[ Index ]

PHP Cross Reference of DokuWiki

title

Body

[close]

/vendor/phpseclib/phpseclib/phpseclib/Crypt/ -> Hash.php (summary)

Wrapper around hash() and hash_hmac() functions supporting truncated hashes such as sha256-96.  Any hash algorithm returned by hash_algos() (and truncated versions thereof) are supported. If {@link self::setKey() setKey()} is called, {@link self::hash() hash()} will return the HMAC as opposed to the hash.

Author: Jim Wigginton
Author: Andreas Fischer
Copyright: 2015 Jim Wigginton
Copyright: 2015 Andreas Fischer
License: http://www.opensource.org/licenses/mit-license.html MIT License
Link: http://phpseclib.sourceforge.net
File Size: 1455 lines (47 kb)
Included or required:0 times
Referenced: 0 times
Includes or requires: 0 files

Defines 1 class

Hash:: (28 methods):
  __construct()
  setKey()
  setNonce()
  computeKey()
  getHash()
  setHash()
  kdf()
  pdf()
  uhash()
  L1Hash()
  nh()
  L2Hash()
  poly()
  L3Hash()
  hash()
  getLength()
  getLengthInBytes()
  getBlockLength()
  getBlockLengthInBytes()
  sha3_pad()
  sha3_32()
  processSHA3Block32()
  rotateLeft32()
  sha3_64()
  processSHA3Block64()
  rotateLeft64()
  sha512()
  __toString()


Class: Hash  - X-Ref


__construct($hash = 'sha256')   X-Ref
Default Constructor.

param: string $hash

setKey($key = false)   X-Ref
Sets the key for HMACs

Keys can be of any length.

param: string $key

setNonce($nonce = false)   X-Ref
Sets the nonce for UMACs

Keys can be of any length.

param: string $nonce

computeKey()   X-Ref
Pre-compute the key used by the HMAC

Quoting http://tools.ietf.org/html/rfc2104#section-2, "Applications that use keys longer than B bytes
will first hash the key using H and then use the resultant L byte string as the actual key to HMAC."

As documented in https://www.reddit.com/r/PHP/comments/9nct2l/symfonypolyfill_hash_pbkdf2_correct_fix_for/
when doing an HMAC multiple times it's faster to compute the hash once instead of computing it during
every call


getHash()   X-Ref
Gets the hash function.

As set by the constructor or by the setHash() method.

return: string

setHash($hash)   X-Ref
Sets the hash function.

param: string $hash

kdf($index, $numbytes)   X-Ref
KDF: Key-Derivation Function

The key-derivation function generates pseudorandom bits used to key the hash functions.

param: int $index a non-negative integer less than 2^64
param: int $numbytes a non-negative integer less than 2^64
return: string string of length numbytes bytes

pdf()   X-Ref
PDF Algorithm

return: string string of length taglen bytes.

uhash($m, $taglen)   X-Ref
UHASH Algorithm

param: string $m string of length less than 2^67 bits.
param: int $taglen the integer 4, 8, 12 or 16.
return: string string of length taglen bytes.

L1Hash($k, $m)   X-Ref
L1-HASH Algorithm

The first-layer hash breaks the message into 1024-byte chunks and
hashes each with a function called NH.  Concatenating the results
forms a string, which is up to 128 times shorter than the original.

param: string $k string of length 1024 bytes.
param: string $m string of length less than 2^67 bits.
return: string string of length (8 * ceil(bitlength(M)/8192)) bytes.

nh($k, $m, $length)   X-Ref
NH Algorithm

param: string $k string of length 1024 bytes.
param: string $m string with length divisible by 32 bytes.
return: string string of length 8 bytes.

