oxpasswordsaltgenerator.php

Go to the documentation of this file.
00001 <?php
00002 
00007 class oxPasswordSaltGenerator
00008 {
00012     private $_openSSLFunctionalityChecker;
00013 
00017     public function __construct(oxOpenSSLFunctionalityChecker $openSSLFunctionalityChecker)
00018     {
00019         $this->_openSSLFunctionalityChecker = $openSSLFunctionalityChecker;
00020     }
00021 
00028     public function generate()
00029     {
00030         if ($this->_getOpenSSLFunctionalityChecker()->isOpenSslRandomBytesGeneratorAvailable()) {
00031             $sSalt = bin2hex(openssl_random_pseudo_bytes(16));
00032         } else {
00033             $sSalt = $this->_customSaltGenerator();
00034         }
00035 
00036         return $sSalt;
00037     }
00038 
00042     protected function _getOpenSSLFunctionalityChecker()
00043     {
00044         return $this->_openSSLFunctionalityChecker;
00045     }
00046 
00050     protected function _customSaltGenerator()
00051     {
00052         $sHash = '';
00053         $sSalt = '';
00054         for ($i = 0; $i < 32; $i++) {
00055             $sHash = hash('sha256', $sHash . mt_rand());
00056             $iPosition = mt_rand(0, 62);
00057             $sSalt .= $sHash[$iPosition];
00058         }
00059 
00060         return $sSalt;
00061     }
00062 }
Generated by  doxygen 1.7.1