예제 #1
0
 /**
  * Class constructor
  *
  * @param string $salt
  */
 public function __construct($salt = null)
 {
     if ($salt === null) {
         $salt = Steelcode_String_Helper::randomString(32);
     }
     if (32 === Steelcode_String_Helper::safeLength($salt)) {
         $this->_salt = $salt;
     } else {
         throw new Steelcode_Crypto_Exception('Salt should be exactly 32 characters long');
     }
 }
예제 #2
0
 /**
  * Verify signature of a token
  *
  * @param string $message
  * @param string $signature
  *
  * @return bool
  */
 private function _verify($message, $signature)
 {
     list($function, $algorithm) = $this->_methods[$this->_algorithm];
     $verified = false;
     switch ($function) {
         case 'hash_hmac':
             $hash = hash_hmac($algorithm, $message, $this->_key, true);
             $length = min(Steelcode_String_Helper::safeLength($signature), Steelcode_String_Helper::safeLength($hash));
             $status = 0;
             for ($count = 0; $count < $length; $count++) {
                 $status |= ord($signature[$count]) ^ ord($hash[$count]);
             }
             $status |= Steelcode_String_Helper::safeLength($signature) ^ Steelcode_String_Helper::safeLength($hash);
             $verified = $status === 0;
             break;
         case 'openssl':
             $status = openssl_verify($message, $signature, $this->_key, $this->_algorithm);
             if ($status === false) {
                 $this->_setMessage('OpenSSL could not verify the signature');
             }
             $verified = $signature;
             break;
     }
     return $verified;
 }