oxpasswordsaltgenerator.php

Go to the documentation of this file.
00001 <?php
00002 
00007 class oxPasswordSaltGenerator
00008 {
00009 
00013     private $_openSSLFunctionalityChecker;
00014 
00020     public function __construct(oxOpenSSLFunctionalityChecker $openSSLFunctionalityChecker)
00021     {
00022         $this->_openSSLFunctionalityChecker = $openSSLFunctionalityChecker;
00023     }
00024 
00031     public function generate()
00032     {
00033         if ($this->_getOpenSSLFunctionalityChecker()->isOpenSslRandomBytesGeneratorAvailable()) {
00034             $sSalt = bin2hex(openssl_random_pseudo_bytes(16));
00035         } else {
00036             $sSalt = $this->_customSaltGenerator();
00037         }
00038 
00039         return $sSalt;
00040     }
00041 
00047     protected function _getOpenSSLFunctionalityChecker()
00048     {
00049         return $this->_openSSLFunctionalityChecker;
00050     }
00051 
00057     protected function _customSaltGenerator()
00058     {
00059         $sHash = '';
00060         $sSalt = '';
00061         for ($i = 0; $i < 32; $i++) {
00062             $sHash = hash('sha256', $sHash . mt_rand());
00063             $iPosition = mt_rand(0, 62);
00064             $sSalt .= $sHash[$iPosition];
00065         }
00066 
00067         return $sSalt;
00068     }
00069 }
Generated by  doxygen 1.7.1