|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* Cryptographic protocol for password-based authentication. |
|
5
|
|
|
*/ |
|
6
|
|
|
|
|
7
|
|
|
namespace CryptoManana\CryptographicProtocol; |
|
8
|
|
|
|
|
9
|
|
|
use CryptoManana\Core\Abstractions\Containers\AbstractCryptographicProtocol as CryptographicProtocol; |
|
10
|
|
|
use CryptoManana\Core\Abstractions\MessageDigestion\AbstractHashAlgorithm as HashFunction; |
|
11
|
|
|
use CryptoManana\Core\Interfaces\Containers\EntityIdentificationInterface as IdentifyEntities; |
|
12
|
|
|
use CryptoManana\Core\Interfaces\Containers\EntityAuthenticationInterface as AuthenticateEntities; |
|
13
|
|
|
use CryptoManana\Core\Interfaces\MessageDigestion\SecureVerificationInterface as VerificationAlgorithm; |
|
14
|
|
|
use CryptoManana\Core\Interfaces\Containers\VerificationAlgorithmInjectableInterface as HashAlgorithmSetter; |
|
15
|
|
|
use CryptoManana\Core\Traits\Containers\VerificationAlgorithmInjectableTrait as HashAlgorithmSetterImplementation; |
|
16
|
|
|
use CryptoManana\Core\Traits\Containers\EntityIdentificationTrait as EntityIdentificationProcess; |
|
17
|
|
|
|
|
18
|
|
|
/** |
|
19
|
|
|
* Class PasswordBasedAuthentication - The password-based authentication protocol object. |
|
20
|
|
|
* |
|
21
|
|
|
* @package CryptoManana\CryptographicProtocol |
|
22
|
|
|
* |
|
23
|
|
|
* @mixin HashAlgorithmSetterImplementation |
|
24
|
|
|
* @mixin EntityIdentificationProcess |
|
25
|
|
|
*/ |
|
26
|
|
|
class PasswordBasedAuthentication extends CryptographicProtocol implements |
|
27
|
|
|
HashAlgorithmSetter, |
|
28
|
|
|
IdentifyEntities, |
|
29
|
|
|
AuthenticateEntities |
|
30
|
|
|
{ |
|
31
|
|
|
/** |
|
32
|
|
|
* The verification message digestion service dependency injection via a setter method implementation. |
|
33
|
|
|
* |
|
34
|
|
|
* {@internal Reusable implementation of `VerificationAlgorithmInjectableInterface`. }} |
|
35
|
|
|
*/ |
|
36
|
|
|
use HashAlgorithmSetterImplementation; |
|
37
|
|
|
|
|
38
|
|
|
/** |
|
39
|
|
|
* The entity identification capabilities. |
|
40
|
|
|
* |
|
41
|
|
|
* {@internal Reusable implementation of `EntityIdentificationInterface`. }} |
|
42
|
|
|
*/ |
|
43
|
|
|
use EntityIdentificationProcess; |
|
44
|
|
|
|
|
45
|
|
|
/** |
|
46
|
|
|
* The message digestion and verification service property storage. |
|
47
|
|
|
* |
|
48
|
|
|
* @var HashFunction|VerificationAlgorithm|null The message digestion service. |
|
49
|
|
|
*/ |
|
50
|
|
|
protected $verificationSource = null; |
|
51
|
|
|
|
|
52
|
|
|
/** |
|
53
|
|
|
* Container constructor. |
|
54
|
|
|
* |
|
55
|
|
|
* @param HashFunction|VerificationAlgorithm|null $hasher The message digestion and verification service. |
|
56
|
|
|
* |
|
57
|
|
|
* @throws \Exception Initialization validation. |
|
58
|
|
|
* |
|
59
|
|
|
* @note If `null` is passed, then the comparison will be raw binary based. |
|
60
|
|
|
*/ |
|
61
|
16 |
|
public function __construct(VerificationAlgorithm $hasher = null) |
|
62
|
|
|
{ |
|
63
|
16 |
|
$this->verificationSource = $hasher; |
|
64
|
|
|
} |
|
65
|
|
|
|
|
66
|
|
|
/** |
|
67
|
|
|
* Container destructor. |
|
68
|
|
|
*/ |
|
69
|
16 |
|
public function __destruct() |
|
70
|
|
|
{ |
|
71
|
16 |
|
unset($this->verificationSource); |
|
72
|
|
|
} |
|
73
|
|
|
|
|
74
|
|
|
/** |
|
75
|
|
|
* Container cloning via deep copy. |
|
76
|
|
|
*/ |
|
77
|
2 |
|
public function __clone() |
|
78
|
|
|
{ |
|
79
|
2 |
|
if ($this->verificationSource !== null) { |
|
80
|
2 |
|
$this->verificationSource = clone $this->verificationSource; |
|
81
|
|
|
} |
|
82
|
|
|
} |
|
83
|
|
|
|
|
84
|
|
|
/** |
|
85
|
|
|
* Authenticate a user or a client entity. |
|
86
|
|
|
* |
|
87
|
|
|
* @param string $correctPassphrase The correct passphrase information. |
|
88
|
|
|
* @param string $suppliedPassphrase The supplied passphrase information. |
|
89
|
|
|
* |
|
90
|
|
|
* @return bool The identity authentication result. |
|
91
|
|
|
* @throws \Exception Validation errors. |
|
92
|
|
|
*/ |
|
93
|
6 |
|
public function authenticateEntity($correctPassphrase, $suppliedPassphrase) |
|
94
|
|
|
{ |
|
95
|
6 |
|
if (!is_string($correctPassphrase)) { |
|
96
|
2 |
|
throw new \InvalidArgumentException( |
|
97
|
2 |
|
'The correct passphrase or hash value for verification must be a string or a binary string.' |
|
98
|
2 |
|
); |
|
99
|
4 |
|
} elseif (!is_string($suppliedPassphrase)) { |
|
100
|
2 |
|
throw new \InvalidArgumentException( |
|
101
|
2 |
|
'The supplied user passphrase value must be a string or a binary string.' |
|
102
|
2 |
|
); |
|
103
|
|
|
} |
|
104
|
|
|
|
|
105
|
2 |
|
if ($this->verificationSource !== null) { |
|
106
|
2 |
|
return $this->verificationSource->verifyHash($suppliedPassphrase, $correctPassphrase); |
|
107
|
|
|
} else { |
|
108
|
2 |
|
return hash_equals($correctPassphrase, $suppliedPassphrase); |
|
109
|
|
|
} |
|
110
|
|
|
} |
|
111
|
|
|
} |
|
112
|
|
|
|
TonyKaravasilev /
CryptoManana
