1: <?php
2: /**
3: * Magento
4: *
5: * NOTICE OF LICENSE
6: *
7: * This source file is subject to the Open Software License (OSL 3.0)
8: * that is bundled with this package in the file LICENSE.txt.
9: * It is also available through the world-wide-web at this URL:
10: * http://opensource.org/licenses/osl-3.0.php
11: * If you did not receive a copy of the license and are unable to
12: * obtain it through the world-wide-web, please send an email
13: * to license@magentocommerce.com so we can send you a copy immediately.
14: *
15: * DISCLAIMER
16: *
17: * Do not edit or add to this file if you wish to upgrade Magento to newer
18: * versions in the future. If you wish to customize Magento for your
19: * needs please refer to http://www.magentocommerce.com for more information.
20: *
21: * @category Mage
22: * @package Mage_Core
23: * @copyright Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
24: * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
25: */
26:
27: /**
28: * Provides basic logic for hashing passwords and encrypting/decrypting misc data
29: *
30: * @category Mage
31: * @package Mage_Core
32: * @author Magento Core Team <core@magentocommerce.com>
33: */
34: class Mage_Core_Model_Encryption
35: {
36: /**
37: * @var Varien_Crypt_Mcrypt
38: */
39: protected $_crypt;
40: /**
41: * @var Mage_Core_Helper_Data
42: */
43: protected $_helper;
44:
45: /**
46: * Set helper instance
47: *
48: * @param Mage_Core_Helper_Data $helper
49: * @return Mage_Core_Model_Encryption
50: */
51: public function setHelper($helper)
52: {
53: $this->_helper = $helper;
54: return $this;
55: }
56:
57: /**
58: * Generate a [salted] hash.
59: *
60: * $salt can be:
61: * false - a random will be generated
62: * integer - a random with specified length will be generated
63: * string
64: *
65: * @param string $password
66: * @param mixed $salt
67: * @return string
68: */
69: public function getHash($password, $salt = false)
70: {
71: if (is_integer($salt)) {
72: $salt = $this->_helper->getRandomString($salt);
73: }
74: return $salt === false ? $this->hash($password) : $this->hash($salt . $password) . ':' . $salt;
75: }
76:
77: /**
78: * Hash a string
79: *
80: * @param string $data
81: * @return string
82: */
83: public function hash($data)
84: {
85: return md5($data);
86: }
87:
88: /**
89: * Validate hash against hashing method (with or without salt)
90: *
91: * @param string $password
92: * @param string $hash
93: * @return bool
94: * @throws Exception
95: */
96: public function validateHash($password, $hash)
97: {
98: $hashArr = explode(':', $hash);
99: switch (count($hashArr)) {
100: case 1:
101: return $this->hash($password) === $hash;
102: case 2:
103: return $this->hash($hashArr[1] . $password) === $hashArr[0];
104: }
105: Mage::throwException('Invalid hash.');
106: }
107:
108: /**
109: * Instantiate crypt model
110: *
111: * @param string $key
112: * @return Varien_Crypt_Mcrypt
113: */
114: protected function _getCrypt($key = null)
115: {
116: if (!$this->_crypt) {
117: if (null === $key) {
118: $key = (string)Mage::getConfig()->getNode('global/crypt/key');
119: }
120: $this->_crypt = Varien_Crypt::factory()->init($key);
121: }
122: return $this->_crypt;
123: }
124:
125: /**
126: * Encrypt a string
127: *
128: * @param string $data
129: * @return string
130: */
131: public function encrypt($data)
132: {
133: return base64_encode($this->_getCrypt()->encrypt((string)$data));
134: }
135:
136: /**
137: * Decrypt a string
138: *
139: * @param string $data
140: * @return string
141: */
142: public function decrypt($data)
143: {
144: return str_replace("\x0", '', trim($this->_getCrypt()->decrypt(base64_decode((string)$data))));
145: }
146:
147: /**
148: * Return crypt model, instantiate if it is empty
149: *
150: * @param string $key
151: * @return Varien_Crypt_Mcrypt
152: */
153: public function validateKey($key)
154: {
155: return $this->_getCrypt($key);
156: }
157: }
158: