Add DB Encryption tests

hash test page update
Add hash hmac to the Create Hash class
2025-04-07 12:05:06 +09:00 · 2025-04-07 09:09:45 +09:00 · 2025-04-07 09:05:37 +09:00 · 2025-04-04 15:17:42 +09:00 · 2025-04-04 15:08:58 +09:00
7 changed files with 539 additions and 37 deletions
--- a/4dev/tests/Create/CoreLibsCreateHashTest.php
+++ b/4dev/tests/Create/CoreLibsCreateHashTest.php
@@ -21,8 +21,10 @@ final class CoreLibsCreateHashTest extends TestCase
 	public function hashData(): array
 	{
 		return [
-			'any string' => [
+			'hash tests' => [
+				// this is the string
 				'text' => 'Some String Text',
+				// hash list special
 				'crc32b_reverse' => 'c5c21d91', // crc32b (in revere)
 				'sha1Short' => '4d2bc9ba0', // sha1Short
 				// via hash
@@ -31,6 +33,8 @@ final class CoreLibsCreateHashTest extends TestCase
 				'fnv132' => '9df444f9', // hash: fnv132
 				'fnv1a32' => '2c5f91b9', // hash: fnv1a32
 				'joaat' => '50dab846', // hash: joaat
+				'ripemd160' => 'aeae3f041b20136451519edd9361570909300342', // hash: ripemd160,
+				'sha256' => '9055080e022f224fa835929b80582b3c71c672206fa3a49a87412c25d9d42ceb', // hash: sha256
 			]
 		];
 	}
@@ -81,7 +85,7 @@ final class CoreLibsCreateHashTest extends TestCase
 	{
 		$list = [];
 		foreach ($this->hashData() as $name => $values) {
-			foreach ([null, 'crc32b', 'adler32', 'fnv132', 'fnv1a32', 'joaat'] as $_hash_type) {
+			foreach ([null, 'crc32b', 'adler32', 'fnv132', 'fnv1a32', 'joaat', 'ripemd160', 'sha256'] as $_hash_type) {
 				// default value test
 				if ($_hash_type === null) {
 					$hash_type = \CoreLibs\Create\Hash::STANDARD_HASH_SHORT;
@@ -114,6 +118,22 @@ final class CoreLibsCreateHashTest extends TestCase
 		];
 	}

+	/**
+	 * Undocumented function
+	 *
+	 * @return array
+	 */
+	public function hashStandardProvider(): array
+	{
+		$hash_source = 'Some String Text';
+		return [
+			'Long Hash check: ' . \CoreLibs\Create\Hash::STANDARD_HASH => [
+				$hash_source,
+				hash(\CoreLibs\Create\Hash::STANDARD_HASH, $hash_source)
+			],
+		];
+	}
+
 	/**
 	 * Undocumented function
 	 *
@@ -136,9 +156,13 @@ final class CoreLibsCreateHashTest extends TestCase
 	/**
 	 * Undocumented function
 	 *
+	 * phpcs:disable Generic.Files.LineLength
 	 * @covers ::__sha1Short
+	 * @covers ::__crc32b
+	 * @covers ::sha1Short
 	 * @dataProvider sha1ShortProvider
-	 * @testdox __sha1Short $input will be $expected (crc32b) and $expected_sha1 (sha1 short) [$_dataName]
+	 * @testdox __sha1Short/__crc32b/sha1short $input will be $expected (crc32b) and $expected_sha1 (sha1 short) [$_dataName]
+	 * phpcs:enable Generic.Files.LineLength
 	 *
 	 * @param string $input
 	 * @param string $expected
@@ -149,16 +173,29 @@ final class CoreLibsCreateHashTest extends TestCase
 		// uses crc32b
 		$this->assertEquals(
 			$expected,
-			\CoreLibs\Create\Hash::__sha1Short($input)
+			\CoreLibs\Create\Hash::__sha1Short($input),
+			'__sha1Short depreacted'
 		);
 		$this->assertEquals(
 			$expected,
-			\CoreLibs\Create\Hash::__sha1Short($input, false)
+			\CoreLibs\Create\Hash::__sha1Short($input, false),
+			'__sha1Short (false) depreacted'
+		);
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Hash::__crc32b($input),
+			'__crc32b'
 		);
 		// sha1 type
 		$this->assertEquals(
 			$expected_sha1,
-			\CoreLibs\Create\Hash::__sha1Short($input, true)
+			\CoreLibs\Create\Hash::__sha1Short($input, true),
+			'__sha1Short (true) depreacted'
+		);
+		$this->assertEquals(
+			$expected_sha1,
+			\CoreLibs\Create\Hash::sha1Short($input),
+			'sha1Short'
 		);
 	}

