hash_hmac implementation does not match PHP hash_hmac

[jrush_aplus]

The hash_hmac implementation output does not match the native PHP hash_hmac output when using a key longer than 64 characters.

If the key is longer than 64 characters, it is packed. The output of pack may be less than 64 characters, so the key needs to be padded. The current implementation does not pad the key because the key was packed.

The attached patch removes the else that keeps a packed key from being padded. By removing the else, the length of the key is recalculated and will be padded if it is less than 64 characters.

If the key is padded after being packed, the output matches the output of the native PHP hash_hmac function.

[jrush_aplus]

Patch to allow compat.php hash_hmac implementation to match PHP hash_hmac output

[peaceablewhale]

test script

[markjaquith]

What implications does this have for existing sites if the patch is committed?

[mdawaffe]

Outputs from core uses of hash_hmac() will not change for most blogs. The key length provided by ​https://api.wordpress.org/secret-key/1.1/ are all 64 characters long. (Under the assumption that most blogs use either random keys from above, the default key, or shorter custom keys).

However, most outputs from core uses of wp_hash() will change on most blogs.

So after patching on most blogs, all users on those blogs will be logged out. Logging back in will not be affected. Also, all nonces will be invalid, but new and valid ones will generate just fine.

A temporary and one time effect (the same effect many upgrades face: cookies and nonces are invalid after upgrade).

+1

[mdawaffe]

WordPress' implementation of hash_hmac() also ignores the $raw_output argument.

That argument is never used by core, but plugins and OAuth libraries use it. Attached updates to correct the above bug and add support for $raw_output.

[mdawaffe]

correct key padding and add support for raw_output in hash_hmac

[mdawaffe]

10623.diff can be deleted - wrong patch.
10284.diff is correct.

[dd32]

10623.diff can be deleted - wrong patch. 10284.diff is correct.

Deleted 10623.diff so as not to confuse anyone, As the filename suggests, it was obviously for another ticket.

[westi]

This looks ok.

Working on writing up some test cases for wordpress-tests.

I guess the changes detailed above only affect blogs running on a PHP version which needs this compat function - so anything earlier than 5.1.2

[westi]

(In [11920]) Make our hash_hmac compatibility function unit testable even when the real one exists. See #10284.

[westi]

I've added some test cases - ​http://svn.automattic.com/wordpress-tests/wp-testcase/test_includes_compat.php

[westi]

(In [11921]) Correct key padding and add support for raw_output in hash_hmac. Fixes #10284 props mdawaffe.