Home Explore Help
Sign In
epsylon
/
Elgg-Lorea-Hydra
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0
Branch: master
Branches Tags
Elgg-Lorea-H...
/
engine
/
classes
/
Elgg
/
Security
/
Hmac.php

Hmac.php 1.4 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 
  1. <?php
    2. 

  2. namespace Elgg\Security;
    3. 

  3. 

  4. /**
    5. 

  5.  * Component for creating HMAC tokens
    6. 

  6.  */
    7. 

  7. class Hmac {
    8. 

  8. 

  9. 	/**
    10. 

  10. 	 * @var string
    11. 

  11. 	 */
    12. 

  12. 	private $key;
    13. 

  13. 

  14. 	/**
    15. 

  15. 	 * @var callable
    16. 

  16. 	 */
    17. 

  17. 	private $comparator;
    18. 

  18. 

  19. 	/**
    20. 

  20. 	 * @var string
    21. 

  21. 	 */
    22. 

  22. 	private $data;
    23. 

  23. 

  24. 	/**
    25. 

  25. 	 * @var string
    26. 

  26. 	 */
    27. 

  27. 	private $algo;
    28. 

  28. 

  29. 	/**
    30. 

  30. 	 * Constructor
    31. 

  31. 	 *
    32. 

  32. 	 * @param string   $key        HMAC key
    33. 

  33. 	 * @param callable $comparator Function that returns true if given two equal strings, else false
    34. 

  34. 	 * @param mixed    $data       HMAC data string or serializable data
    35. 

  35. 	 * @param string   $algo       Hash algorithm
    36. 

  36. 	 */
    37. 

  37. 	public function __construct($key, callable $comparator, $data, $algo = 'sha256') {
    38. 

  38. 		$this->key = $key;
    39. 

  39. 		$this->comparator = $comparator;
    40. 

  40. 		if (!$data) {
    41. 

  41. 			throw new \InvalidArgumentException('$data cannot be empty');
    42. 

  42. 		}
    43. 

  43. 		if (!is_string($data)) {
    44. 

  44. 			$data = serialize($data);
    45. 

  45. 		}
    46. 

  46. 		$this->data = $data;
    47. 

  47. 		$this->algo = $algo;
    48. 

  48. 	}
    49. 

  49. 

  50. 	/**
    51. 

  51. 	 * Get the HMAC token in Base64URL encoding
    52. 

  52. 	 *
    53. 

  53. 	 * @return string
    54. 

  54. 	 */
    55. 

  55. 	public function getToken() {
    56. 

  56. 		$bytes = hash_hmac($this->algo, $this->data, $this->key, true);
    57. 

  57. 		return strtr(rtrim(base64_encode($bytes), '='), '+/', '-_');
    58. 

  58. 	}
    59. 

  59. 

  60. 	/**
    61. 

  61. 	 * Does the MAC match the given token?
    62. 

  62. 	 *
    63. 

  63. 	 * @param string $token HMAC token in Base64URL encoding
    64. 

  64. 	 * @return bool
    65. 

  65. 	 */
    66. 

  66. 	public function matchesToken($token) {
    67. 

  67. 		$expected_token = $this->getToken();
    68. 

  68. 		return call_user_func($this->comparator, $expected_token, $token);
    69. 

  69. 	}
    70. 

  70. }
    71. 

  71.