@@ -166,8 +203,10 @@ final class CoreLibsCreateHashTest extends TestCase
 	 * Undocumented function
 	 *
 	 * @covers ::__hash
+	 * @covers ::hashShort
+	 * @covers ::hashShort
 	 * @dataProvider hashProvider
-	 * @testdox __hash $input with $hash_type will be $expected [$_dataName]
+	 * @testdox __hash/hashShort/hash $input with $hash_type will be $expected [$_dataName]
 	 *
 	 * @param string $input
 	 * @param string|null $hash_type
@@ -179,12 +218,24 @@ final class CoreLibsCreateHashTest extends TestCase
 		if ($hash_type === null) {
 			$this->assertEquals(
 				$expected,
-				\CoreLibs\Create\Hash::__hash($input)
+				\CoreLibs\Create\Hash::__hash($input),
+				'__hash'
+			);
+			$this->assertEquals(
+				$expected,
+				\CoreLibs\Create\Hash::hashShort($input),
+				'hashShort'
 			);
 		} else {
 			$this->assertEquals(
 				$expected,
-				\CoreLibs\Create\Hash::__hash($input, $hash_type)
+				\CoreLibs\Create\Hash::__hash($input, $hash_type),
+				'__hash with hash type'
+			);
+			$this->assertEquals(
+				$expected,
+				\CoreLibs\Create\Hash::hash($input, $hash_type),
+				'hash with hash type'
 			);
 		}
 	}
@@ -193,8 +244,9 @@ final class CoreLibsCreateHashTest extends TestCase
 	 * Undocumented function
 	 *
 	 * @covers ::__hashLong
+	 * @covers ::hashLong
 	 * @dataProvider hashLongProvider
-	 * @testdox __hashLong $input will be $expected [$_dataName]
+	 * @testdox __hashLong/hashLong $input will be $expected [$_dataName]
 	 *
 	 * @param string $input
 	 * @param string $expected
@@ -206,6 +258,168 @@ final class CoreLibsCreateHashTest extends TestCase
 			$expected,
 			\CoreLibs\Create\Hash::__hashLong($input)
 		);
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Hash::hashLong($input)
+		);
+	}
+
+	/**
+	 * Undocumented function
+	 *
+	 * @covers ::hash
+	 * @covers ::hashStd
+	 * @dataProvider hashStandardProvider
+	 * @testdox hash/hashStd $input will be $expected [$_dataName]
+	 *
+	 * @param string $input
+	 * @param string $expected
+	 * @return void
+	 */
+	public function testHashStandard(string $input, string $expected): void
+	{
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Hash::hashStd($input)
+		);
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Hash::hash($input)
+		);
+	}
+
+	/**
+	 * Undocumented function
+	 *
+	 * @covers ::hash
+	 * @testdox hash with invalid type
+	 *
+	 * @return void
+	 */
+	public function testInvalidHashType(): void
+	{
+		$hash_source = 'Some String Text';
