/packages/zendframework/hmac.php
[return to app]1
<?php
2 /**
3 * Zend Framework Hmac class isolated from ZF dependencies to work in Vork
4 *
5 * LICENSE
6 *
7 * This source file is subject to the new BSD license that is bundled
8 * with this package in the file LICENSE.txt.
9 * It is also available through the world-wide-web at this URL:
10 * http://framework.zend.com/license/new-bsd
11 * If you did not receive a copy of the license and are unable to
12 * obtain it through the world-wide-web, please send an email
13 * to license@zend.com so we can send you a copy immediately.
14 *
15 * @category Zend
16 * @package Zend_Crypt
17 * @subpackage Hmac
18 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
19 * @license http://framework.zend.com/license/new-bsd New BSD License
20 * @version $Id: Hmac.php 20096 2010-01-06 02:05:09Z bkarwin $
21 */
22
23 /**
24 * @see Zend_Crypt
25 */
26 if (!class_exists('Zend_Crypt')) {
27 require 'crypt.php';
28 }
29
30 /**
31 * PHP implementation of the RFC 2104 Hash based Message Authentication Code
32 * algorithm.
33 *
34 * @todo Patch for refactoring failed tests (key block sizes >80 using internal algo)
35 * @todo Check if mhash() is a required alternative (will be PECL-only soon)
36 * @category Zend
37 * @package Zend_Crypt
38 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
39 * @license http://framework.zend.com/license/new-bsd New BSD License
40 */
41 class Zend_Crypt_Hmac extends Zend_Crypt {
42
43 /**
44 * The key to use for the hash
45 *
46 * @var string
47 */
48 protected static $_key = null;
49
50 /**
51 * pack() format to be used for current hashing method
52 *
53 * @var string
54 */
55 protected static $_packFormat = null;
56
57 /**
58 * Hashing algorithm; can be the md5/sha1 functions or any algorithm name
59 * listed in the output of PHP 5.1.2+ hash_algos().
60 *
61 * @var string
62 */
63 protected static $_hashAlgorithm = 'md5';
64
65 /**
66 * List of algorithms supported my mhash()
67 *
68 * @var array
69 */
70 protected static $_supportedMhashAlgorithms = array('adler32',' crc32', 'crc32b', 'gost',
71 'haval128', 'haval160', 'haval192', 'haval256', 'md4', 'md5', 'ripemd160',
72 'sha1', 'sha256', 'tiger', 'tiger128', 'tiger160');
73
74 /**
75 * Constants representing the output mode of the hash algorithm
76 */
77 const STRING = 'string';
78 const BINARY = 'binary';
79
80 /**
81 * Performs a HMAC computation given relevant details such as Key, Hashing
82 * algorithm, the data to compute MAC of, and an output format of String,
83 * Binary notation or BTWOC.
84 *
85 * @param string $key
86 * @param string $hash
87 * @param string $data
88 * @param string $output
89 * @param boolean $internal
90 * @return string
91 */
92 public static function compute($key, $hash, $data, $output = self::STRING) {
93 // set the key
94 if (!isset($key) || empty($key)) {
95 if (!class_exists('Zend_Exception')) require 'exception.php';
96 throw new Zend_Crypt_Hmac_Exception('provided key is null or empty');
97 }
98 self::$_key = $key;
99
100 // set the hash
101 self::_setHashAlgorithm($hash);
102
103 // perform hashing and return
104 return self::_hash($data, $output);
105 }
106
107 /**
108 * Setter for the hash method.
109 *
110 * @param string $hash
111 * @return Zend_Crypt_Hmac
112 */
113 protected static function _setHashAlgorithm($hash) {
114 if (!isset($hash) || empty($hash)) {
115 if (!class_exists('Zend_Exception')) require 'exception.php';
116 throw new Zend_Crypt_Hmac_Exception('provided hash string is null or empty');
117 }
118
119 $hash = strtolower($hash);
120 $hashSupported = false;
121
122 if (function_exists('hash_algos') && in_array($hash, hash_algos())) {
123 $hashSupported = true;
124 }
125
126 if ($hashSupported === false && function_exists('mhash') && in_array($hash, self::$_supportedAlgosMhash))
{
127 $hashSupported = true;
128 }
129
130 if ($hashSupported === false) {
131 if (!class_exists('Zend_Exception')) require 'exception.php';
132 throw new Zend_Crypt_Hmac_Exception('hash algorithm provided is not supported on this PHP
installation; '
133 . 'please enable the hash or mhash extensions');
134 }
135 self::$_hashAlgorithm = $hash;
136 }
137
138 /**
139 * Perform HMAC and return the keyed data
140 *
141 * @param string $data
142 * @param string $output
143 * @param bool $internal Option to not use hash() functions for testing
144 * @return string
145 */
146 protected static function _hash($data, $output = self::STRING, $internal = false) {
147 if (function_exists('hash_hmac')) {
148 if ($output == self::BINARY) {
149 return hash_hmac(self::$_hashAlgorithm, $data, self::$_key, 1);
150 }
151 return hash_hmac(self::$_hashAlgorithm, $data, self::$_key);
152 }
153
154 if (function_exists('mhash')) {
155 if ($output == self::BINARY) {
156 return mhash(self::_getMhashDefinition(self::$_hashAlgorithm), $data, self::$_key);
157 }
158 $bin = mhash(self::_getMhashDefinition(self::$_hashAlgorithm), $data, self::$_key);
159 return bin2hex($bin);
160 }
161 }
162
163 /**
164 * Since MHASH accepts an integer constant representing the hash algorithm
165 * we need to make a small detour to get the correct integer matching our
166 * algorithm's name.
167 *
168 * @param string $hashAlgorithm
169 * @return integer
170 */
171 protected static function _getMhashDefinition($hashAlgorithm) {
172 for ($i = 0; $i <= mhash_count(); $i++) {
173 $types[mhash_get_hash_name($i)] = $i;
174 }
175 return $types[strtoupper($hashAlgorithm)];
176 }
177 }