PageRenderTime 45ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 0ms

/library/Zend/Crypt/Hmac.php

http://github.com/centurion-project/Centurion
PHP | 181 lines | 63 code | 19 blank | 99 comment | 17 complexity | 852f5951daa78a69c743c63b36c8b31f MD5 | raw file
Possible License(s): BSD-3-Clause
  1. <?php
  2. /**
  3. * Zend Framework
  4. *
  5. * LICENSE
  6. *
  7. * This source file is subject to the new BSD license that is bundled
  8. * with this package in the file LICENSE.txt.
  9. * It is also available through the world-wide-web at this URL:
  10. * http://framework.zend.com/license/new-bsd
  11. * If you did not receive a copy of the license and are unable to
  12. * obtain it through the world-wide-web, please send an email
  13. * to license@zend.com so we can send you a copy immediately.
  14. *
  15. * @category Zend
  16. * @package Zend_Crypt
  17. * @subpackage Hmac
  18. * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
  19. * @license http://framework.zend.com/license/new-bsd New BSD License
  20. * @version $Id$
  21. */
  22. /**
  23. * @see Zend_Crypt
  24. */
  25. //$1 'Zend/Crypt.php';
  26. /**
  27. * PHP implementation of the RFC 2104 Hash based Message Authentication Code
  28. * algorithm.
  29. *
  30. * @todo Patch for refactoring failed tests (key block sizes >80 using internal algo)
  31. * @todo Check if mhash() is a required alternative (will be PECL-only soon)
  32. * @category Zend
  33. * @package Zend_Crypt
  34. * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
  35. * @license http://framework.zend.com/license/new-bsd New BSD License
  36. */
  37. class Zend_Crypt_Hmac extends Zend_Crypt
  38. {
  39. /**
  40. * The key to use for the hash
  41. *
  42. * @var string
  43. */
  44. protected static $_key = null;
  45. /**
  46. * pack() format to be used for current hashing method
  47. *
  48. * @var string
  49. */
  50. protected static $_packFormat = null;
  51. /**
  52. * Hashing algorithm; can be the md5/sha1 functions or any algorithm name
  53. * listed in the output of PHP 5.1.2+ hash_algos().
  54. *
  55. * @var string
  56. */
  57. protected static $_hashAlgorithm = 'md5';
  58. /**
  59. * List of algorithms supported my mhash()
  60. *
  61. * @var array
  62. */
  63. protected static $_supportedMhashAlgorithms = array('adler32',' crc32', 'crc32b', 'gost',
  64. 'haval128', 'haval160', 'haval192', 'haval256', 'md4', 'md5', 'ripemd160',
  65. 'sha1', 'sha256', 'tiger', 'tiger128', 'tiger160');
  66. /**
  67. * Constants representing the output mode of the hash algorithm
  68. */
  69. const STRING = 'string';
  70. const BINARY = 'binary';
  71. /**
  72. * Performs a HMAC computation given relevant details such as Key, Hashing
  73. * algorithm, the data to compute MAC of, and an output format of String,
  74. * Binary notation or BTWOC.
  75. *
  76. * @param string $key
  77. * @param string $hash
  78. * @param string $data
  79. * @param string $output
  80. * @param boolean $internal
  81. * @return string
  82. */
  83. public static function compute($key, $hash, $data, $output = self::STRING)
  84. {
  85. // set the key
  86. if (!isset($key) || empty($key)) {
  87. //$1 'Zend/Crypt/Hmac/Exception.php';
  88. throw new Zend_Crypt_Hmac_Exception('provided key is null or empty');
  89. }
  90. self::$_key = $key;
  91. // set the hash
  92. self::_setHashAlgorithm($hash);
  93. // perform hashing and return
  94. return self::_hash($data, $output);
  95. }
  96. /**
  97. * Setter for the hash method.
  98. *
  99. * @param string $hash
  100. * @return Zend_Crypt_Hmac
  101. */
  102. protected static function _setHashAlgorithm($hash)
  103. {
  104. if (!isset($hash) || empty($hash)) {
  105. //$1 'Zend/Crypt/Hmac/Exception.php';
  106. throw new Zend_Crypt_Hmac_Exception('provided hash string is null or empty');
  107. }
  108. $hash = strtolower($hash);
  109. $hashSupported = false;
  110. if (function_exists('hash_algos') && in_array($hash, hash_algos())) {
  111. $hashSupported = true;
  112. }
  113. if ($hashSupported === false && function_exists('mhash') && in_array($hash, self::$_supportedAlgosMhash)) {
  114. $hashSupported = true;
  115. }
  116. if ($hashSupported === false) {
  117. //$1 'Zend/Crypt/Hmac/Exception.php';
  118. throw new Zend_Crypt_Hmac_Exception('hash algorithm provided is not supported on this PHP installation; please enable the hash or mhash extensions');
  119. }
  120. self::$_hashAlgorithm = $hash;
  121. }
  122. /**
  123. * Perform HMAC and return the keyed data
  124. *
  125. * @param string $data
  126. * @param string $output
  127. * @param bool $internal Option to not use hash() functions for testing
  128. * @return string
  129. */
  130. protected static function _hash($data, $output = self::STRING, $internal = false)
  131. {
  132. if (function_exists('hash_hmac')) {
  133. if ($output == self::BINARY) {
  134. return hash_hmac(self::$_hashAlgorithm, $data, self::$_key, 1);
  135. }
  136. return hash_hmac(self::$_hashAlgorithm, $data, self::$_key);
  137. }
  138. if (function_exists('mhash')) {
  139. if ($output == self::BINARY) {
  140. return mhash(self::_getMhashDefinition(self::$_hashAlgorithm), $data, self::$_key);
  141. }
  142. $bin = mhash(self::_getMhashDefinition(self::$_hashAlgorithm), $data, self::$_key);
  143. return bin2hex($bin);
  144. }
  145. }
  146. /**
  147. * Since MHASH accepts an integer constant representing the hash algorithm
  148. * we need to make a small detour to get the correct integer matching our
  149. * algorithm's name.
  150. *
  151. * @param string $hashAlgorithm
  152. * @return integer
  153. */
  154. protected static function _getMhashDefinition($hashAlgorithm)
  155. {
  156. for ($i = 0; $i <= mhash_count(); $i++)
  157. {
  158. $types[mhash_get_hash_name($i)] = $i;
  159. }
  160. return $types[strtoupper($hashAlgorithm)];
  161. }
  162. }