Hash - Code Metrics - Inspection of "Update Hash.php" - mmeyer2k/dcrypt - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( e25e6d...0bf370 )

by Michael

created 2017-08-22 20:57 UTC

Hash A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	126
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	4

Test Coverage

Coverage

96.55%

Importance

Changes	3
Bugs	0	Features	0

Metric	Value
wmc	10
c	3
b	0
f	0
lcom	1
cbo	4
dl	0
loc	126
ccs	28
cts	29
cp	0.9655
rs	10

6 Methods

Rating	Name	Size	Complexity
A	cost()	4	1
A	costHash()	10	1
A	build()	17	2
A	ihmac()	14	3
A	make()	4	1
A	verify()	18	2

<?php

/**
 * Hash.php
 * 
 * PHP version 5
 * 
 * @category Dcrypt
 * @package  Dcrypt
 * @author   Michael Meyer (mmeyer2k) <[email protected]>
 * @license  http://opensource.org/licenses/MIT The MIT License (MIT)
 * @link     https://github.com/mmeyer2k/dcrypt
 */

namespace Dcrypt;

/**
 * An opaque 512 bit iterative hash function.
 * 
 * 16 bytes => iv
 * 12 bytes => cost checksum
 *  4 bytes => cost
 * 32 bytes => hmac
 * 
 * ivivivivivivivivsssssssssssscosthmachmachmachmachmachmachmachmac
 * 
 * @category Dcrypt
 * @package  Dcrypt
 * @author   Michael Meyer (mmeyer2k) <[email protected]>
 * @license  http://opensource.org/licenses/MIT The MIT License (MIT)
 * @link     https://github.com/mmeyer2k/dcrypt
 * @link     https://apigen.ci/github/mmeyer2k/dcrypt/namespace-Dcrypt.html
 */
final class Hash extends Support
{

    const ALGO = 'sha256';

    /**
     * Internal function used to build the actual hash.
     *  
     * @param string       $input    Data to hash
     * @param string       $password Password to use in HMAC call
     * @param integer      $cost     Number of iterations to use
     * @param string|null  $salt     Initialization vector to use in HMAC calls
     * @return string
     */
    private static function build($input, $password, $cost, $salt = null)
    {
        // Generate salt if needed
        $salt = $salt === null ? Random::bytes(16) : $salt;

        // Verify and normalize cost value
        $cost = self::cost($cost);

        // Create key to use for hmac operations
        $key = \hash_hmac(self::ALGO, $salt, $password, true);

        // Perform hash iterations. Get a 32 byte output value
        $hash = self::ihmac($input, $key, $cost, self::ALGO);

        // Return the salt + cost blob + hmac
        return $salt . self::costHash($cost, $salt, $password) . $hash;
    }

    /**
     * Return a normalized cost value.
     * 
     * @param int $cost Number of iterations to use.
     * 
     * @return int
     */
    private static function cost($cost)
    {
        return $cost % \pow(2, 32);
    }

    private static function costHash($cost, $salt, $password)
    {
        // Hash and return first 12 bytes
        $hash = Str::substr(\hash_hmac(self::ALGO, $cost, $salt, true), 0, 12);

        // Convert cost to base 256 then encrypt with OTP stream cipher
        $cost = Otp::crypt(self::dec2bin($cost), $password);

        return $hash . $cost;
    }

    /**
     * Perform a raw iterative HMAC operation with a configurable algo.
     * 
     * This class always performs at least one hash to prevent the input from
     * being passed back unchanged if bad parameters are set.
     * 
     * @param string  $data Data to hash.
     * @param string  $key  Key to use to authenticate the hash.
     * @param integer $iter Number of times to iteratate the hash
     * @param string  $algo Name of algo (sha256 or sha512 recommended)
     * 
     * @return string
     */
    public static function ihmac($data, $key, $iter, $algo = 'sha256')
    {
        $iter = abs($iter);
        
        for ($i = 0; $i <= $iter; $i++) {
            $data = \hash_hmac($algo, $data . $i . $iter, $key, true);
        }
        
        if ($data === false) {
            throw new \exception("$algo is not supported by hash_hmac");
        }

        return $data;
    }

    /**
     * Hash an input string into a salted 512 byte hash.
     * 
     * @param string  $input    Data to hash.
     * @param string  $password HMAC validation password.
     * @param integer $cost     Cost value of the hash.
     * 
     * @return string
     */
    public static function make($input, $password, $cost = 250000)
    {
        return self::build($input, $password, $cost, null);
    }

    /**
     * Check the validity of a hash.
     * 
     * @param string $input    Input to test.
     * @param string $hash     Known hash to validate against.
     * @param string $password HMAC password to use during iterative hash. 
     * 
     * @return boolean
     */
    public static function verify($input, $hash, $password)
    {
        // Get the salt value from the decrypted prefix
        $salt = Str::substr($hash, 0, 16);

        // Get the encrypted cost bytes
        $cost = self::bin2dec(Otp::crypt(Str::substr($hash, 28, 4), $password));

        // Get the entire cost+hash blob for comparison
        $blob = Str::substr($hash, 16, 16);

        if (!Str::equal(self::costHash($cost, $salt, $password), $blob)) {
            return false;
        }

        // Return the boolean equivalence
        return Str::equal($hash, self::build($input, $password, $cost, $salt));
    }