+		$expected = hash(\CoreLibs\Create\Hash::STANDARD_HASH, $hash_source);
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Hash::hash($hash_source, 'DOES_NOT_EXIST')
+		);
+	}
+
+	/**
+	 * Note: this only tests default sha256
+	 *
+	 * @covers ::hashHmac
+	 * @testdox hash hmac test
+	 *
+	 * @return void
+	 */
+	public function testHashMac(): void
+	{
+		$hash_key = 'FIX KEY';
+		$hash_source = 'Some String Text';
+		$expected = '16479b3ef6fa44e1cdd8b2dcfaadf314d1a7763635e8738f1e7996d714d9b6bf';
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Hash::hashHmac($hash_source, $hash_key)
+		);
+	}
+
+	/**
+	 * Undocumented function
+	 *
+	 * @covers ::hashHmac
+	 * @testdox hash hmac with invalid type
+	 *
+	 * @return void
+	 */
+	public function testInvalidHashMacType(): void
+	{
+		$hash_key = 'FIX KEY';
+		$hash_source = 'Some String Text';
+		$expected = hash_hmac(\CoreLibs\Create\Hash::STANDARD_HASH, $hash_source, $hash_key);
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Hash::hashHmac($hash_source, $hash_key, 'DOES_NOT_EXIST')
+		);
+	}
+
+	/**
+	 * Undocumented function
+	 *
+	 * @return array<mixed>
+	 */
+	public function providerHashTypes(): array
+	{
+		return [
+			'Hash crc32b' => [
+				'crc32b',
+				true,
+				false,
+			],
+			'Hash adler32' => [
+				'adler32',
+				true,
+				false,
+			],
+			'HAsh fnv132' => [
+				'fnv132',
+				true,
+				false,
+			],
+			'Hash fnv1a32' => [
+				'fnv1a32',
+				true,
+				false,
+			],
+			'Hash: joaat' => [
+				'joaat',
+				true,
+				false,
+			],
+			'Hash: ripemd160' => [
+				'ripemd160',
+				true,
+				true,
+			],
+			'Hash: sha256' => [
+				'sha256',
+				true,
+				true,
+			],
+			'Hash: invalid' => [
+				'invalid',
+				false,
+				false
+			]
+		];
+	}
+
+	/**
+	 * Undocumented function
+	 *
+	 * @covers ::isValidHashType
+	 * @covers ::isValidHashHmacType
+	 * @dataProvider providerHashTypes
+	 * @testdox check if $hash_type is valid for hash $hash_ok and hash hmac $hash_hmac_ok [$_dataName]
+	 *
+	 * @param  string $hash_type
+	 * @param  bool   $hash_ok
+	 * @param  bool   $hash_hmac_ok
+	 * @return void
+	 */
+	public function testIsValidHashAndHashHmacTypes(string $hash_type, bool $hash_ok, bool $hash_hmac_ok): void
+	{
+		$this->assertEquals(
+			$hash_ok,
+			\CoreLibs\Create\Hash::isValidHashType($hash_type),
+			'hash valid'
+		);
+		$this->assertEquals(
+			$hash_hmac_ok,
+			\CoreLibs\Create\Hash::isValidHashHmacType($hash_type),
+			'hash hmac valid'
+		);
 	}
 }

