Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
50.00% |
8 / 16 |
|
50.00% |
2 / 4 |
CRAP | |
0.00% |
0 / 1 |
| MWCryptHash | |
50.00% |
8 / 16 |
|
50.00% |
2 / 4 |
19.12 | |
0.00% |
0 / 1 |
| hashAlgo | |
30.00% |
3 / 10 |
|
0.00% |
0 / 1 |
9.49 | |||
| hashLength | |
100.00% |
2 / 2 |
|
100.00% |
1 / 1 |
2 | |||
| hash | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| hmac | |
66.67% |
2 / 3 |
|
0.00% |
0 / 1 |
2.15 | |||
| 1 | <?php |
| 2 | /** |
| 3 | * Utility functions for generating hashes |
| 4 | * |
| 5 | * This is based in part on Drupal code as well as what we used in our own code |
| 6 | * prior to introduction of this class, by way of MWCryptRand. |
| 7 | * |
| 8 | * This program is free software; you can redistribute it and/or modify |
| 9 | * it under the terms of the GNU General Public License as published by |
| 10 | * the Free Software Foundation; either version 2 of the License, or |
| 11 | * (at your option) any later version. |
| 12 | * |
| 13 | * This program is distributed in the hope that it will be useful, |
| 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 16 | * GNU General Public License for more details. |
| 17 | * |
| 18 | * You should have received a copy of the GNU General Public License along |
| 19 | * with this program; if not, write to the Free Software Foundation, Inc., |
| 20 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
| 21 | * http://www.gnu.org/copyleft/gpl.html |
| 22 | * |
| 23 | * @file |
| 24 | */ |
| 25 | |
| 26 | class MWCryptHash { |
| 27 | /** |
| 28 | * The hash algorithm being used |
| 29 | */ |
| 30 | protected static ?string $algo = null; |
| 31 | |
| 32 | /** |
| 33 | * The number of bytes outputted by the hash algorithm |
| 34 | */ |
| 35 | protected static int $hashLength; |
| 36 | |
| 37 | /** |
| 38 | * Decide on the best acceptable hash algorithm we have available for hash() |
| 39 | * @return string A hash algorithm |
| 40 | */ |
| 41 | public static function hashAlgo() { |
| 42 | $algorithm = self::$algo; |
| 43 | if ( $algorithm !== null ) { |
| 44 | return $algorithm; |
| 45 | } |
| 46 | |
| 47 | $algos = hash_hmac_algos(); |
| 48 | $preference = [ 'whirlpool', 'sha256' ]; |
| 49 | |
| 50 | foreach ( $preference as $algorithm ) { |
| 51 | if ( in_array( $algorithm, $algos, true ) ) { |
| 52 | self::$algo = $algorithm; |
| 53 | return $algorithm; |
| 54 | } |
| 55 | } |
| 56 | |
| 57 | throw new DomainException( 'Could not find an acceptable hashing function.' ); |
| 58 | } |
| 59 | |
| 60 | /** |
| 61 | * Return the byte-length output of the hash algorithm we are |
| 62 | * using in self::hash and self::hmac. |
| 63 | * |
| 64 | * @param bool $raw True to return the length for binary data, false to |
| 65 | * return for hex-encoded |
| 66 | * @return int Number of bytes the hash outputs |
| 67 | */ |
| 68 | public static function hashLength( $raw = true ) { |
| 69 | self::$hashLength ??= strlen( self::hash( '', true ) ); |
| 70 | // Optimisation: Skip computing the length of non-raw hashes. |
| 71 | // The algos in hashAlgo() all produce a digest that is a multiple |
| 72 | // of 8 bits, where hex is always twice the length of binary byte length. |
| 73 | return $raw ? self::$hashLength : self::$hashLength * 2; |
| 74 | } |
| 75 | |
| 76 | /** |
| 77 | * Generate a cryptographic hash value (message digest) for a string, |
| 78 | * making use of the best hash algorithm that we have available. |
| 79 | * |
| 80 | * @param string $data |
| 81 | * @param bool $raw True to return binary data, false to return it hex-encoded |
| 82 | * @return string A hash of the data |
| 83 | */ |
| 84 | public static function hash( $data, $raw = true ) { |
| 85 | return hash( self::hashAlgo(), $data, $raw ); |
| 86 | } |
| 87 | |
| 88 | /** |
| 89 | * Generate a keyed cryptographic hash value (HMAC) for a string, |
| 90 | * making use of the best hash algorithm that we have available. |
| 91 | * |
| 92 | * @param string $data |
| 93 | * @param string $key |
| 94 | * @param bool $raw True to return binary data, false to return it hex-encoded |
| 95 | * @return string An HMAC hash of the data + key |
| 96 | */ |
| 97 | public static function hmac( $data, $key, $raw = true ) { |
| 98 | if ( !is_string( $key ) ) { |
| 99 | // hash_hmac tolerates non-string (would return null with warning) |
| 100 | throw new InvalidArgumentException( 'Invalid key type: ' . gettype( $key ) ); |
| 101 | } |
| 102 | return hash_hmac( self::hashAlgo(), $data, $key, $raw ); |
| 103 | } |
| 104 | |
| 105 | } |