mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-01-04 01:01:41 +09:00
Import cryptographic signature functions from XE 1.8.23
This commit is contained in:
Kijin Sung
parent
09234c7b55
commit
910f7220e6
3 changed files with 51 additions and 2 deletions
|
|
@ -58,7 +58,22 @@ class Password
|
|||
{
|
||||
return Rhymix\Framework\Password::getRandomPassword($length);
|
||||
}
|
||||
|
||||
|
||||
public function createSignature($string)
|
||||
{
|
||||
return Rhymix\Framework\Security::createSignature($string);
|
||||
}
|
||||
|
||||
public function checkSignature($string, $signature)
|
||||
{
|
||||
return Rhymix\Framework\Security::verifySignature($string, $signature);
|
||||
}
|
||||
|
||||
public function getSecretKey()
|
||||
{
|
||||
return config('crypto.authentication_key');
|
||||
}
|
||||
|
||||
public function pbkdf2($password, $salt, $algorithm = 'sha256', $iterations = 8192, $length = 24)
|
||||
{
|
||||
$hash = Rhymix\Framework\Security::pbkdf2($password, $salt, $algorithm, $iterations, $length);
|
||||
|
|
|
|||
|
|
@ -160,7 +160,7 @@ class ConfigParser
|
|||
|
||||
// Create new crypto keys.
|
||||
$config['crypto']['encryption_key'] = Security::getRandom(64, 'alnum');
|
||||
$config['crypto']['authentication_key'] = Security::getRandom(64, 'alnum');
|
||||
$config['crypto']['authentication_key'] = $db_info->secret_key ?: Security::getRandom(64, 'alnum');
|
||||
$config['crypto']['session_key'] = Security::getRandom(64, 'alnum');
|
||||
|
||||
// Convert language configuration.
|
||||
|
|
|
|||
|
|
@ -112,6 +112,40 @@ class Security
|
|||
return \CryptoCompat::decrypt($ciphertext, $key);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a digital signature to verify the authenticity of a string.
|
||||
*
|
||||
* @param string $string
|
||||
* @return string
|
||||
*/
|
||||
public static function createSignature($string)
|
||||
{
|
||||
$key = config('crypto.authentication_key');
|
||||
$salt = self::getRandom(8, 'alnum');
|
||||
$hash = substr(base64_encode(hash_hmac('sha256', hash_hmac('sha256', $string, $salt), $key, true)), 0, 32);
|
||||
return $salt . strtr($hash, '+/', '-_');
|
||||
}
|
||||
|
||||
/**
|
||||
* Check whether a signature is valid.
|
||||
*
|
||||
* @param string $string
|
||||
* @param string $signature
|
||||
* @return bool
|
||||
*/
|
||||
public static function verifySignature($string, $signature)
|
||||
{
|
||||
if(strlen($signature) !== 40)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
$key = config('crypto.authentication_key');
|
||||
$salt = substr($signature, 0, 8);
|
||||
$hash = substr(base64_encode(hash_hmac('sha256', hash_hmac('sha256', $string, $salt), $key, true)), 0, 32);
|
||||
return self::compareStrings(substr($signature, 8), strtr($hash, '+/', '-_'));
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a cryptographically secure random string.
|
||||
*
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue