public static function ssha($password, $hash = null)
{
$marker = '{SSHA}';
if ($hash == null) {
// encrypt
// create salt (4 byte)
$salt = '';
for ($i = 0; $i < 4; $i++) {
$salt .= chr(mt_rand(0, 255));
}
// get digest
$digest = sha1($password . $salt, true);
// b64 for storage
return $marker . base64_encode($digest . $salt);
} else {
// verify
// is this a SSHA hash?
if (!substr($hash, 0, strlen($marker)) == $marker) {
Error::raise(_t('Invalid hash'));
return false;
}
// cut off {SSHA} marker
$hash = substr($hash, strlen($marker));
// b64 decode
$hash = base64_decode($hash);
// split up
$digest = substr($hash, 0, 20);
$salt = substr($hash, 20);
// compare
return sha1($password . $salt, true) == $digest;
}
}