routines for encoding passwords with SSHA256 in PHP

1. function hexToAscii($hex)
2. {
3.     $strLength = strlen($hex);
4.     $returnVal = '';
5.  
6.     for($i=0; $i<$strLength; $i += 2)
7.     {
8.         $dec_val = hexdec(substr($hex, $i, 2));
9.         $returnVal .= chr($dec_val);
10.     }
11.     return $returnVal;
12. }
13.  
14. function HashedPassword($plainpassword)
15. {
16.     // generating a random salt
17.     $salt_hex   = substr(sha1(uniqid()),18,8);
18.     $salt_ascii = hexToAscii($salt_hex);
19.  
20.     $hashpassword = hash('sha256', $plainpassword . $salt_ascii);
21.  
22.     $returnVal = "{SSHA256.HEX}" . $hashpassword . $salt_hex;
23.  
24.     return $returnVal;
25. }
26.  
27. function VerifyHashedPassword($encodedpassword,$plainpassword)
28. {
29.     if(stripos($encodedpassword,'SSHA256'))
30.         {
31.             $encodedpassword =  substr($encodedpassword,13,strlen($encodedpassword));
32.         }
33.  
34.     $lengthstring = strlen($encodedpassword);
35.  
36.     $salt_hex = substr($encodedpassword, $lengthstring - 8, 8);
37.     $salt_ascii = hexToAscii($salt_hex);
38.  
39.     $newpasswordhash = hash('sha256', $plainpassword . $salt_ascii );
40.  
41.     $newencodedpassword = $newpasswordhash . $salt_hex;
42.  
43.     if ( "$encodedpassword" == "$newencodedpassword" ) {
44.        // if strings are equal, passwords supplied matches
45.        $returnVal = true;
46.    } else {
47.        // if strings are not equal, passwords do NOT match
48.        $returnVal = false;
49.    }
50.  
51.   return $returnVal;
52.  
53. }