X-Git-Url: http://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Flibs%2FCryptHKDF.php;h=0478a3370053f868792870476c543a565a9d2568;hb=9ddd146c262806e993ea66994f367a0a795e762d;hp=4c867574182dc8cf1b2dcac5f75c1cf9f8afa520;hpb=dfaa26a7b19ab65190a76cd32259a3637cc3e2fd;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/libs/CryptHKDF.php b/includes/libs/CryptHKDF.php index 4c86757418..0478a33700 100644 --- a/includes/libs/CryptHKDF.php +++ b/includes/libs/CryptHKDF.php @@ -99,22 +99,14 @@ class CryptHKDF { 'whirlpool' => 64, ]; - /** - * @var CryptRand - */ - private $cryptRand; - /** * @param string $secretKeyMaterial * @param string $algorithm Name of hashing algorithm * @param BagOStuff $cache * @param string|array $context Context to mix into HKDF context - * @param CryptRand $cryptRand * @throws InvalidArgumentException if secret key material is too short */ - public function __construct( $secretKeyMaterial, $algorithm, BagOStuff $cache, $context, - CryptRand $cryptRand - ) { + public function __construct( $secretKeyMaterial, $algorithm, BagOStuff $cache, $context ) { if ( strlen( $secretKeyMaterial ) < 16 ) { throw new InvalidArgumentException( "secret was too short." ); } @@ -122,7 +114,6 @@ class CryptHKDF { $this->algorithm = $algorithm; $this->cache = $cache; $this->context = is_array( $context ) ? $context : [ $context ]; - $this->cryptRand = $cryptRand; // To prevent every call from hitting the same memcache server, pick // from a set of keys to use. mt_rand is only use to pick a random @@ -150,12 +141,12 @@ class CryptHKDF { $lastSalt = $this->cache->get( $this->cacheKey ); if ( $lastSalt === false ) { // If we don't have a previous value to use as our salt, we use - // 16 bytes from CryptRand, which will use a small amount of + // 16 bytes from random_bytes(), which will use a small amount of // entropy from our pool. Note, "XTR may be deterministic or keyed // via an optional “salt value” (i.e., a non-secret random // value)..." - http://eprint.iacr.org/2010/264.pdf. However, we // use a strongly random value since we can. - $lastSalt = $this->cryptRand->generate( 16 ); + $lastSalt = random_bytes( 16 ); } // Get a binary string that is hashLen long $this->salt = hash( $this->algorithm, $lastSalt, true ); @@ -197,11 +188,11 @@ class CryptHKDF { * From http://eprint.iacr.org/2010/264.pdf: * * The scheme HKDF is specifed as: - * HKDF(XTS, SKM, CTXinfo, L) = K(1) || K(2) || ... || K(t) + * HKDF(XTS, SKM, CTXinfo, L) = K(1) || K(2) || ... || K(t) * where the values K(i) are defined as follows: - * PRK = HMAC(XTS, SKM) - * K(1) = HMAC(PRK, CTXinfo || 0); - * K(i+1) = HMAC(PRK, K(i) || CTXinfo || i), 1 <= i < t; + * PRK = HMAC(XTS, SKM) + * K(1) = HMAC(PRK, CTXinfo || 0); + * K(i+1) = HMAC(PRK, K(i) || CTXinfo || i), 1 <= i < t; * where t = [L/k] and the value K(t) is truncated to its first d = L mod k bits; * the counter i is non-wrapping and of a given fixed size, e.g., a single byte. * Note that the length of the HMAC output is the same as its key length and therefore @@ -217,7 +208,7 @@ class CryptHKDF { * @param string $ikm The input keying material * @param string $salt The salt to add to the ikm, to get the prk * @param string $info Optional context (change the output without affecting - * the randomness properties of the output) + * the randomness properties of the output) * @param int $L Number of bytes to return * @return string Cryptographically secure pseudorandom binary string */