'whirlpool' => 64,
];
- /**
- * @var CryptRand
- */
- private $cryptRand;
-
/**
* @param string $secretKeyMaterial
* @param string $algorithm Name of hashing algorithm
* @param BagOStuff $cache
* @param string|array $context Context to mix into HKDF context
- * @param CryptRand $cryptRand
* @throws InvalidArgumentException if secret key material is too short
*/
- public function __construct( $secretKeyMaterial, $algorithm, BagOStuff $cache, $context,
- CryptRand $cryptRand
- ) {
+ public function __construct( $secretKeyMaterial, $algorithm, BagOStuff $cache, $context ) {
if ( strlen( $secretKeyMaterial ) < 16 ) {
throw new InvalidArgumentException( "secret was too short." );
}
$this->algorithm = $algorithm;
$this->cache = $cache;
$this->context = is_array( $context ) ? $context : [ $context ];
- $this->cryptRand = $cryptRand;
// To prevent every call from hitting the same memcache server, pick
// from a set of keys to use. mt_rand is only use to pick a random
$lastSalt = $this->cache->get( $this->cacheKey );
if ( $lastSalt === false ) {
// If we don't have a previous value to use as our salt, we use
- // 16 bytes from CryptRand, which will use a small amount of
+ // 16 bytes from random_bytes(), which will use a small amount of
// entropy from our pool. Note, "XTR may be deterministic or keyed
// via an optional “salt value” (i.e., a non-secret random
// value)..." - http://eprint.iacr.org/2010/264.pdf. However, we
// use a strongly random value since we can.
- $lastSalt = $this->cryptRand->generate( 16 );
+ $lastSalt = random_bytes( 16 );
}
// Get a binary string that is hashLen long
$this->salt = hash( $this->algorithm, $lastSalt, true );