2007-07-23 07:21:39 +02:00
|
|
|
<?php
|
2007-07-25 23:56:14 +02:00
|
|
|
|
|
|
|
/**
|
2015-09-07 19:52:17 +02:00
|
|
|
* Wrapper around hash() and hash_hmac() functions supporting truncated hashes
|
|
|
|
* such as sha256-96. Any hash algorithm returned by hash_algos() (and
|
|
|
|
* truncated versions thereof) are supported.
|
2007-07-25 23:56:14 +02:00
|
|
|
*
|
2015-09-07 19:52:17 +02:00
|
|
|
* If {@link \phpseclib\Crypt\Hash::setKey() setKey()} is called,
|
|
|
|
* {@link \phpseclib\Crypt\Hash::hash() hash()} will return the HMAC as opposed
|
|
|
|
* to the hash.
|
2007-07-25 23:56:14 +02:00
|
|
|
*
|
2009-02-16 23:22:13 +01:00
|
|
|
* Here's a short example of how to use this library:
|
|
|
|
* <code>
|
|
|
|
* <?php
|
2014-12-17 01:16:54 +01:00
|
|
|
* include 'vendor/autoload.php';
|
2009-02-16 23:22:13 +01:00
|
|
|
*
|
2015-09-07 19:52:17 +02:00
|
|
|
* $hash = new \phpseclib\Crypt\Hash('sha512');
|
2009-02-16 23:22:13 +01:00
|
|
|
*
|
|
|
|
* $hash->setKey('abcdefg');
|
|
|
|
*
|
|
|
|
* echo base64_encode($hash->hash('abcdefg'));
|
|
|
|
* ?>
|
|
|
|
* </code>
|
|
|
|
*
|
2013-12-10 20:10:37 +01:00
|
|
|
* @category Crypt
|
2014-12-17 01:16:54 +01:00
|
|
|
* @package Hash
|
2013-12-10 20:10:37 +01:00
|
|
|
* @author Jim Wigginton <terrafrost@php.net>
|
2015-09-07 19:52:17 +02:00
|
|
|
* @copyright 2015 Jim Wigginton
|
|
|
|
* @author Andreas Fischer <bantu@phpbb.com>
|
|
|
|
* @copyright 2015 Andreas Fischer
|
2013-12-10 20:10:37 +01:00
|
|
|
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
|
|
|
* @link http://phpseclib.sourceforge.net
|
2007-07-25 23:56:14 +02:00
|
|
|
*/
|
2007-07-23 07:21:39 +02:00
|
|
|
|
2014-12-17 01:16:54 +01:00
|
|
|
namespace phpseclib\Crypt;
|
|
|
|
|
2015-09-06 09:59:12 +02:00
|
|
|
use phpseclib\Exception\UnsupportedAlgorithmException;
|
2014-06-02 20:09:47 +02:00
|
|
|
|
2007-07-23 07:21:39 +02:00
|
|
|
/**
|
2014-12-17 01:16:54 +01:00
|
|
|
* @package Hash
|
2007-07-23 07:21:39 +02:00
|
|
|
* @author Jim Wigginton <terrafrost@php.net>
|
2015-09-07 19:52:17 +02:00
|
|
|
* @author Andreas Fischer <bantu@phpbb.com>
|
2007-07-23 07:21:39 +02:00
|
|
|
* @access public
|
|
|
|
*/
|
2014-12-17 01:16:54 +01:00
|
|
|
class Hash
|
2013-12-03 19:34:41 +01:00
|
|
|
{
|
2013-10-18 20:24:06 +02:00
|
|
|
/**
|
|
|
|
* Hash Parameter
|
|
|
|
*
|
2014-12-17 01:16:54 +01:00
|
|
|
* @see \phpseclib\Crypt\Hash::setHash()
|
2015-09-02 01:44:55 +02:00
|
