* @version 0.0.0 * @copyright Copyright(c) 2007, 2008 Roland Haeder, this is free software * @license GNU GPL 3.0 or any newer version * @link http://www.ship-simu.org * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ class CryptoHelper extends BaseFrameworkSystem { /** * An instance of this own clas */ private static $selfInstance = null; /** * Instance of the random number generator */ private $rngInstance = null; /** * Salt for hashing operations */ private $salt = ""; /** * Protected constructor * * @return void */ protected function __construct () { // Call parent constructor parent::__construct(__CLASS__); // Set part description $this->setObjectDescription("Cryptographical helper"); // Create unique ID number $this->generateUniqueId(); // Clean up a little $this->removeNumberFormaters(); $this->removeSystemArray(); } /** * Creates an instance of this class * * @return $cryptoInstance An instance of this crypto helper class */ public final static function createCryptoHelper () { // Get a new instance $cryptoInstance = self::getInstance(); // Initialize the hasher $cryptoInstance->initHasher(); // Return the instance return $cryptoInstance; } /** * Get a singleton instance of this class * * @return $selfInstance An instance of this crypto helper class */ public final static function getInstance () { // Is no instance there? if (is_null(self::$selfInstance)) { // Then get a new one self::$selfInstance = new CryptoHelper(); } // Return the instance return self::$selfInstance; } /** * Initializes the hasher for different purposes. * * @return void */ protected function initHasher () { // Initialize the random number generator which is required by some crypto methods $this->rngInstance = ObjectFactory::createObjectByConfiguredName('rng_class'); // Generate a salt for the hasher $this->generateSalt(); } /** * Generates the salt based on configured length * * @return void */ private function generateSalt () { // Get a random string from the RNG $randomString = $this->rngInstance->makeRandomString(); // Get config entry for salt length $length = $this->getConfigInstance()->readConfig('salt_length'); // Keep only defined number of characters $this->salt = substr(sha1($randomString), -$length, $length); } /** * Hashes a password with salt and returns the hash. If an old previous hash * is supplied the method will use the first X chars of that hash for hashing * the password. This is useful if you want to check if the password is * identical for authorization purposes. * * @param $plainPassword The plain password to use * @param $oldHash A previously hashed password * @return $hashed The hashed and salted password */ public function hashPassword ($plainPassword, $oldHash = "") { // Is the old password set? if (empty($oldHash)) { // No, then use the current salt $salt = $this->salt; } else { // Use the salt from hash, first get length $length = $this->getConfigInstance()->readConfig('salt_length'); // Then extract the X first characters from the hash as our salt $salt = substr($oldHash, 0, $length); } // Hash the password with salt //* DEBUG: */ echo "salt=".$salt."/plain=".$plainPassword."
\n"; $hashed = $salt . md5(sprintf($this->getConfigInstance()->readConfig('hash_mask'), $salt, $this->rngInstance->getFixedSalt(), $plainPassword )); // And return it return $hashed; } } // [EOF] ?>