}


1		<?php
2
3		/**
4		* Hash.php
5		*
6		* PHP version 5
7		*
8		* @category Dcrypt
9		* @package Dcrypt
10		* @author Michael Meyer (mmeyer2k) <[email protected]>
11		* @license http://opensource.org/licenses/MIT The MIT License (MIT)
12		* @link https://github.com/mmeyer2k/dcrypt
13		*/
14
15		namespace Dcrypt;
16
17		/**
18		* An opaque 512 bit iterative hash function.
19		*
20		* 16 bytes => iv
21		* 12 bytes => cost checksum
22		* 4 bytes => cost
23		* 32 bytes => hmac
24		*
25		* ivivivivivivivivsssssssssssscosthmachmachmachmachmachmachmachmac
26		*
27		* @category Dcrypt
28		* @package Dcrypt
29		* @author Michael Meyer (mmeyer2k) <[email protected]>
30		* @license http://opensource.org/licenses/MIT The MIT License (MIT)
31		* @link https://github.com/mmeyer2k/dcrypt
32		* @link https://apigen.ci/github/mmeyer2k/dcrypt/namespace-Dcrypt.html
33		*/
34		final class Hash extends Support
35		{
36
37		const ALGO = 'sha256';
38
39		/**
40		* Internal function used to build the actual hash.
41		*
42		* @param string $input Data to hash
43		* @param string $password Password to use in HMAC call
44		* @param integer $cost Number of iterations to use
45		* @param string\|null $salt Initialization vector to use in HMAC calls
46		* @return string
47		*/
48	5	private static function build($input, $password, $cost, $salt = null)
49		{
50		// Generate salt if needed
51	5	$salt = $salt === null ? Random::bytes(16) : $salt;
52
53		// Verify and normalize cost value
54	5	$cost = self::cost($cost);
55
56		// Create key to use for hmac operations
57	5	$key = \hash_hmac(self::ALGO, $salt, $password, true);
58
59		// Perform hash iterations. Get a 32 byte output value
60	5	$hash = self::ihmac($input, $key, $cost, self::ALGO);
61
62		// Return the salt + cost blob + hmac
63	5	return $salt . self::costHash($cost, $salt, $password) . $hash;
64		}
65
66		/**
67		* Return a normalized cost value.
68		*
69		* @param int $cost Number of iterations to use.
70		*
71		* @return int
72		*/
73	5	private static function cost($cost)
74		{
75	5	return $cost % \pow(2, 32);
76		}
77
78	5	private static function costHash($cost, $salt, $password)
79		{
80		// Hash and return first 12 bytes
81	5	$hash = Str::substr(\hash_hmac(self::ALGO, $cost, $salt, true), 0, 12);
82
83		// Convert cost to base 256 then encrypt with OTP stream cipher
84	5	$cost = Otp::crypt(self::dec2bin($cost), $password);
85
86	5	return $hash . $cost;
87		}
88
89		/**
90		* Perform a raw iterative HMAC operation with a configurable algo.
91		*
92		* This class always performs at least one hash to prevent the input from
93		* being passed back unchanged if bad parameters are set.
94		*
95		* @param string $data Data to hash.
96		* @param string $key Key to use to authenticate the hash.
97		* @param integer $iter Number of times to iteratate the hash
98		* @param string $algo Name of algo (sha256 or sha512 recommended)
99		*
100		* @return string
101		*/
102	16	public static function ihmac($data, $key, $iter, $algo = 'sha256')
103		{
104	16	$iter = abs($iter);
105
106	16	for ($i = 0; $i <= $iter; $i++) {
107	16	$data = \hash_hmac($algo, $data . $i . $iter, $key, true);
108	16	}
109
110	16	if ($data === false) {
111		throw new \exception("$algo is not supported by hash_hmac");
112		}
113
114	16	return $data;
115		}
116
117		/**
118		* Hash an input string into a salted 512 byte hash.
119		*
120		* @param string $input Data to hash.
121		* @param string $password HMAC validation password.
122		* @param integer $cost Cost value of the hash.
123		*
124		* @return string
125		*/
126	4	public static function make($input, $password, $cost = 250000)
127		{
128	4	return self::build($input, $password, $cost, null);
129		}
130
131		/**
132		* Check the validity of a hash.
133		*
134		* @param string $input Input to test.
135		* @param string $hash Known hash to validate against.
136		* @param string $password HMAC password to use during iterative hash.
137		*
138		* @return boolean
139		*/
140	3	public static function verify($input, $hash, $password)
141		{
142		// Get the salt value from the decrypted prefix
143	3	$salt = Str::substr($hash, 0, 16);
144
145		// Get the encrypted cost bytes
146	3	$cost = self::bin2dec(Otp::crypt(Str::substr($hash, 28, 4), $password));
147
148		// Get the entire cost+hash blob for comparison
149	3	$blob = Str::substr($hash, 16, 16);
150
151	3	if (!Str::equal(self::costHash($cost, $salt, $password), $blob)) {
152	1	return false;
153		}
154
155		// Return the boolean equivalence
156	3	return Str::equal($hash, self::build($input, $password, $cost, $salt));
157		}
158
159		}
160

mmeyer2k / dcrypt

Push — master ( e25e6d...0bf370 )

Hash A

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

6 Methods

Duplication Side-by-Side

Filter issues like