--- a/www/admin/class_test.db.encryption.php
+++ b/www/admin/class_test.db.encryption.php
@@ -0,0 +1,125 @@
+<?php // phpcs:ignore warning
+
+/**
+ * @phan-file-suppress PhanTypeSuspiciousStringExpression
+ */
+
+declare(strict_types=1);
+
+// turn on all error reporting
+error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+
+ob_start();
+
+// basic class test file
+define('USE_DATABASE', true);
+// sample config
+require 'config.php';
+// define log file id
+$LOG_FILE_ID = 'classTest-db-query-encryption';
+ob_end_flush();
+
+// use CoreLibs\Debug\Support;
+use CoreLibs\Security\SymmetricEncryption;
+use CoreLibs\Security\CreateKey;
+use CoreLibs\Create\Hash;
+use CoreLibs\Debug\Support;
+
+$log = new CoreLibs\Logging\Logging([
+	'log_folder' => BASE . LOG,
+	'log_file_id' => $LOG_FILE_ID,
+	'log_per_date' => true,
+]);
+// db connection and attach logger
+$db = new CoreLibs\DB\IO(DB_CONFIG, $log);
+$db->log->debug('START', '=============================>');
+
+$PAGE_NAME = 'TEST CLASS: DB QUERY ENCRYPTION';
+print "<!DOCTYPE html>";
+print "<html><head><title>" . $PAGE_NAME . "</title></head>";
+print "<body>";
+print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
+
+// encryption key
+$key = CreateKey::generateRandomKey();
+print "Secret Key: " . $key . "<br>";
+
+// test text
+$text_string = "I a some deep secret";
+//
+$crypt = new SymmetricEncryption($key);
+$encrypted = $crypt->encrypt($text_string);
+$string_hashed = Hash::hashStd($text_string);
+$string_hmac = Hash::hashHmac($text_string, $key);
+$decrypted = $crypt->decrypt($encrypted);
+
+print "String: " . $text_string . "<br>";
+print "Encrypted: " . $encrypted . "<br>";
+print "Hashed: " . $string_hashed . "<br>";
+print "Hmac: " . $string_hmac . "<br>";
+
+$db->dbExecParams(
+	<<<SQL
+	INSERT INTO test_encryption (
+		-- for compare
+		plain_text,
+		-- via php encryption
+		hash_text, hmac_text, crypt_text,
+		-- -- in DB encryption
+		pg_digest_bytea, pg_digest_text,
+		pg_hmac_bytea, pg_hmac_text,
+		pg_crypt_bytea, pg_crypt_text
+	) VALUES (
+		$1,
+		$2, $3, $4,
+		digest($1::VARCHAR, $5),
+		encode(digest($1, $5), 'hex'),
+		hmac($1, $6, $5),
+		encode(hmac($1, $6, $5), 'hex'),
+		pgp_sym_encrypt($1, $7),
+		encode(pgp_sym_encrypt($1, $7), 'hex')
+	) RETURNING cuuid
+	SQL,
+	[
+		// 1: original string
+		$text_string,
+		// 2: hashed, 3: hmac, 4: encrypted
+		$string_hashed, $string_hmac, $encrypted,
+		// 5: hash type, 6: hmac secret, 7: pgp secret
+		'sha256', $key, $key
+	]
+);
+$cuuid = $db->dbGetReturningExt('cuuid');
+print "INSERTED: $cuuid<br>";
+print "LAST ERROR: " . $db->dbGetLastError(true) . "<br>";
+
+// read back
+$res = $db->dbReturnRowParams(
+	<<<SQL
+	SELECT
+		-- for compare
+		plain_text,
+		-- via php encryption
+		hash_text, hmac_text, crypt_text,
+		-- in DB encryption
+		pg_digest_bytea, pg_digest_text,
+		pg_hmac_bytea, pg_hmac_text,
+		pg_crypt_bytea, pg_crypt_text
+	FROM
+		test_encryption
+	WHERE
+		cuuid = $1
+	SQL,
+	[
+		$cuuid
+	]
+);
+
+print "RES: <pre>" . Support::prAr($res) . "</pre><br>";
+
+// do compare
+
+print "</body></html>";
+
+// __END__
--- a/www/admin/class_test.hash.php
+++ b/www/admin/class_test.hash.php
@@ -19,6 +19,7 @@ $LOG_FILE_ID = 'classTest-hash';
 ob_end_flush();

