August 2009

You are currently browsing the monthly archive for August 2009.

review

August 14, 2009 | No comments

Syntax Highlighting on this blog is brought to you by http://alexgorbatchev.com/wiki/SyntaxHighlighter. – I’m using the “old” 1.5.1 version on purpose: it allows you to copy the code to your clipboard without using the flash code… unlike the new version where you end up selecting the line numbers as well. Update: I’ve shifted to the SyntaxHighlighter Evolved WordPress plugin by Viper007Bond.

August 6, 2009 | No comments

{SSHA} Salted SHA1 with PHP

August 2, 2009 in encryption, OOP, PHP | No comments

I was in need of a PHP class to encrypt hash and verify passwords using salted sha1 hashes. Here it is, quick but not too dirty:

<?php

class SSHA
{

  public static function newSalt()
  {
    return chr(rand(0,255)).chr(rand(0,255)).chr(rand(0,255)).chr(rand(0,255)).chr(rand(0,255)).chr(rand(0,255)).chr(rand(0,255)).chr(rand(0,255));
  }

  public static function hash($pass,$salt)
  {
    return '{SSHA}'.base64_encode(sha1($pass.$salt,true).$salt);
  }

  public static function getSalt($hash)
  {
    return substr(base64_decode(substr($hash,6)),20);
  }

  public static function newHash($pass)
  {
    return self::hash($pass,self::newSalt());
  }

  public static function verifyPassword($pass,$hash)
  {
    return $hash == self::hash($pass,self::getSalt($hash));
  }

}