*/
private function generateSalt () {
// Get a random string from the RNG
- $randomString = $this->getRngInstance()->randomString();
+ $randomString = $this->getRngInstance()->randomString() . $this->createUuid();
// Get config entry for salt length
$length = $this->getConfigInstance()->getConfigEntry('salt_length');
$this->salt = substr(sha1($randomString), -$length, $length);
}
+ /**
+ * Returns a UUID (Universal Unique IDentifier) if PECL extension uuid was
+ * found or an empty string it not.
+ *
+ * @return $uuid UUID with leading dash or empty string
+ */
+ public function createUuid () {
+ // Init empty UUID
+ $uuid = '';
+
+ // Is the UUID extension loaded? (see pecl)
+ if ((extension_loaded('uuid')) && (function_exists('uuid_create'))) {
+ // Then add it as well
+ $uuid = uuid_create();
+ } // END - if
+
+ // Return it
+ return $uuid;
+ }
+
/**
* Hashes a string with salt and returns the hash. If an old previous hash
* is supplied the method will use the first X chars of that hash for hashing
* @param $withFixed Whether to include a fixed salt (not recommended in p2p applications)
* @return $hashed The hashed and salted string
*/
- public function hashString ($str, $oldHash = '', $withFixed = true) {
+ public function hashString ($str, $oldHash = '', $withFixed = TRUE) {
// Cast the string
$str = (string) $str;
// Hash the password with salt
//* DEBUG: */ echo "salt=".$salt."/plain=".$str."<br />\n";
- if ($withFixed === true) {
+ if ($withFixed === TRUE) {
// Use additional fixed salt
$hashed = $salt . md5(sprintf($this->getConfigInstance()->getConfigEntry('hash_extra_mask'),
$salt,