 use CoreLibs\Create\Hash;
+use CoreLibs\Security\CreateKey;

 $log = new CoreLibs\Logging\Logging([
 	'log_folder' => BASE . LOG,
@@ -38,28 +39,66 @@ print '<div><h1>' . $PAGE_NAME . '</h1></div>';

 $to_crc = 'Some text block';
 // static
-print "S::__CRC32B: $to_crc: " . $hash_class::__crc32b($to_crc) . "<br>";
-print "S::__SHA1SHORT(off): $to_crc: " . $hash_class::__sha1short($to_crc) . "<br>";
-print "S::__SHA1SHORT(on): $to_crc: " . $hash_class::__sha1short($to_crc, true) . "<br>";
-print "S::__hash(d): " . $to_crc . "/"
-	. Hash::STANDARD_HASH_SHORT . ": " . $hash_class::__hash($to_crc) . "<br>";
-foreach (['adler32', 'fnv132', 'fnv1a32', 'joaat', 'sha512'] as $__hash_c) {
-	print "S::__hash($__hash_c): $to_crc: " . $hash_class::__hash($to_crc, $__hash_c) . "<br>";
+print "S::__CRC32B: $to_crc: " . Hash::__crc32b($to_crc) . "<br>";
+// print "S::__SHA1SHORT(off): $to_crc: " . Hash::__sha1short($to_crc) . "<br>";
+print "S::hashShort(__sha1Short replace): $to_crc: " . Hash::hashShort($to_crc) . "<br>";
+// print "S::__SHA1SHORT(on): $to_crc: " . Hash::__sha1short($to_crc, true) . "<br>";
+print "S::sha1Short(__sha1Short replace): $to_crc: " . Hash::sha1Short($to_crc) . "<br>";
+// print "S::__hash(d): " . $to_crc . "/"
+// 	. Hash::STANDARD_HASH_SHORT . ": " . $hash_class::__hash($to_crc) . "<br>";
+$to_crc_list = [
+	'Some text block',
+	'Some String Text',
+	'any string',
+];
+foreach ($to_crc_list as $__to_crc) {
+	foreach (['adler32', 'fnv132', 'fnv1a32', 'joaat', 'ripemd160', 'sha256', 'sha512'] as $__hash_c) {
+		print "Hash::hash($__hash_c): $__to_crc: " . Hash::hash($to_crc, $__hash_c) . "<br>";
+	}
 }
 // static use
 print "U-S::__CRC32B: $to_crc: " . Hash::__crc32b($to_crc) . "<br>";

 echo "<hr>";
 $text = 'Some String Text';
+// $text = 'any string';
 $type = 'crc32b';
 print "Hash: " . $type . ": " . hash($type, $text) . "<br>";
-print "Class: " . $type . ": " . Hash::__hash($text, $type) . "<br>";
+// print "Class (old): " . $type . ": " . Hash::__hash($text, $type) . "<br>";
+print "Class (new): " . $type . ": " . Hash::hash($text, $type) . "<br>";

 echo "<hr>";
-print "<br>CURRENT STANDARD_HASH_SHORT: " . Hash::STANDARD_HASH_SHORT . "<br>";
-print "<br>CURRENT STANDARD_HASH_LONG: " . Hash::STANDARD_HASH_LONG . "<br>";
-print "HASH SHORT: " . $to_crc . ": " . Hash::__hash($to_crc) . "<br>";
-print "HASH LONG: " . $to_crc . ": " . Hash::__hashLong($to_crc) . "<br>";
+print "CURRENT STANDARD_HASH_SHORT: " . Hash::STANDARD_HASH_SHORT . "<br>";
+print "CURRENT STANDARD_HASH_LONG: " . Hash::STANDARD_HASH_LONG . "<br>";
+print "CURRENT STANDARD_HASH: " . Hash::STANDARD_HASH . "<br>";
+print "HASH SHORT: " . $to_crc . ": " . Hash::hashShort($to_crc) . "<br>";
+print "HASH LONG: " . $to_crc . ": " . Hash::hashLong($to_crc) . "<br>";
+print "HASH DEFAULT: " . $to_crc . ": " . Hash::hashStd($to_crc) . "<br>";
+
+echo "<hr>";
+$key = CreateKey::generateRandomKey();
+$key = "FIX KEY";
+print "Secret Key: " . $key . "<br>";
+print "HASHMAC DEFAULT (fix): " . $to_crc . ": " . Hash::hashHmac($to_crc, $key) . "<br>";
+$key = CreateKey::generateRandomKey();
+print "Secret Key: " . $key . "<br>";
+print "HASHMAC DEFAULT (random): " . $to_crc . ": " . Hash::hashHmac($to_crc, $key) . "<br>";
+
+echo "<hr>";
+$hash_types = ['crc32b', 'sha256', 'invalid'];
+foreach ($hash_types as $hash_type) {
+	echo "<b>Checking $hash_type:</b><br>";
+	if (Hash::isValidHashType($hash_type)) {
+		echo "hash type: $hash_type is valid<br>";
+	} else {
+		echo "hash type: $hash_type is INVALID<br>";
+	}
+	if (Hash::isValidHashHmacType($hash_type)) {
+		echo "hash hmac type: $hash_type is valid<br>";
+	} else {
+		echo "hash hmac type: $hash_type is INVALID<br>";
+	}
+}

