Added the ability to create hashes without the fixed (extra) salt
authorRoland Häder <roland@mxchange.org>
Sun, 26 Feb 2012 00:22:19 +0000 (00:22 +0000)
committerRoland Häder <roland@mxchange.org>
Sun, 26 Feb 2012 00:22:19 +0000 (00:22 +0000)
inc/classes/main/crypto/class_CryptoHelper.php
inc/config.php

index 61df314..52bd668 100644 (file)
@@ -140,9 +140,10 @@ class CryptoHelper extends BaseFrameworkSystem implements Cryptable {
         *
         * @param       $str            Unhashed string
         * @param       $oldHash        A hash from previous hashed string
+        * @param       $withFixed      Whether to include a fixed salt (not recommended in p2p applications)
         * @return      $hashed         The hashed and salted string
         */
-       public function hashString ($str, $oldHash = '') {
+       public function hashString ($str, $oldHash = '', $withFixed = true) {
                // Cast the string
                $str = (string) $str;
 
@@ -160,11 +161,20 @@ class CryptoHelper extends BaseFrameworkSystem implements Cryptable {
 
                // Hash the password with salt
                //* DEBUG: */ echo "salt=".$salt."/plain=".$str."<br />\n";
-               $hashed = $salt . md5(sprintf($this->getConfigInstance()->getConfigEntry('hash_mask'),
-                       $salt,
-                       $this->getRngInstance()->getFixedSalt(),
-                       $str
-               ));
+               if ($withFixed === true) {
+                       // Use additional fixed salt
+                       $hashed = $salt . md5(sprintf($this->getConfigInstance()->getConfigEntry('hash_salt_mask'),
+                               $salt,
+                               $this->getRngInstance()->getFixedSalt(),
+                               $str
+                       ));
+               } else {
+                       // Use salt+string to hash
+                       $hashed = $salt . md5(sprintf($this->getConfigInstance()->getConfigEntry('hash_normal_mask'),
+                               $salt,
+                               $str
+                       ));
+               }
 
                // And return it
                return $hashed;
index 8e9c3d4..82f4acc 100644 (file)
@@ -269,8 +269,11 @@ $cfg->setConfigEntry('salt_length', 10);
 // CFG: RND-STR-LENGTH
 $cfg->setConfigEntry('rnd_str_length', 128);
 
-// CFG: HASH-MASK
-$cfg->setConfigEntry('hash_mask', "%1s:%2s:%3s"); // 1=salt, 2=extra salt, 3=plain password
+// CFG: HASH-EXTRA-MASK
+$cfg->setConfigEntry('hash_extra_mask', "%1s:%2s:%3s"); // 1=salt, 2=extra salt, 3=plain password/string
+
+// CFG: HASH-NORMAL-MASK
+$cfg->setConfigEntry('hash_NORMAL_mask', "%1s:%2s"); // 1=salt, 2=plain password/string
 
 // CFG: IS-SINGLE-SERVER
 $cfg->setConfigEntry('is_single_server', 'Y');