|
|
* @var int
|
2013-10-18 20:24:06 +02:00
|
|
|
* @access private
|
|
|
|
*/
|
|
|
|
var $hashParam;
|
|
|
|
|
2007-07-23 07:21:39 +02:00
|
|
|
/**
|
2009-02-16 23:22:13 +01:00
|
|
|
* Byte-length of hash output (Internal HMAC)
|
2007-07-23 07:21:39 +02:00
|
|
|
*
|
2014-12-17 01:16:54 +01:00
|
|
|
* @see \phpseclib\Crypt\Hash::setHash()
|
2015-09-02 01:44:55 +02:00
|
|
|
* @var int
|
2007-07-23 07:21:39 +02:00
|
|
|
* @access private
|
|
|
|
*/
|
2015-09-07 19:36:56 +02:00
|
|
|
var $length;
|
2007-07-23 07:21:39 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Hash Algorithm
|
|
|
|
*
|
2014-12-17 01:16:54 +01:00
|
|
|
* @see \phpseclib\Crypt\Hash::setHash()
|
2015-09-02 01:44:55 +02:00
|
|
|
* @var string
|
2007-07-23 07:21:39 +02:00
|
|
|
* @access private
|
|
|
|
*/
|
|
|
|
var $hash;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Key
|
|
|
|
*
|
2014-12-17 01:16:54 +01:00
|
|
|
* @see \phpseclib\Crypt\Hash::setKey()
|
2015-09-02 01:44:55 +02:00
|
|
|
* @var string
|
2007-07-23 07:21:39 +02:00
|
|
|
* @access private
|
|
|
|
*/
|
2012-08-23 15:59:49 +02:00
|
|
|
var $key = false;
|
2007-07-23 07:21:39 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Default Constructor.
|
|
|
|
*
|
2015-09-02 01:44:55 +02:00
|
|
|
* @param string $hash
|
2007-07-23 07:21:39 +02:00
|
|
|
* @access public
|
|
|
|
*/
|
2015-09-06 09:59:12 +02:00
|
|
|
function __construct($hash = 'sha256')
|
2007-07-23 07:21:39 +02:00
|
|
|
{
|
2009-02-16 23:22:13 +01:00
|
|
|
$this->setHash($hash);
|
2007-07-23 07:21:39 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2009-02-16 23:22:13 +01:00
|
|
|
* Sets the key for HMACs
|
|
|
|
*
|
|
|
|
* Keys can be of any length.
|
2007-07-23 07:21:39 +02:00
|
|
|
*
|
|
|
|
* @access public
|
2015-09-02 01:44:55 +02:00
|
|
|
* @param string $key
|
2007-07-23 07:21:39 +02:00
|
|
|
*/
|
2012-08-23 15:59:49 +02:00
|
|
|
function setKey($key = false)
|
2007-07-23 07:21:39 +02:00
|
|
|
{
|
|
|
|
$this->key = $key;
|
|
|
|
}
|
|
|
|
|
2013-10-18 20:24:06 +02:00
|
|
|
/**
|
|
|
|
* Gets the hash function.
|
|
|
|
*
|
|
|
|
* As set by the constructor or by the setHash() method.
|
|
|
|
*
|
|
|
|
* @access public
|
2015-09-02 01:44:55 +02:00
|
|
|
* @return string
|
2013-10-18 20:24:06 +02:00
|
|
|
*/
|
|
|
|
function getHash()
|
|
|
|
{
|
|
|
|
return $this->hashParam;
|
|
|
|
}
|
|
|
|
|
2007-07-23 07:21:39 +02:00
|
|
|
/**
|
|
|
|
* Sets the hash function.
