PHP Classes

File: examples.php

Recommend this page to a friend!
  Classes of Looky Looky   ktHash   examples.php   Download  
File: examples.php
Role: Example script
Content type: text/plain
Description: Some examples of use.
Class: ktHash
Generate and verify salted hashes for passwords
Author: By
Last change: Script fix.
Date: 13 years ago
Size: 2,567 bytes
 

Contents

Class file image Download
<?php

/**
 * This hashing function generates message digests that are salted with random
 * salt, so no two hashes of the same input data should produce the same
 * results. The salt is scrambled directly into the output string using a fairly
 * secure scrambling algorithm that makes it virtually impossible for any
 * attacker to uncover it (the salt characters appear in random order at random
 * positions with almost-uniform distribution, therefore are indistinguishable
 * from the hash characters).
 *
 * This hashing function can also verify whether a string is a digest of some
 * input message, use various hashing algorithms (those supplied by PHP's
 * hash_algos(); if you specify an unknown algorithm, the function defaults to
 * SHA1), and you can even provide a key for HMAC variant of the message digest
 * (actually the HMAC variant is always used, but if you don't specify the key,
 * empty string is used instead).
 *
 * Possible usage for this function is generating password hashes; they will be
 * already salted, which is always good, but you don't have to store the salt
 * anywhere in your database, which improves security and simplifies your code.
 * You can also check very easily if the user supplied password on login matches
 * the stored hash.
 */

require_once 'ktHash.php';

define('APPLICATION_SECRET', "This is an application-wide shared secret key.");

$password = "password";

$hash_1 = ktHash::hash($password, APPLICATION_SECRET); // password hash
$hash_2 = ktHash::hash($password, APPLICATION_SECRET); // another password hash
$verified_YES_1 = $hash_1 === ktHash::hash($password, APPLICATION_SECRET, $hash_1) ? "YES" : "NO"; // check password hash
$verified_YES_2 = $hash_2 === ktHash::hash($password, APPLICATION_SECRET, $hash_2) ? "YES" : "NO"; // works on this one too
$verified_NO = $hash_1 === ktHash::hash("wrong_password", APPLICATION_SECRET, $hash_1) ? "YES" : "NO"; // but this check fails
$hash_whirlpool = ktHash::hash($password, APPLICATION_SECRET, NULL, "whirlpool"); // use different hashing algorithm

echo $hash_1 . "<br />";
echo $hash_2 . "<br />";
echo $verified_YES_1 . "<br />";
echo $verified_YES_2 . "<br />";
echo $verified_NO . "<br />";
echo $hash_whirlpool . "<br />";

/**
 * Result:
 *
 * 3a2d2532b06d7a94f37b15c1cbf50b89f4e78fc7
 * e810428e1d66af5243a9ef62ac6cc095ac2f5622
 * YES
 * YES
 * NO
 * dd610019e7a794276df956f6a2b168c26ffb71ca967ca9e70476331e21dc109fa822af50085e8af71ef4a3fb37d42aacee55f23461db83101e5d54840a85beba
 */