HASH Encrypt

1. define("PBKDF2_HASH_ALGORITHM", "sha256");
2. define("PBKDF2_ITERATIONS", 1000);
3. define("PBKDF2_SALT_BYTE_SIZE", 24);
4. define("PBKDF2_HASH_BYTE_SIZE", 24);
5. define("HASH_SECTIONS", 4);
6. define("HASH_ALGORITHM_INDEX", 0);
7. define("HASH_ITERATION_INDEX", 1);
8. define("HASH_SALT_INDEX", 2);
9. define("HASH_PBKDF2_INDEX", 3);
10.  
11. function create_hash($password)
12. {
13.    
14.     $salt = base64_encode(mcrypt_create_iv(PBKDF2_SALT_BYTE_SIZE, MCRYPT_DEV_URANDOM));
15.     return PBKDF2_HASH_ALGORITHM . ":" . PBKDF2_ITERATIONS . ":" .  $salt . ":" .
16.         base64_encode(pbkdf2(
17.             PBKDF2_HASH_ALGORITHM,
18.             $password,
19.             $salt,
20.             PBKDF2_ITERATIONS,
21.             PBKDF2_HASH_BYTE_SIZE,
22.             true
23.         ));
24. }
25.  
26. function validate_password($password, $correct_hash)
27. {
28.     $params = explode(":", $correct_hash);
29.     if(count($params) < HASH_SECTIONS)
30.        return false;
31.     $pbkdf2 = base64_decode($params[HASH_PBKDF2_INDEX]);
32.     return slow_equals(
33.         $pbkdf2,
34.         pbkdf2(
35.             $params[HASH_ALGORITHM_INDEX],
36.             $password,
37.             $params[HASH_SALT_INDEX],
38.             (int)$params[HASH_ITERATION_INDEX],
39.             strlen($pbkdf2),
40.             true
41.         )
42.     );
43. }
44.  
45. function slow_equals($a, $b)
46. {
47.     $diff = strlen($a) ^ strlen($b);
48.     for($i = 0; $i < strlen($a) && $i < strlen($b); $i++)
49.     {
50.         $diff |= ord($a[$i]) ^ ord($b[$i]);
51.     }
52.     return $diff === 0;
53. }
54.  
55.  
56. function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false)
57. {
58.     $algorithm = strtolower($algorithm);
59.     if(!in_array($algorithm, hash_algos(), true))
60.         trigger_error('PBKDF2 ERROR: Invalid hash algorithm.', E_USER_ERROR);
61.     if($count <= 0 || $key_length <= 0)
62.         trigger_error('PBKDF2 ERROR: Invalid parameters.', E_USER_ERROR);
63.  
64.     if (function_exists("hash_pbkdf2")) {
65.        
66.         if (!$raw_output) {
67.             $key_length = $key_length * 2;
68.         }
69.         return hash_pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output);
70.     }
71.  
72.     $hash_length = strlen(hash($algorithm, "", true));
73.     $block_count = ceil($key_length / $hash_length);
74.  
75.     $output = "";
76.     for($i = 1; $i <= $block_count; $i++) {
77.        
78.         $last = $salt . pack("N", $i);
79.        
80.         $last = $xorsum = hash_hmac($algorithm, $last, $password, true);
81.        
82.         for ($j = 1; $j < $count; $j++) {
83.             $xorsum ^= ($last = hash_hmac($algorithm, $last, $password, true));
84.         }
85.         $output .= $xorsum;
86.     }
87.  
88.     if($raw_output)
89.         return substr($output, 0, $key_length);
90.     else
91.         return bin2hex(substr($output, 0, $key_length));
92. }