/**
* A helper class for cryptographical things like hashing passwords and so on
*
- * @author Roland Haeder <webmaster@ship-simu.org>
+ * @author Roland Haeder <webmaster@shipsimu.org>
* @version 0.0.0
- * @copyright Copyright (c) 2007, 2008 Roland Haeder, 2009, 2010 Core Developer Team
+ * @copyright Copyright (c) 2007, 2008 Roland Haeder, 2009 - 2015 Core Developer Team
* @license GNU GPL 3.0 or any newer version
- * @link http://www.ship-simu.org
+ * @link http://www.shipsimu.org
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
/**
* An instance of this own clas
*/
- private static $selfInstance = null;
-
- /**
- * Instance of the random number generator
- */
- private $rngInstance = null;
+ private static $selfInstance = NULL;
/**
* Instance of the crypto stream
*/
- private $cryptoStreamInstance = null;
+ private $cryptoStreamInstance = NULL;
/**
* Salt for hashing operations
*
* @return $cryptoInstance An instance of this crypto helper class
*/
- public final static function createCryptoHelper () {
+ public static final function createCryptoHelper () {
// Get a new instance
$cryptoInstance = new CryptoHelper();
*
* @return $selfInstance An instance of this crypto helper class
*/
- public final static function getInstance () {
+ public static final function getSelfInstance () {
// Is no instance there?
if (is_null(self::$selfInstance)) {
// Then get a new one
*/
private function generateSalt () {
// Get a random string from the RNG
- $randomString = $this->getRngInstance()->randomString();
+ $randomString = $this->getRngInstance()->randomString() . $this->createUuid();
// Get config entry for salt length
$length = $this->getConfigInstance()->getConfigEntry('salt_length');
$this->salt = substr(sha1($randomString), -$length, $length);
}
+ /**
+ * Returns a UUID (Universal Unique IDentifier) if PECL extension uuid was
+ * found or an empty string it not.
+ *
+ * @return $uuid UUID with leading dash or empty string
+ */
+ public function createUuid () {
+ // Init empty UUID
+ $uuid = '';
+
+ // Is the UUID extension loaded? (see pecl)
+ if ((extension_loaded('uuid')) && (function_exists('uuid_create'))) {
+ // Then add it as well
+ $uuid = uuid_create();
+ } // END - if
+
+ // Return it
+ return $uuid;
+ }
+
/**
* Hashes a string with salt and returns the hash. If an old previous hash
* is supplied the method will use the first X chars of that hash for hashing
*
* @param $str Unhashed string
* @param $oldHash A hash from previous hashed string
+ * @param $withFixed Whether to include a fixed salt (not recommended in p2p applications)
* @return $hashed The hashed and salted string
*/
- public function hashString ($str, $oldHash = '') {
+ public function hashString ($str, $oldHash = '', $withFixed = TRUE) {
// Cast the string
$str = (string) $str;
// Hash the password with salt
//* DEBUG: */ echo "salt=".$salt."/plain=".$str."<br />\n";
- $hashed = $salt . md5(sprintf($this->getConfigInstance()->getConfigEntry('hash_mask'),
- $salt,
- $this->getRngInstance()->getFixedSalt(),
- $str
- ));
+ if ($withFixed === TRUE) {
+ // Use additional fixed salt
+ $hashed = $salt . md5(sprintf($this->getConfigInstance()->getConfigEntry('hash_extra_mask'),
+ $salt,
+ $this->getRngInstance()->getFixedSalt(),
+ $str
+ ));
+ } else {
+ // Use salt+string to hash
+ $hashed = $salt . md5(sprintf($this->getConfigInstance()->getConfigEntry('hash_normal_mask'),
+ $salt,
+ $str
+ ));
+ }
// And return it
return $hashed;
* Encrypt the string with fixed salt
*
* @param $str The unencrypted string
+ * @param $key Optional key, if none provided, a random key will be generated
* @return $encrypted Encrypted string
*/
- public function encryptString ($str) {
+ public function encryptString ($str, $key = NULL) {
// Encrypt the string through the stream
- $encrypted = $this->cryptoStreamInstance->encryptStream($str);
+ $encrypted = $this->cryptoStreamInstance->encryptStream($str, $key);
// Return the string
return $encrypted;