[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  /**
   4   * This is the HMACSHA1 implementation for the OpenID library.
   5   *
   6   * PHP versions 4 and 5
   7   *
   8   * LICENSE: See the COPYING file included in this distribution.
   9   *
  10   * @access private
  11   * @package OpenID
  12   * @author JanRain, Inc. <openid@janrain.com>
  13   * @copyright 2005-2008 Janrain, Inc.
  14   * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
  15   */
  16  
  17  // Do not allow direct access
  18  defined( '_JEXEC' ) or die( 'Restricted access' );
  19  
  20  require_once 'Auth/OpenID.php';
  21  
  22  /**
  23   * SHA1_BLOCKSIZE is this module's SHA1 blocksize used by the fallback
  24   * implementation.
  25   */
  26  define('Auth_OpenID_SHA1_BLOCKSIZE', 64);
  27  
  28  function Auth_OpenID_SHA1($text)
  29  {
  30      if (function_exists('hash') &&
  31          function_exists('hash_algos') &&
  32          (in_array('sha1', hash_algos()))) {
  33          // PHP 5 case (sometimes): 'hash' available and 'sha1' algo
  34          // supported.
  35          return hash('sha1', $text, true);
  36      } else if (function_exists('sha1')) {
  37          // PHP 4 case: 'sha1' available.
  38          $hex = sha1($text);
  39          $raw = '';
  40          for ($i = 0; $i < 40; $i += 2) {
  41              $hexcode = substr($hex, $i, 2);
  42              $charcode = (int)base_convert($hexcode, 16, 10);
  43              $raw .= chr($charcode);
  44          }
  45          return $raw;
  46      } else {
  47          // Explode.
  48          trigger_error('No SHA1 function found', E_USER_ERROR);
  49      }
  50  }
  51  
  52  /**
  53   * Compute an HMAC/SHA1 hash.
  54   *
  55   * @access private
  56   * @param string $key The HMAC key
  57   * @param string $text The message text to hash
  58   * @return string $mac The MAC
  59   */
  60  function Auth_OpenID_HMACSHA1($key, $text)
  61  {
  62      if (Auth_OpenID::bytes($key) > Auth_OpenID_SHA1_BLOCKSIZE) {
  63          $key = Auth_OpenID_SHA1($key, true);
  64      }
  65  
  66      $key = str_pad($key, Auth_OpenID_SHA1_BLOCKSIZE, chr(0x00));
  67      $ipad = str_repeat(chr(0x36), Auth_OpenID_SHA1_BLOCKSIZE);
  68      $opad = str_repeat(chr(0x5c), Auth_OpenID_SHA1_BLOCKSIZE);
  69      $hash1 = Auth_OpenID_SHA1(($key ^ $ipad) . $text, true);
  70      $hmac = Auth_OpenID_SHA1(($key ^ $opad) . $hash1, true);
  71      return $hmac;
  72  }
  73  
  74  if (function_exists('hash') &&
  75      function_exists('hash_algos') &&
  76      (in_array('sha256', hash_algos()))) {
  77      function Auth_OpenID_SHA256($text)
  78      {
  79          // PHP 5 case: 'hash' available and 'sha256' algo supported.
  80          return hash('sha256', $text, true);
  81      }
  82      define('Auth_OpenID_SHA256_SUPPORTED', true);
  83  } else {
  84      define('Auth_OpenID_SHA256_SUPPORTED', false);
  85  }
  86  
  87  if (function_exists('hash_hmac') &&
  88      function_exists('hash_algos') &&
  89      (in_array('sha256', hash_algos()))) {
  90  
  91      function Auth_OpenID_HMACSHA256($key, $text)
  92      {
  93          // Return raw MAC (not hex string).
  94          return hash_hmac('sha256', $text, $key, true);
  95      }
  96  
  97      define('Auth_OpenID_HMACSHA256_SUPPORTED', true);
  98  } else {
  99      define('Auth_OpenID_HMACSHA256_SUPPORTED', false);
 100  }
 101  
 102  ?>