Proposal for "Crypt_HMAC2"

» Metadata » Status
» Description
Crypt_HMAC2 implements the Hashed Message Authentication Code (HMAC) algorithm as defined in RFC2104, with test cases defined by RFC2202 tested in the attached Unit Tests.

It is written entirely in PHP5, and will utilise the hash or mhash extension if one of these is enabled.

It improves on the current Crypt_HMAC package by enabling support for a wider range of Hashing algorithms using hash or mhash. This expands the security of the end HMAC and is now a requirement of several HMAC enabled protocols and communication systems including the OpenID Authentication 2.0 specification which is being finalised (and where SHA256 HMAC is recommended though not yet enforced). It additionally includes an MD5/SHA1 implementation in PHP code when no supported extensions have been enabled.
» Dependencies » Links
» Timeline » Changelog
  • First Draft: 2007-06-21
  • Proposal: 2007-06-21
  • Call for Votes: 2007-07-03
  • Pádraic Brady
    [2007-06-29 10:50 UTC]

    Updated proposed Crypt_HMAC2 package as follows:

    * The MAC may now be outputted in raw binary form (support for this added for each extension allowed thus far)