1<?php 2// +-----------------------------------------------------------------------+ 3// | Copyright (c) 2002-2003 Richard Heyes | 4// | All rights reserved. | 5// | | 6// | Redistribution and use in source and binary forms, with or without | 7// | modification, are permitted provided that the following conditions | 8// | are met: | 9// | | 10// | o Redistributions of source code must retain the above copyright | 11// | notice, this list of conditions and the following disclaimer. | 12// | o Redistributions in binary form must reproduce the above copyright | 13// | notice, this list of conditions and the following disclaimer in the | 14// | documentation and/or other materials provided with the distribution.| 15// | o The names of the authors may not be used to endorse or promote | 16// | products derived from this software without specific prior written | 17// | permission. | 18// | | 19// | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | 20// | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | 21// | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | 22// | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | 23// | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | 24// | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | 25// | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | 26// | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | 27// | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 28// | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 29// | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 30// | | 31// +-----------------------------------------------------------------------+ 32// | Author: Richard Heyes <richard@php.net> | 33// +-----------------------------------------------------------------------+ 34// 35// $Id$ 36 37/** 38* Common functionality to SASL mechanisms 39* 40* @author Richard Heyes <richard@php.net> 41* @access public 42* @version 1.0 43* @package Auth_SASL 44*/ 45 46/** 47 * Z-Push changes 48 * 49 * removed PEAR dependency by implementing own raiseError() 50 * 51 * Reference implementation used: 52 * http://download.pear.php.net/package/Auth_SASL-1.0.6.tgz 53 * 54 * 55 */ 56 57class Auth_SASL_Common 58{ 59 /** 60 * Function which implements HMAC MD5 digest 61 * 62 * @param string $key The secret key 63 * @param string $data The data to hash 64 * @param bool $raw_output Whether the digest is returned in binary or hexadecimal format. 65 * 66 * @return string The HMAC-MD5 digest 67 */ 68 function _HMAC_MD5($key, $data, $raw_output = FALSE) 69 { 70 if (strlen($key) > 64) { 71 $key = pack('H32', md5($key)); 72 } 73 74 if (strlen($key) < 64) { 75 $key = str_pad($key, 64, chr(0)); 76 } 77 78 $k_ipad = substr($key, 0, 64) ^ str_repeat(chr(0x36), 64); 79 $k_opad = substr($key, 0, 64) ^ str_repeat(chr(0x5C), 64); 80 81 $inner = pack('H32', md5($k_ipad . $data)); 82 $digest = md5($k_opad . $inner, $raw_output); 83 84 return $digest; 85 } 86 87 /** 88 * Function which implements HMAC-SHA-1 digest 89 * 90 * @param string $key The secret key 91 * @param string $data The data to hash 92 * @param bool $raw_output Whether the digest is returned in binary or hexadecimal format. 93 * @return string The HMAC-SHA-1 digest 94 * @author Jehan <jehan.marmottard@gmail.com> 95 * @access protected 96 */ 97 protected function _HMAC_SHA1($key, $data, $raw_output = FALSE) 98 { 99 if (strlen($key) > 64) { 100 $key = sha1($key, TRUE); 101 } 102 103 if (strlen($key) < 64) { 104 $key = str_pad($key, 64, chr(0)); 105 } 106 107 $k_ipad = substr($key, 0, 64) ^ str_repeat(chr(0x36), 64); 108 $k_opad = substr($key, 0, 64) ^ str_repeat(chr(0x5C), 64); 109 110 $inner = pack('H40', sha1($k_ipad . $data)); 111 $digest = sha1($k_opad . $inner, $raw_output); 112 113 return $digest; 114 } 115 116/** 117 * Z-Push helper for error logging 118 * removing PEAR dependency 119 * 120 * @param string debug message 121 * @return boolean always false as there was an error 122 * @access private 123 */ 124 function raiseError($message) { 125 ZLog::Write(LOGLEVEL_ERROR, "SCRAM error: ". $message); 126 return false; 127 } 128}