{SSHA} Salted SHA1 with PHP

I was in need of a PHP class to encrypt hash and verify passwords using salted sha1 hashes. Here it is, quick but not too dirty:

<?php

class SSHA
{

  public static function newSalt()
  {
    return chr(rand(0,255)).chr(rand(0,255)).chr(rand(0,255)).chr(rand(0,255));
  }

  public static function hash($pass,$salt)
  {
    return '{SSHA}'.base64_encode(sha1($pass.$salt,true).$salt);
  }

  public static function getSalt($hash)
  {
    return substr(base64_decode(substr($hash,-32)),-4);
  }

  public static function newHash($pass)
  {
    return self::hash($pass,self::newSalt());
  }

  public static function verifyPassword($pass,$hash)
  {
    return $hash == self::hash($pass,self::getSalt($hash));
  }

}

Tags: , , , , , , , ,

Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>