‪TYPO3CMS  9.5
HashService.php
Go to the documentation of this file.
1 <?php
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
24 {
32  public function ‪generateHmac($string)
33  {
34  if (!is_string($string)) {
35  throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException('A hash can only be generated for a string, but "' . gettype($string) . '" was given.', 1255069587);
36  }
37  $encryptionKey = ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'];
38  if (!$encryptionKey) {
39  throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException('Encryption Key was empty!', 1255069597);
40  }
41  return hash_hmac('sha1', $string, $encryptionKey);
42  }
43 
52  public function ‪appendHmac($string)
53  {
54  $hmac = $this->‪generateHmac($string);
55  return $string . $hmac;
56  }
57 
65  public function ‪validateHmac($string, $hmac)
66  {
67  return hash_equals($this->‪generateHmac($string), $hmac);
68  }
69 
83  public function ‪validateAndStripHmac($string)
84  {
85  if (!is_string($string)) {
86  throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException('A hash can only be validated for a string, but "' . gettype($string) . '" was given.', 1320829762);
87  }
88  if (strlen($string) < 40) {
89  throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidArgumentForHashGenerationException('A hashed string must contain at least 40 characters, the given string was only ' . strlen($string) . ' characters long.', 1320830276);
90  }
91  $stringWithoutHmac = substr($string, 0, -40);
92  if ($this->‪validateHmac($stringWithoutHmac, substr($string, -40)) !== true) {
93  throw new \TYPO3\CMS\Extbase\Security\Exception\InvalidHashException('The given string was not appended with a valid HMAC.', 1320830018);
94  }
95  return $stringWithoutHmac;
96  }
97 }
‪TYPO3\CMS\Extbase\Security\Cryptography\HashService\validateAndStripHmac
‪string validateAndStripHmac($string)
Definition: HashService.php:83
‪TYPO3\CMS\Extbase\Security\Cryptography\HashService\generateHmac
‪string generateHmac($string)
Definition: HashService.php:32
‪TYPO3\CMS\Extbase\Security\Cryptography
Definition: HashService.php:2
‪TYPO3\CMS\Extbase\Security\Cryptography\HashService
Definition: HashService.php:24
‪TYPO3\CMS\Core\SingletonInterface
Definition: SingletonInterface.php:22
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:5
‪TYPO3\CMS\Extbase\Security\Cryptography\HashService\appendHmac
‪string appendHmac($string)
Definition: HashService.php:52
‪TYPO3\CMS\Extbase\Security\Cryptography\HashService\validateHmac
‪bool validateHmac($string, $hmac)
Definition: HashService.php:65