[CLEANUP] Adjust code to coding guidelines
[Packages/TYPO3.CMS.git] / typo3 / sysext / extbase / Classes / Security / Cryptography / HashService.php
1 <?php
2 namespace TYPO3\CMS\Extbase\Security\Cryptography;
3
4 /***************************************************************
5 * Copyright notice
6 *
7 * (c) 2009 Sebastian Kurf├╝rst <sebastian@typo3.org>
8 * All rights reserved
9 *
10 * This class is a backport of the corresponding class of TYPO3 Flow.
11 * All credits go to the TYPO3 Flow team.
12 *
13 * This script is part of the TYPO3 project. The TYPO3 project is
14 * free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2 of the License, or
17 * (at your option) any later version.
18 *
19 * The GNU General Public License can be found at
20 * http://www.gnu.org/copyleft/gpl.html.
21 *
22 * This script is distributed in the hope that it will be useful,
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 * GNU General Public License for more details.
26 *
27 * This copyright notice MUST APPEAR in all copies of the script!
28 ***************************************************************/
29 /**
30 * A hash service which should be used to generate and validate hashes.
31 *
32 * It will use some salt / encryption key in the future.
33 *
34 * @license http://www.gnu.org/licenses/lgpl.html GNU Lesser Public License, version 3 or later
35 */
36 class HashService implements \TYPO3\CMS\Core\SingletonInterface {
37
38 /**
39 * Generate a hash for a given string
40 *
41 * @param string $string The string for which a hash should be generated
42 * @return string The hash of the string
43 * @deprecated since Extbase 6.0, will be removed in Extbase 6.2
44 */
45 public function generateHash($string) {
46 \TYPO3\CMS\Core\Utility\GeneralUtility::logDeprecatedFunction();
47 return $this->generateHmac($string);
48 }
49
50 /**
51 * Generate a hash (HMAC) for a given string
52 *
53 * @param string $string The string for which a hash should be generated
54 * @return string The hash of the string
55 * @throws \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException if something else than a string was given as parameter
56 */
57 public function generateHmac($string) {
58 if (!is_string($string)) {
59 throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException('A hash can only be generated for a string, but "' . gettype($string) . '" was given.', 1255069587);
60 }
61 $encryptionKey = $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'];
62 if (!$encryptionKey) {
63 throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException('Encryption Key was empty!', 1255069597);
64 }
65 return hash_hmac('sha1', $string, $encryptionKey);
66 }
67
68 /**
69 * Appends a hash (HMAC) to a given string and returns the result
70 *
71 * @param string $string The string for which a hash should be generated
72 * @return string The original string with HMAC of the string appended
73 * @see generateHmac()
74 * @todo Mark as API once it is more stable
75 */
76 public function appendHmac($string) {
77 $hmac = $this->generateHmac($string);
78 return $string . $hmac;
79 }
80
81 /**
82 * Test if a string $string has the hash given by $hash.
83 *
84 * @param string $string The string which should be validated
85 * @param string $hash The hash of the string
86 * @return boolean TRUE if string and hash fit together, FALSE otherwise.
87 * @deprecated since Extbase 6.0, will be removed in Extbase 6.2
88 */
89 public function validateHash($string, $hash) {
90 \TYPO3\CMS\Core\Utility\GeneralUtility::logDeprecatedFunction();
91 return $this->validateHmac($string, $hash);
92 }
93
94 /**
95 * Tests if a string $string matches the HMAC given by $hash.
96 *
97 * @param string $string The string which should be validated
98 * @param string $hmac The hash of the string
99 * @return boolean TRUE if string and hash fit together, FALSE otherwise.
100 */
101 public function validateHmac($string, $hmac) {
102 return $this->generateHmac($string) === $hmac;
103 }
104
105 /**
106 * Tests if the last 40 characters of a given string $string
107 * matches the HMAC of the rest of the string and, if true,
108 * returns the string without the HMAC. In case of a HMAC
109 * validation error, an exception is thrown.
110 *
111 * @param string $string The string with the HMAC appended (in the format 'string<HMAC>')
112 * @return string the original string without the HMAC, if validation was successful
113 * @see validateHmac()
114 * @throws \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException if the given string is not well-formatted
115 * @throws \TYPO3\CMS\Extbase\Security\Exception\InvalidHashException if the hash did not fit to the data.
116 * @todo Mark as API once it is more stable
117 */
118 public function validateAndStripHmac($string) {
119 if (!is_string($string)) {
120 throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException('A hash can only be validated for a string, but "' . gettype($string) . '" was given.', 1320829762);
121 }
122 if (strlen($string) < 40) {
123 throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException('A hashed string must contain at least 40 characters, the given string was only ' . strlen($string) . ' characters long.', 1320830276);
124 }
125 $stringWithoutHmac = substr($string, 0, -40);
126 if ($this->validateHmac($stringWithoutHmac, substr($string, -40)) !== TRUE) {
127 throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidHashException('The given string was not appended with a valid HMAC.', 1320830018);
128 }
129 return $stringWithoutHmac;
130 }
131 }
132
133 ?>