 // print "UNIQU ID SHORT : " . Hash::__uniqId() . "<br>";
 // print "UNIQU ID LONG : " . Hash::__uniqIdLong() . "<br>";
--- a/www/admin/class_test.php
+++ b/www/admin/class_test.php
@@ -95,6 +95,7 @@ $test_files = [
 	'class_test.db.dbReturn.php' => 'Class Test: DB dbReturn',
 	'class_test.db.single.php' => 'Class Test: DB single query tests',
 	'class_test.db.convert-placeholder.php' => 'Class Test: DB convert placeholder',
+	'class_test.db.encryption.php' => 'Class Test: DB pgcrypto',
 	'class_test.convert.colors.php' => 'Class Test: CONVERT COLORS',
 	'class_test.check.colors.php' => 'Class Test: CHECK COLORS',
 	'class_test.mime.php' => 'Class Test: MIME',
--- a/www/lib/CoreLibs/Basic.php
+++ b/www/lib/CoreLibs/Basic.php
@@ -1024,8 +1024,12 @@ class Basic
 	 */
 	public function __sha1Short(string $string, bool $use_sha = false): string
 	{
-		trigger_error('Method ' . __METHOD__ . ' is deprecated, use \CoreLibs\Create\Hash::__sha1Short()', E_USER_DEPRECATED);
-		return \CoreLibs\Create\Hash::__sha1Short($string, $use_sha);
+		trigger_error('Method ' . __METHOD__ . ' is deprecated, use \CoreLibs\Create\Hash::sha1Short() or ::__crc32b()', E_USER_DEPRECATED);
+		if ($use_sha) {
+			return \CoreLibs\Create\Hash::sha1Short($string);
+		} else {
+			return \CoreLibs\Create\Hash::__crc32b($string);
+		}
 	}

 	/**
@@ -1040,8 +1044,8 @@ class Basic
 	 */
 	public function __hash(string $string, string $hash_type = 'adler32'): string
 	{
-		trigger_error('Method ' . __METHOD__ . ' is deprecated, use \CoreLibs\Create\Hash::__hash()', E_USER_DEPRECATED);
-		return \CoreLibs\Create\Hash::__hash($string, $hash_type);
+		trigger_error('Method ' . __METHOD__ . ' is deprecated, use \CoreLibs\Create\Hash::hash()', E_USER_DEPRECATED);
+		return \CoreLibs\Create\Hash::hash($string, $hash_type);
 	}