L2Hash($k, $m)   X-Ref
L2-HASH: Second-Layer Hash

The second-layer rehashes the L1-HASH output using a polynomial hash
called POLY.  If the L1-HASH output is long, then POLY is called once
on a prefix of the L1-HASH output and called using different settings
on the remainder.  (This two-step hashing of the L1-HASH output is
needed only if the message length is greater than 16 megabytes.)
Careful implementation of POLY is necessary to avoid a possible
timing attack (see Section 6.6 for more information).

param: string $k string of length 24 bytes.
param: string $m string of length less than 2^64 bytes.
return: string string of length 16 bytes.

poly($wordbits, $maxwordrange, $k, $m)   X-Ref
POLY Algorithm

param: int $wordbits the integer 64 or 128.
param: BigInteger $maxwordrange positive integer less than 2^wordbits.
param: BigInteger $k integer in the range 0 ... prime(wordbits) - 1.
param: string $m string with length divisible by (wordbits / 8) bytes.
return: integer in the range 0 ... prime(wordbits) - 1.

L3Hash($k1, $k2, $m)   X-Ref
L3-HASH: Third-Layer Hash

The output from L2-HASH is 16 bytes long.  This final hash function
hashes the 16-byte string to a fixed length of 4 bytes.

param: string $k1 string of length 64 bytes.
param: string $k2 string of length 4 bytes.
param: string $m string of length 16 bytes.
return: string string of length 4 bytes.

hash($text)   X-Ref
Compute the Hash / HMAC / UMAC.

param: string $text
return: string

getLength()   X-Ref
Returns the hash length (in bits)

return: int

getLengthInBytes()   X-Ref
Returns the hash length (in bytes)

return: int

getBlockLength()   X-Ref
Returns the block length (in bits)

return: int

getBlockLengthInBytes()   X-Ref
Returns the block length (in bytes)

return: int

sha3_pad($padLength, $padType)   X-Ref
Pads SHA3 based on the mode

param: int $padLength
param: int $padType
return: string

sha3_32($p, $c, $r, $d, $padType)   X-Ref
Pure-PHP 32-bit implementation of SHA3

Whereas BigInteger.php's 32-bit engine works on PHP 64-bit this 32-bit implementation
of SHA3 will *not* work on PHP 64-bit. This is because this implementation
employees bitwise NOTs and bitwise left shifts. And the round constants only work
on 32-bit PHP. eg. dechex(-2147483648) returns 80000000 on 32-bit PHP and
FFFFFFFF80000000 on 64-bit PHP. Sure, we could do bitwise ANDs but that would slow
things down.

SHA512 requires BigInteger to simulate 64-bit unsigned integers because SHA2 employees
addition whereas SHA3 just employees bitwise operators. PHP64 only supports signed
64-bit integers, which complicates addition, whereas that limitation isn't an issue
for SHA3.

In https://ws680.nist.gov/publication/get_pdf.cfm?pub_id=919061#page=16 KECCAK[C] is
defined as "the KECCAK instance with KECCAK-f[1600] as the underlying permutation and
capacity c". This is relevant because, altho the KECCAK standard defines a mode
(KECCAK-f[800]) designed for 32-bit machines that mode is incompatible with SHA3

param: string $p
param: int $c
param: int $r
param: int $d
param: int $padType

processSHA3Block32(&$s)   X-Ref
32-bit block processing method for SHA3

param: array $s

rotateLeft32($x, $shift)   X-Ref
Rotate 32-bit int

param: array $x
param: int $shift

sha3_64($p, $c, $r, $d, $padType)   X-Ref
Pure-PHP 64-bit implementation of SHA3

param: string $p
param: int $c
param: int $r
param: int $d
param: int $padType

processSHA3Block64(&$s)   X-Ref
64-bit block processing method for SHA3

param: array $s

rotateLeft64($x, $shift)   X-Ref
Rotate 64-bit int

param: int $x
param: int $shift

sha512($m, $hash)   X-Ref
Pure-PHP implementation of SHA512

param: string $m
param: array $hash
return: string

__toString()   X-Ref
__toString() magic method