*
* @author Roland Haeder <webmaster@ship-simu.org>
* @version 0.0.0
- * @copyright Copyright(c) 2007, 2008 Roland Haeder, this is free software
+ * @copyright Copyright (c) 2007, 2008 Roland Haeder, this is free software
* @license GNU GPL 3.0 or any newer version
* @link http://www.ship-simu.org
*
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
class CryptoHelper extends BaseFrameworkSystem implements Cryptable {
// Exception constants
// Call parent constructor
parent::__construct(__CLASS__);
- // Set part description
- $this->setObjectDescription("Cryptographical helper");
-
- // Create unique ID number
- $this->generateUniqueId();
-
// Clean up a little
$this->removeNumberFormaters();
$this->removeSystemArray();
// Cast the string
$str = (string) $str;
+ // Default is the default salt ;-)
+ $salt = $this->salt;
+
// Is the old password set?
- if (empty($oldHash)) {
- // No, then use the current salt
- $salt = $this->salt;
- } else {
+ if (!empty($oldHash)) {
// Use the salt from hash, first get length
$length = $this->getConfigInstance()->readConfig('salt_length');
// Then extract the X first characters from the hash as our salt
$salt = substr($oldHash, 0, $length);
- }
+ } // END - if
// Hash the password with salt
//* DEBUG: */ echo "salt=".$salt."/plain=".$str."<br />\n";
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
// Get key
- if ($this->getConfigInstance()->readConfig('crypt_fixed_salt') == "Y") {
+ if ($this->getConfigInstance()->readConfig('crypt_fixed_salt') === "Y") {
$key = md5($this->rngInstance->getFixedSalt());
} else {
$key = md5($this->rngInstance->getExtraSalt());
}
// Add some "garbage" to the string
- $garbageString = md5($this->rngInstance->randomString(10))."|".base64_encode($str)."|".sha1($this->rngInstance->randomString(20));
+ switch ($this->rngInstance->randomNumber(0, 8)) {
+ case 0:
+ $garbageString = crc32($this->rngInstance->randomString(10))."|".base64_encode($str)."|".crc32($this->rngInstance->randomString(20));
+ break;
+
+ case 1:
+ $garbageString = crc32($this->rngInstance->randomString(10))."|".base64_encode($str)."|".md5($this->rngInstance->randomString(20));
+ break;
+
+ case 2:
+ $garbageString = crc32($this->rngInstance->randomString(10))."|".base64_encode($str)."|".sha1($this->rngInstance->randomString(20));
+ break;
+
+ case 3:
+ $garbageString = md5($this->rngInstance->randomString(10))."|".base64_encode($str)."|".crc32($this->rngInstance->randomString(20));
+ break;
+
+ case 4:
+ $garbageString = md5($this->rngInstance->randomString(10))."|".base64_encode($str)."|".md5($this->rngInstance->randomString(20));
+ break;
+
+ case 5:
+ $garbageString = md5($this->rngInstance->randomString(10))."|".base64_encode($str)."|".sha1($this->rngInstance->randomString(20));
+ break;
+
+ case 6:
+ $garbageString = sha1($this->rngInstance->randomString(10))."|".base64_encode($str)."|".crc32($this->rngInstance->randomString(20));
+ break;
+
+ case 7:
+ $garbageString = sha1($this->rngInstance->randomString(10))."|".base64_encode($str)."|".md5($this->rngInstance->randomString(20));
+ break;
+
+ case 8:
+ $garbageString = sha1($this->rngInstance->randomString(10))."|".base64_encode($str)."|".sha1($this->rngInstance->randomString(20));
+ break;
+ }
// Encrypt the string
$encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $garbageString, MCRYPT_MODE_ECB, $iv);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
// Get key
- if ($this->getConfigInstance()->readConfig('crypt_fixed_salt') == "Y") {
+ if ($this->getConfigInstance()->readConfig('crypt_fixed_salt') === "Y") {
$key = md5($this->rngInstance->getFixedSalt());
} else {
$key = md5($this->rngInstance->getExtraSalt());
// Get the real string out
$strArray = explode("|", $garbageString);
+
+ // Does the element count match?
+ assert(count($strArray) == 3);
+
+ // Decode the string
$str = base64_decode($strArray[1]);
// Trim trailing nulls away