 	// *** HASH FUNCTIONS END
--- a/www/lib/CoreLibs/Create/Hash.php
+++ b/www/lib/CoreLibs/Create/Hash.php
@@ -10,9 +10,14 @@ namespace CoreLibs\Create;

 class Hash
 {
+	/** @var string default short hash -> deprecated use STANDARD_HASH_SHORT */
 	public const DEFAULT_HASH = 'adler32';
+	/** @var string default long hash (40 chars) */
 	public const STANDARD_HASH_LONG = 'ripemd160';
+	/** @var string default short hash (8 chars) */
 	public const STANDARD_HASH_SHORT = 'adler32';
+	/** @var string this is the standard hash to use hashStd and hash (64 chars) */
+	public const STANDARD_HASH = 'sha256';

 	/**
 	 * checks php version and if >=5.2.7 it will flip the string
@@ -20,6 +25,7 @@ class Hash
 	 * hash returns false
 	 * preg_replace fails for older php version
 	 * Use __hash with crc32b or hash('crc32b', ...) for correct output
+	 * For future short hashes use hashShort() instead
 	 *
 	 * @param  string $string string to crc
 	 * @return string         crc32b hash (old type)
@@ -43,19 +49,31 @@ class Hash
 	 * replacement for __crc32b call
 	 *
 	 * @param  string $string  string to hash
-	 * @param  bool   $use_sha use sha instead of crc32b (default false)
+	 * @param  bool   $use_sha [default=false] use sha1 instead of crc32b
 	 * @return string          hash of the string
+	 * @deprecated use __crc32b() for drop in replacement with default, or sha1Short() for use sha true
 	 */
 	public static function __sha1Short(string $string, bool $use_sha = false): string
 	{
 		if ($use_sha) {
-			// return only the first 9 characters
-			return substr(hash('sha1', $string), 0, 9);
+			return self::sha1Short($string);
 		} else {
 			return self::__crc32b($string);
 		}
 	}

+	/**
+	 * returns a short sha1
+	 *
+	 * @param  string $string  string to hash
+	 * @return string          hash of the string
+	 */
+	public static function sha1Short(string $string): string
+	{
+		// return only the first 9 characters
+		return substr(hash('sha1', $string), 0, 9);
+	}
+
 	/**
 	 * replacemend for __crc32b call (alternate)
 	 * defaults to adler 32
@@ -63,34 +81,135 @@ class Hash
 	 * all that create 8 char long hashes
 	 *
 	 * @param  string $string    string to hash
-	 * @param  string $hash_type hash type (default adler32)
+	 * @param  string $hash_type [default=STANDARD_HASH_SHORT] hash type (default adler32)
 	 * @return string            hash of the string
+	 * @deprecated use hashShort() of short hashes with adler 32 or hash() for other hash types
 	 */
 	public static function __hash(
 		string $string,
-		string $hash_type = self::DEFAULT_HASH
+		string $hash_type = self::STANDARD_HASH_SHORT
+	): string {
+		return self::hash($string, $hash_type);
+	}
+
+	/**
+	 * check if hash type is valid, returns false if not
+	 *
+	 * @param  string $hash_type
+	 * @return bool
+	 */
+	public static function isValidHashType(string $hash_type): bool
+	{
+		if (!in_array($hash_type, hash_algos())) {
+			return false;
+		}
+		return true;
+	}
+
+	/**
+	 * check if hash hmac type is valid, returns false if not
+	 *
+	 * @param  string $hash_hmac_type
+	 * @return bool
+	 */
+	public static function isValidHashHmacType(string $hash_hmac_type): bool
+	{
+		if (!in_array($hash_hmac_type, hash_hmac_algos())) {
+			return false;
+		}
+		return true;
+	}
+
+	/**
+	 * creates a hash over string if any valid hash given.
+	 * if no hash type set use sha256
+	 *
+	 * @param  string $string    string to hash
+	 * @param  string $hash_type [default=STANDARD_HASH] hash type (default sha256)
+	 * @return string            hash of the string
+	 */
+	public static function hash(
+		string $string,
+		string $hash_type = self::STANDARD_HASH
 	): string {
-		// if not empty, check if in valid list
 		if (
 			empty($hash_type) ||
 			!in_array($hash_type, hash_algos())
 		) {
-			// fallback to default hash type if none set or invalid
-			$hash_type = self::DEFAULT_HASH;
+			// fallback to default hash type if empty or invalid
+			$hash_type = self::STANDARD_HASH;
 		}
 		return hash($hash_type, $string);
 	}

