/** * Class constructor * * @param string $salt */ public function __construct($salt = null) { if ($salt === null) { $salt = Steelcode_String_Helper::randomString(32); } if (32 === Steelcode_String_Helper::safeLength($salt)) { $this->_salt = $salt; } else { throw new Steelcode_Crypto_Exception('Salt should be exactly 32 characters long'); } }
/** * Verify signature of a token * * @param string $message * @param string $signature * * @return bool */ private function _verify($message, $signature) { list($function, $algorithm) = $this->_methods[$this->_algorithm]; $verified = false; switch ($function) { case 'hash_hmac': $hash = hash_hmac($algorithm, $message, $this->_key, true); $length = min(Steelcode_String_Helper::safeLength($signature), Steelcode_String_Helper::safeLength($hash)); $status = 0; for ($count = 0; $count < $length; $count++) { $status |= ord($signature[$count]) ^ ord($hash[$count]); } $status |= Steelcode_String_Helper::safeLength($signature) ^ Steelcode_String_Helper::safeLength($hash); $verified = $status === 0; break; case 'openssl': $status = openssl_verify($message, $signature, $this->_key, $this->_algorithm); if ($status === false) { $this->_setMessage('OpenSSL could not verify the signature'); } $verified = $signature; break; } return $verified; }