From a31fc98b381286f56fc079513a5874d8506153e7 Mon Sep 17 00:00:00 2001 From: Christopher Pitt Date: Wed, 6 May 2015 10:55:10 +1200 Subject: [PATCH] Use hash_* shim --- code/model/Comment.php | 41 +---------------------------------------- composer.json | 1 + 2 files changed, 2 insertions(+), 40 deletions(-) diff --git a/code/model/Comment.php b/code/model/Comment.php index d23d89e..a6d8da1 100755 --- a/code/model/Comment.php +++ b/code/model/Comment.php @@ -798,9 +798,7 @@ class Comment_SecurityToken { * @return string */ protected function getToken($salt) { - return function_exists('hash_pbkdf2') - ? hash_pbkdf2('sha256', $this->secret, $salt, 1000, 30) - : $this->hash_pbkdf2('sha256', $this->secret, $salt, 100, 30); + return hash_pbkdf2('sha256', $this->secret, $salt, 1000, 30); } /** @@ -872,41 +870,4 @@ class Comment_SecurityToken { if($length !== null) return substr($result, 0, $length); return $result; } - - /*----------------------------------------------------------- - * PBKDF2 Implementation (described in RFC 2898) from php.net - *----------------------------------------------------------- - * @param string a hash algorithm - * @param string p password - * @param string s salt - * @param int c iteration count (use 1000 or higher) - * @param int kl derived key length - * @param int st start position of result - * - * @return string derived key - */ - private function hash_pbkdf2($a, $p, $s, $c, $kl, $st = 0) { - - $kb = $st + $kl; // Key blocks to compute - $dk = ''; // Derived key - - // Create key - for($block = 1; $block <= $kb; $block++) { - - // Initial hash for this block - $ib = $h = hash_hmac($a, $s . pack('N', $block), $p, true); - - // Perform block iterations - for($i = 1; $i < $c; $i++) { - // XOR each iterate - $ib ^= ($h = hash_hmac($a, $h, $p, true)); - } - - $dk .= $ib; // Append iterated block - - } - - // Return derived key of correct length - return substr($dk, $st, $kl); - } } diff --git a/composer.json b/composer.json index 100dda9..7c20e8b 100644 --- a/composer.json +++ b/composer.json @@ -8,6 +8,7 @@ "email": "will@fullscreen.io" }], "require": { + "assertchris/hash-compat": "~1.0", "silverstripe/framework": "~3.1", "colymba/gridfield-bulk-editing-tools": "~2.1" },