 	/**
-	 * Wrapper function for standard long hashd
+	 * creates a hash mac key
+	 *
+	 * @param  string $string    string to hash mac
+	 * @param  string $key       key to use
+	 * @param  string $hash_type [default=STANDARD_HASH]
+	 * @return string            hash mac string
+	 */
+	public static function hashHmac(
+		string $string,
+		#[\SensitiveParameter]
+		string $key,
+		string $hash_type = self::STANDARD_HASH
+	): string {
+		if (
+			empty($hash_type) ||
+			!in_array($hash_type, hash_hmac_algos())
+		) {
+			// fallback to default hash type if e or invalid
+			$hash_type = self::STANDARD_HASH;
+		}
+		return hash_hmac($hash_type, $string, $key);
+	}
+
+	/**
+	 * short hash with max length of 8, uses adler32
+	 *
+	 * @param  string $string string to hash
+	 * @return string         hash of the string
+	 */
+	public static function hashShort(string $string): string
+	{
+		return hash(self::STANDARD_HASH_SHORT, $string);
+	}
+
+	/**
+	 * Wrapper function for standard long hash
+	 *
+	 * @param string $string String to be hashed
+	 * @return string        Hashed string
+	 * @deprecated use hashLong()
+	 */
+	public static function __hashLong(string $string): string
+	{
+		return self::hashLong($string);
+	}
+
+	/**
+	 * Wrapper function for standard long hash, uses ripmd160
 	 *
 	 * @param string $string String to be hashed
 	 * @return string        Hashed string
 	 */
-	public static function __hashLong(string $string): string
+	public static function hashLong(string $string): string
 	{
 		return hash(self::STANDARD_HASH_LONG, $string);
 	}
+
+	/**
+	 * create standard hash basd on STANDAR_HASH, currently sha256
+	 *
+	 * @param  string $string string in
+	 * @return string         hash of the string
+	 */
+	public static function hashStd(string $string): string
+	{
+		return self::hash($string, self::STANDARD_HASH);
+	}
 }

 // __END__
--- a/www/lib/CoreLibs/DB/IO.php
+++ b/www/lib/CoreLibs/DB/IO.php
@@ -4056,7 +4056,7 @@ class IO
 	 */
 	public function dbGetQueryHash(string $query, array $params = []): string
 	{
-		return Hash::__hashLong(
+		return Hash::hashLong(
 			$query . (
 				$params !== [] ?
 					'#' . json_encode($params) : ''
Author	SHA1	Message	Date
Clemens Schwaighofer	531229e8b7	Add DB Encryption tests	2025-04-07 12:05:06 +09:00
Clemens Schwaighofer	d09c20ff9d	hash test page update	2025-04-07 09:09:45 +09:00
Clemens Schwaighofer	f4ddc5a5fc	Add hash hmac to the Create Hash class	2025-04-07 09:05:37 +09:00
Clemens Schwaighofer	1791ec3908	phan and phpstan fixes for hash uses in CoreLibs	2025-04-04 15:17:42 +09:00
Clemens Schwaighofer	3d13f55c35	Update Hash Class Add new constant: STANDARD_HASH for sha256 Deprecate DEFAULT_HASH is now STANDARD_HASH_SHORT Deprecated __sha1Short: replace with __crc32b with the default parameter use_sha false replace with sha1Short if use_sha is true __hash: replace with hashShort if default hash type replace with hash for all others with new default STANDARD_HASH __hashLong: replace with hashLong New: hashShort: returns STANDARD_HASH_SHORT which is __hash default type hashStd: returns STANDARD_HASH sha256 hash: switches to STANDARD_HASH as default type	2025-04-04 15:08:58 +09:00