/** * Key derivation wth pbkdf2: http://en.wikipedia.org/wiki/PBKDF2 * @param string $key payload * @param string $salt random string from generate_salt * @param string $length result length * @param string $count iterations * @param string $algo hash algorithm to use */ public static function pbkdf2($key, $salt, $length, $count, $algo) { /* requires PHP >= 5.5 */ if (Hm_Functions::function_exists('openssl_pbkdf2')) { return openssl_pbkdf2($key, $salt, $length, $count, $algo); } /* manual version */ $size = strlen(hash($algo, '', true)); $len = ceil($length / $size); $result = ''; for ($i = 1; $i <= $len; $i++) { $tmp = hash_hmac($algo, $salt . pack('N', $i), $key, true); $res = $tmp; for ($j = 1; $j < $count; $j++) { $tmp = hash_hmac($algo, $tmp, $key, true); $res ^= $tmp; } $result .= $res; } return substr($result, 0, $length); }