class.hash.php
Gesponsorde koppelingen
PHP script bestanden
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
<?php
/**
* Define the pepper that will be used below in the hash class
* script:
*/
define('PEPPER', '2:@P%%oQ[|b&p#m+:|1$ {n#+1zyk6B>OO:HTBs6dx~Ws._|~-rb/WJ9^&pAo@XA');
/**
*
* @date 15 Aug 2012,
* @package Security
*
*/
Class Hash {
/**
* @param string $password,
* @param string $salt,
* @param string $key -> a key for the hashing algo (almost different each time),
* @param string $hash -> the hash that will be used to encrypt passwords,
* @param bool $raw -> raw output (for most safety set on false)
*/
private
$password,
$salt,
$key = '',
$hash = 'sha512',
$raw = false;
/*
* @param string $hashed -> the hashed password
*/
private
$hashed;
/**
* @param string $password,
* @param string $salt,
* @return void
*/
public function __construct($password, $salt) {
$this->password = (string) $password;
$this->salt = (string) $salt;
}
/**
* @param string $hash;
* @return void
*/
public function setHash($hash) {
if(!in_array(strtolower($hash), hash_algos())) {
throw new Exception('Hash: '.$hash.' is NOT available on this system.');
}
$this->hash = strtolower($hash);
}
/**
* @param string $key,
* @return void
*/
public function setKey($key) {
$this->key = (string) $key;
}
/**
* @param bool $raw,
* @return void
*/
public function setRaw($raw) {
$this->raw = (bool) $raw;
}
/**
* Generate the hashed password. No params are needed.
* @return string $hashed
*/
private function generate() {
/**
* Generate a special key that is different for each client and is based
* on the length of the password:
*/
if(strlen($this->key) == 0) {
$i = round(strlen(PEPPER) + strlen($this->salt) + strlen($this->password));
$this->setKey(hash_hmac($this->hash, substr(PEPPER.$this->salt.$this->password.$this->salt.PEPPER, ($i / 2)), PEPPER, true));
}
/**
* Generate the hashed value of the setted pepper, salt and
* password together:
*/
$this->hashed = hash_hmac($this->hash, PEPPER.$this->salt.$this->password.$this->salt.PEPPER, $this->key, (bool) $this->raw);
return $this->hashed;
}
/**
* @return string $hashed
*/
public function getHashedPassword() {
return $this->generate();
}
}
?>
/**
* Define the pepper that will be used below in the hash class
* script:
*/
define('PEPPER', '2:@P%%oQ[|b&p#m+:|1$ {n#+1zyk6B>OO:HTBs6dx~Ws._|~-rb/WJ9^&pAo@XA');
/**
*
* @date 15 Aug 2012,
* @package Security
*
*/
Class Hash {
/**
* @param string $password,
* @param string $salt,
* @param string $key -> a key for the hashing algo (almost different each time),
* @param string $hash -> the hash that will be used to encrypt passwords,
* @param bool $raw -> raw output (for most safety set on false)
*/
private
$password,
$salt,
$key = '',
$hash = 'sha512',
$raw = false;
/*
* @param string $hashed -> the hashed password
*/
private
$hashed;
/**
* @param string $password,
* @param string $salt,
* @return void
*/
public function __construct($password, $salt) {
$this->password = (string) $password;
$this->salt = (string) $salt;
}
/**
* @param string $hash;
* @return void
*/
public function setHash($hash) {
if(!in_array(strtolower($hash), hash_algos())) {
throw new Exception('Hash: '.$hash.' is NOT available on this system.');
}
$this->hash = strtolower($hash);
}
/**
* @param string $key,
* @return void
*/
public function setKey($key) {
$this->key = (string) $key;
}
/**
* @param bool $raw,
* @return void
*/
public function setRaw($raw) {
$this->raw = (bool) $raw;
}
/**
* Generate the hashed password. No params are needed.
* @return string $hashed
*/
private function generate() {
/**
* Generate a special key that is different for each client and is based
* on the length of the password:
*/
if(strlen($this->key) == 0) {
$i = round(strlen(PEPPER) + strlen($this->salt) + strlen($this->password));
$this->setKey(hash_hmac($this->hash, substr(PEPPER.$this->salt.$this->password.$this->salt.PEPPER, ($i / 2)), PEPPER, true));
}
/**
* Generate the hashed value of the setted pepper, salt and
* password together:
*/
$this->hashed = hash_hmac($this->hash, PEPPER.$this->salt.$this->password.$this->salt.PEPPER, $this->key, (bool) $this->raw);
return $this->hashed;
}
/**
* @return string $hashed
*/
public function getHashedPassword() {
return $this->generate();
}
}
?>