[TASK] Merge submodule extbase into core
[Packages/TYPO3.CMS.git] / typo3 / sysext / extbase / Classes / Security / Cryptography / HashService.php
1 <?php
2 namespace TYPO3\CMS\Extbase\Security\Cryptography;
3
4 /***************************************************************
5 * Copyright notice
6 *
7 * (c) 2010-2013 Extbase Team (http://forge.typo3.org/projects/typo3v4-mvc)
8 * Extbase is a backport of TYPO3 Flow. All credits go to the TYPO3 Flow team.
9 * All rights reserved
10 *
11 * This script is part of the TYPO3 project. The TYPO3 project is
12 * free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 2 of the License, or
15 * (at your option) any later version.
16 *
17 * The GNU General Public License can be found at
18 * http://www.gnu.org/copyleft/gpl.html.
19 * A copy is found in the textfile GPL.txt and important notices to the license
20 * from the author is found in LICENSE.txt distributed with these scripts.
21 *
22 *
23 * This script is distributed in the hope that it will be useful,
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26 * GNU General Public License for more details.
27 *
28 * This copyright notice MUST APPEAR in all copies of the script!
29 ***************************************************************/
30 /**
31 * A hash service which should be used to generate and validate hashes.
32 *
33 * It will use some salt / encryption key in the future.
34 *
35 * @license http://www.gnu.org/licenses/lgpl.html GNU Lesser Public License, version 3 or later
36 */
37 class HashService implements \TYPO3\CMS\Core\SingletonInterface {
38
39 /**
40 * Generate a hash for a given string
41 *
42 * @param string $string The string for which a hash should be generated
43 * @return string The hash of the string
44 * @deprecated since Extbase 6.0, will be removed in Extbase 6.2
45 */
46 public function generateHash($string) {
47 \TYPO3\CMS\Core\Utility\GeneralUtility::logDeprecatedFunction();
48 return $this->generateHmac($string);
49 }
50
51 /**
52 * Generate a hash (HMAC) for a given string
53 *
54 * @param string $string The string for which a hash should be generated
55 * @return string The hash of the string
56 * @throws \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException if something else than a string was given as parameter
57 */
58 public function generateHmac($string) {
59 if (!is_string($string)) {
60 throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException('A hash can only be generated for a string, but "' . gettype($string) . '" was given.', 1255069587);
61 }
62 $encryptionKey = $GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'];
63 if (!$encryptionKey) {
64 throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException('Encryption Key was empty!', 1255069597);
65 }
66 return hash_hmac('sha1', $string, $encryptionKey);
67 }
68
69 /**
70 * Appends a hash (HMAC) to a given string and returns the result
71 *
72 * @param string $string The string for which a hash should be generated
73 * @return string The original string with HMAC of the string appended
74 * @see generateHmac()
75 * @todo Mark as API once it is more stable
76 */
77 public function appendHmac($string) {
78 $hmac = $this->generateHmac($string);
79 return $string . $hmac;
80 }
81
82 /**
83 * Test if a string $string has the hash given by $hash.
84 *
85 * @param string $string The string which should be validated
86 * @param string $hash The hash of the string
87 * @return boolean TRUE if string and hash fit together, FALSE otherwise.
88 * @deprecated since Extbase 6.0, will be removed in Extbase 6.2
89 */
90 public function validateHash($string, $hash) {
91 \TYPO3\CMS\Core\Utility\GeneralUtility::logDeprecatedFunction();
92 return $this->validateHmac($string, $hash);
93 }
94
95 /**
96 * Tests if a string $string matches the HMAC given by $hash.
97 *
98 * @param string $string The string which should be validated
99 * @param string $hmac The hash of the string
100 * @return boolean TRUE if string and hash fit together, FALSE otherwise.
101 */
102 public function validateHmac($string, $hmac) {
103 return $this->generateHmac($string) === $hmac;
104 }
105
106 /**
107 * Tests if the last 40 characters of a given string $string
108 * matches the HMAC of the rest of the string and, if true,
109 * returns the string without the HMAC. In case of a HMAC
110 * validation error, an exception is thrown.
111 *
112 * @param string $string The string with the HMAC appended (in the format 'string<HMAC>')
113 * @return string the original string without the HMAC, if validation was successful
114 * @see validateHmac()
115 * @throws \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException if the given string is not well-formatted
116 * @throws \TYPO3\CMS\Extbase\Security\Exception\InvalidHashException if the hash did not fit to the data.
117 * @todo Mark as API once it is more stable
118 */
119 public function validateAndStripHmac($string) {
120 if (!is_string($string)) {
121 throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException('A hash can only be validated for a string, but "' . gettype($string) . '" was given.', 1320829762);
122 }
123 if (strlen($string) < 40) {
124 throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException('A hashed string must contain at least 40 characters, the given string was only ' . strlen($string) . ' characters long.', 1320830276);
125 }
126 $stringWithoutHmac = substr($string, 0, -40);
127 if ($this->validateHmac($stringWithoutHmac, substr($string, -40)) !== TRUE) {
128 throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidHashException('The given string was not appended with a valid HMAC.', 1320830018);
129 }
130 return $stringWithoutHmac;
131 }
132 }
133
134 ?>