/**
* Class constructor
*
* @param string $salt
*/
public function __construct($salt = null)
{
if ($salt === null) {
$salt = Steelcode_String_Helper::randomString(32);
}
if (32 === Steelcode_String_Helper::safeLength($salt)) {
$this->_salt = $salt;
} else {
throw new Steelcode_Crypto_Exception('Salt should be exactly 32 characters long');
}
}
/**
* Verify signature of a token
*
* @param string $message
* @param string $signature
*
* @return bool
*/
private function _verify($message, $signature)
{
list($function, $algorithm) = $this->_methods[$this->_algorithm];
$verified = false;
switch ($function) {
case 'hash_hmac':
$hash = hash_hmac($algorithm, $message, $this->_key, true);
$length = min(Steelcode_String_Helper::safeLength($signature), Steelcode_String_Helper::safeLength($hash));
$status = 0;
for ($count = 0; $count < $length; $count++) {
$status |= ord($signature[$count]) ^ ord($hash[$count]);
}
$status |= Steelcode_String_Helper::safeLength($signature) ^ Steelcode_String_Helper::safeLength($hash);
$verified = $status === 0;
break;
case 'openssl':
$status = openssl_verify($message, $signature, $this->_key, $this->_algorithm);
if ($status === false) {
$this->_setMessage('OpenSSL could not verify the signature');
}
$verified = $signature;
break;
}
return $verified;
}
