Merge pull request #129 from assertchris/use-hash-shim

Use hash_* shim

code/model/Comment.php

@@ -798,9 +798,7 @@ class Comment_SecurityToken {
 	 * @return string
 	 */
 	protected function getToken($salt) {
-		return function_exists('hash_pbkdf2')
+		return hash_pbkdf2('sha256', $this->secret, $salt, 1000, 30);
-			? hash_pbkdf2('sha256', $this->secret, $salt, 1000, 30)
-			: $this->hash_pbkdf2('sha256', $this->secret, $salt, 100, 30);
 	}
 
 	/**
@@ -872,41 +870,4 @@ class Comment_SecurityToken {
 		if($length !== null) return substr($result, 0, $length);
 		return $result;
 	}
-
-	/*-----------------------------------------------------------
-	* PBKDF2 Implementation (described in RFC 2898) from php.net
-	*-----------------------------------------------------------
-	* @param   string  a   hash algorithm
-	* @param   string  p   password
-	* @param   string  s   salt
-	* @param   int     c   iteration count (use 1000 or higher)
-	* @param   int     kl  derived key length
-	* @param   int     st  start position of result
-	*
-	* @return  string  derived key
-	*/
-	private function hash_pbkdf2($a, $p, $s, $c, $kl, $st = 0) {
-
-		$kb = $st + $kl;     // Key blocks to compute
-		$dk = '';          // Derived key
-
-		// Create key
-		for($block = 1; $block <= $kb; $block++) {
-
-			// Initial hash for this block
-			$ib = $h = hash_hmac($a, $s . pack('N', $block), $p, true);
-
-			// Perform block iterations
-			for($i = 1; $i < $c; $i++) {
-				// XOR each iterate
-				$ib ^= ($h = hash_hmac($a, $h, $p, true));
-			}
-
-			$dk .= $ib;   // Append iterated block
-
-		}
-
-		// Return derived key of correct length
-		return substr($dk, $st, $kl);
-	}
 }

composer.json

@@ -8,6 +8,7 @@
 		"email": "will@fullscreen.io"
 	}],
 	"require": {
+		"assertchris/hash-compat": "~1.0",
 		"silverstripe/framework": "~3.1",
 		"colymba/gridfield-bulk-editing-tools": "~2.1"
 	},