import v1.1.0_beta1 | 2009-08-21

libs/Auth/OpenID/HMAC.php

@@ -0,0 +1,99 @@
+<?php
+
+/**
+ * This is the HMACSHA1 implementation for the OpenID library.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @access private
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005-2008 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+require_once 'Auth/OpenID.php';
+
+/**
+ * SHA1_BLOCKSIZE is this module's SHA1 blocksize used by the fallback
+ * implementation.
+ */
+define('Auth_OpenID_SHA1_BLOCKSIZE', 64);
+
+function Auth_OpenID_SHA1($text)
+{
+    if (function_exists('hash') &&
+        function_exists('hash_algos') &&
+        (in_array('sha1', hash_algos()))) {
+        // PHP 5 case (sometimes): 'hash' available and 'sha1' algo
+        // supported.
+        return hash('sha1', $text, true);
+    } else if (function_exists('sha1')) {
+        // PHP 4 case: 'sha1' available.
+        $hex = sha1($text);
+        $raw = '';
+        for ($i = 0; $i < 40; $i += 2) {
+            $hexcode = substr($hex, $i, 2);
+            $charcode = (int)base_convert($hexcode, 16, 10);
+            $raw .= chr($charcode);
+        }
+        return $raw;
+    } else {
+        // Explode.
+        trigger_error('No SHA1 function found', E_USER_ERROR);
+    }
+}
+
+/**
+ * Compute an HMAC/SHA1 hash.
+ *
+ * @access private
+ * @param string $key The HMAC key
+ * @param string $text The message text to hash
+ * @return string $mac The MAC
+ */
+function Auth_OpenID_HMACSHA1($key, $text)
+{
+    if (Auth_OpenID::bytes($key) > Auth_OpenID_SHA1_BLOCKSIZE) {
+        $key = Auth_OpenID_SHA1($key, true);
+    }
+
+    $key = str_pad($key, Auth_OpenID_SHA1_BLOCKSIZE, chr(0x00));
+    $ipad = str_repeat(chr(0x36), Auth_OpenID_SHA1_BLOCKSIZE);
+    $opad = str_repeat(chr(0x5c), Auth_OpenID_SHA1_BLOCKSIZE);
+    $hash1 = Auth_OpenID_SHA1(($key ^ $ipad) . $text, true);
+    $hmac = Auth_OpenID_SHA1(($key ^ $opad) . $hash1, true);
+    return $hmac;
+}
+
+if (function_exists('hash') &&
+    function_exists('hash_algos') &&
+    (in_array('sha256', hash_algos()))) {
+    function Auth_OpenID_SHA256($text)
+    {
+        // PHP 5 case: 'hash' available and 'sha256' algo supported.
+        return hash('sha256', $text, true);
+    }
+    define('Auth_OpenID_SHA256_SUPPORTED', true);
+} else {
+    define('Auth_OpenID_SHA256_SUPPORTED', false);
+}
+
+if (function_exists('hash_hmac') &&
+    function_exists('hash_algos') &&
+    (in_array('sha256', hash_algos()))) {
+
+    function Auth_OpenID_HMACSHA256($key, $text)
+    {
+        // Return raw MAC (not hex string).
+        return hash_hmac('sha256', $text, $key, true);
+    }
+
+    define('Auth_OpenID_HMACSHA256_SUPPORTED', true);
+} else {
+    define('Auth_OpenID_HMACSHA256_SUPPORTED', false);
+}
+
+?>