
+
+ /**
+ * Generates the salt based on configured length
+ *
+ * @return void
+ */
+ private function generateSalt () {
+ // Get a random string from the RNG
+ $randomString = $this->rngInstance->makeRandomString();
+
+ // Get config entry for salt length
+ $length = $this->getConfigInstance()->readConfig('salt_length');
+
+ // Keep only defined number of characters
+ $this->salt = substr(sha1($randomString), -$length, $length);
+ }
+
+ /**
+ * Hashes a password with salt and returns the hash. If an old previous hash
+ * is supplied the method will use the first X chars of that hash for hashing
+ * the password. This is useful if you want to check if the password is
+ * identical for authorization purposes.
+ *
+ * @param $plainPassword The plain password to use
+ * @param $oldHash A previously hashed password
+ * @return $hashed The hashed and salted password
+ */
+ public function hashPassword ($plainPassword, $oldHash = "") {
+ // Is the old password set?
+ if (empty($oldHash)) {
+ // No, then use the current salt
+ $salt = $this->salt;
+ } else {
+ // Use the salt from hash, first get length
+ $length = $this->getConfigInstance()->readConfig('salt_length');
+
+ // Then extract the X first characters from the hash as our salt
+ $salt = substr($oldHash, 0, $length);
+ }
+
+ // Hash the password with salt
+ $hashed = $salt . md5(sprintf($this->getConfigInstance()->readConfig('hash_mask'),
+ $salt,
+ $this->rngInstance->getExtraSalt(),
+ $plainPassword
+ ));
+
+ // And return it
+ return $hashed;
+ }
+}
+
+// [EOF]
+?>