Répertoire de codes source
| Générer un mot de passe | |
|---|---|
|
déposé par JEDI_BC le 16/06/2009 nombre de visites : 5234 edité le 16/06/2009 par JEDI_BC |
Ca peut parraitre inutile comme classe avec l'utilisation facile des fonctions md5 ou sha1 mais avoir un hashing "sécurisé" avec un "grain de sel" aléatoire et utilisant l'algorithme de hashage que l'on veut peut être bien pratique parfois ;) 2009-06-16 : Modification pour utilisation d'un singleton + chainage |
<?php class Password { /** * Size of the salt. * @var int */ protected static $_instance = array(); /** * Size of the salt. * @var int */ protected $_saltSize = 10; /** * Default hashing algorithm (available in the default php hash function). * @var string */ protected $_algorithm = 'sha1'; /** * Cconstructor. * * @return void */ protected function __contruct() { // rand initialisation mt_srand((double)microtime()*1000000); } /** * Retrieves a Password instance * * @return Password */ public static function getInstance($instance = 'default') { if (!isset(self::$_instance[$instance])) self::$_instance[$instance] = new self(); return self::$_instance[$instance]; } /** * Get the size of the salt. * * @return integer */ public function getSaltSize() { return $this->_saltSize; } /** * Set the size of the salt. * * @param integer $size * @return Password * @throws Zend_Exception */ public function setSaltSize($size) { if (empty($size) || !is_int($size)) throw new Exception('size must be an integer upper than 0'); $this->_saltSize = $size; return $this; } /** * Get the hashing algorithm (available in the default php hash function). * * @return string */ public function getAlgorithm() { return $this->_algorithm; } /** * Set the hashing algorithm (available in the default php hash function). * * @param string $algorithm * @return Password * @throws Zend_Exception */ public function setAlgorithm($algorithm) { if (empty($algorithm)) throw new Exception('algorithm is empty'); // Verify that the algorithm exist in the php hash function if (!in_array($algorithm, hash_algos())) throw new Exception($algorithm . ' is not available in the php hash function'); $this->_algorithm = $algorithm; return $this; } /** * Retrieves the default registry instance. * * @param String $password A password to crypt, * @return string * @throws Exception */ public function generate($password) { if (empty($password)) throw new Exception('password is empty'); $salt = ''; for ($i=0; $i<$this->_saltSize; $i++) $salt .= pack("C", mt_rand()); return base64_encode(pack("H*", hash($this->_algorithm, $password . $salt)) . $salt); } /** * Verify the password with the hash. * * @param String $password A password to crypt, * @param String $hash A crypted password, * @param integer $saltSize Length of the salt, * @param string $algorithm Hashing algorithm to use, * @return boolean * @throws Exception */ public function verify($password, $hash, $saltSize = 0, $algorithm = '') { if (empty($password)) throw new Exception('password is empty'); if (empty($hash)) throw new Exception('hash is empty'); if ((!empty($saltSize)) && (!is_int($saltSize))) throw new Exception('saltSize must be a number'); $saltSize = (empty($saltSize)) ? $this->_saltSize : $saltSize; $algorithm = (empty($algorithm)) ? $this->_algorithm : $algorithm; // Verify hash $ohash = base64_decode($hash); $osalt = substr($ohash, -$saltSize); $ohash = substr($ohash, 0, strlen($ohash) - $saltSize); $nhash = pack("H*", hash($algorithm, $password . $osalt)); return ($ohash == $nhash); } } // Exemple : $password = 'test de mot de passe'; $buffer1 = Password::getInstance() ->setSaltSize(5) ->setAlgorithm('md5') ->generate($password); $buffer2 = Password::getInstance('2') ->setSaltSize(15) ->setAlgorithm('sha1') ->generate($password); $verif1 = (Password::getInstance()->verify($password, $buffer1)) ? 'OK' : 'NOK'; echo $verif1 . ' - ' . $buffer1 . "\n"; $verif2 = (Password::getInstance('2')->verify($password, $buffer2)) ? 'OK' : 'NOK'; echo $verif2 . ' - ' . $buffer2 . "\n"; ?> |
|