|
|
|
|
*
|
|
|
|
* @access public
|
2015-09-02 01:44:55 +02:00
|
|
|
* @param string $hash
|
2007-07-23 07:21:39 +02:00
|
|
|
*/
|
|
|
|
function setHash($hash)
|
|
|
|
{
|
2013-10-18 20:24:06 +02:00
|
|
|
$this->hashParam = $hash = strtolower($hash);
|
2007-09-23 06:41:39 +02:00
|
|
|
switch ($hash) {
|
|
|
|
case 'md5-96':
|
|
|
|
case 'sha1-96':
|
2014-08-06 06:27:11 +02:00
|
|
|
case 'sha256-96':
|
|
|
|
case 'sha512-96':
|
|
|
|
$hash = substr($hash, 0, -3);
|
2015-09-07 19:36:03 +02:00
|
|
|
$this->length = 12; // 96 / 8 = 12
|
2009-02-16 23:22:13 +01:00
|
|
|
break;
|
2009-11-23 20:06:07 +01:00
|
|
|
case 'md2':
|
2009-02-16 23:22:13 +01:00
|
|
|
case 'md5':
|
2015-09-07 19:36:03 +02:00
|
|
|
$this->length = 16;
|
2009-02-16 23:22:13 +01:00
|
|
|
break;
|
|
|
|
case 'sha1':
|
2015-09-07 19:36:03 +02:00
|
|
|
$this->length = 20;
|
2009-11-23 20:06:07 +01:00
|
|
|
break;
|
|
|
|
case 'sha256':
|
2015-09-07 19:36:03 +02:00
|
|
|
$this->length = 32;
|
2009-11-23 20:06:07 +01:00
|
|
|
break;
|
|
|
|
case 'sha384':
|
2015-09-07 19:36:03 +02:00
|
|
|
$this->length = 48;
|
2009-11-23 20:06:07 +01:00
|
|
|
break;
|
|
|
|
case 'sha512':
|
2015-09-07 19:36:03 +02:00
|
|
|
$this->length = 64;
|
2009-11-23 20:06:07 +01:00
|
|
|
break;
|
|
|
|
default:
|
2015-09-07 19:52:17 +02:00
|
|
|
// see if the hash isn't "officially" supported see if it can
|
|
|
|
// be "unofficially" supported and calculate the length
|
|
|
|
// accordingly.
|
2015-09-06 09:59:12 +02:00
|
|
|
if (in_array($hash, hash_algos())) {
|
2015-09-07 19:36:03 +02:00
|
|
|
$this->length = strlen(hash($hash, '', true));
|
2015-09-06 09:59:12 +02:00
|
|
|
break;
|
2007-07-23 07:21:39 +02:00
|
|
|
}
|
2015-09-07 19:52:17 +02:00
|
|
|
// if the hash algorithm doens't exist maybe it's a truncated
|
|
|
|
// hash, e.g. whirlpool-12 or some such.
|
|
|
|
if (preg_match('#(-\d+)$#', $hash, $matches)) {
|
|
|
|
$hash = substr($hash, 0, -strlen($matches[1]));
|
|
|
|
if (in_array($hash, hash_algos())) {
|
|
|
|
$this->length = abs($matches[1]) >> 3;
|
|
|
|
break;
|
|
|
|
}
|
2007-07-23 07:21:39 +02:00
|
|
|
}
|
2015-09-07 19:52:17 +02:00
|
|
|
throw new UnsupportedAlgorithmException(
|
|
|
|
"$hash is not a supported algorithm"
|
|
|
|
);
|
2007-07-23 07:21:39 +02:00
|
|
|
}
|
|
|
|
|
2015-09-06 09:59:12 +02:00
|
|
|
$this->hash = $hash;
|
2007-07-23 07:21:39 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Compute the HMAC.
|
|
|
|
*
|
|
|
|
* @access public
|
2015-09-02 01:44:55 +02:00
|
|
|
* @param string $text
|
|
|
|
* @return string
|
2007-07-23 07:21:39 +02:00
|
|
|
*/
|
2009-02-16 23:22:13 +01:00
|
|
|
function hash($text)
|
2007-07-23 07:21:39 +02:00
|
|
|
{
|
2015-09-06 09:59:12 +02:00
|
|
|
$output = !empty($this->key) || is_string($this->key) ?
|
|
|
|
hash_hmac($this->hash, $text, $this->key, true) :
|
|
|
|
hash($this->hash, $text, true);
|
2007-07-23 07:21:39 +02:00
|
|
|
|
2015-09-07 19:52:17 +02:00
|
|
|
return strlen($output) > $this->length
|
|
|
|
? substr($output, 0, $this->length)
|
|
|
|
: $output;
|
2007-07-23 07:21:39 +02:00
|
|
|
}
|
2009-11-23 20:06:07 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Returns the hash length (in bytes)
|
|
|
|
*
|
2010-08-08 23:29:39 +02:00
|
|
|
* @access public
|
2015-09-02 01:44:55 +02:00
|
|
|
* @return int
|
2009-11-23 20:06:07 +01:00
|
|
|
*/
|
|
|
|
function getLength()
|
|
|
|
{
|
2015-09-07 19:36:03 +02:00
|
|
|
return $this->length;
|
2009-11-23 20:06:07 +01:00
|
|
|
}
|
2012-06-11 10:34:07 +02:00
|
|
|
}
|