/**
* @dataProvider providerRfc5869
*/
public function testRfc5869($hash, $ikm, $salt, $info, $L, $prk, $okm)
{
$ikm = pack('H*', $ikm);
$salt = pack('H*', $salt);
$info = pack('H*', $info);
$okm = pack('H*', $okm);
$result = MWCryptHKDF::HKDF($hash, $ikm, $salt, $info, $L);
$this->assertEquals($okm, $result);
}
/**
* Return a singleton instance, based on the global configs.
* @return HKDF
*/
protected static function singleton()
{
global $wgHKDFAlgorithm, $wgHKDFSecret, $wgSecretKey;
$secret = $wgHKDFSecret ?: $wgSecretKey;
if (!$secret) {
throw new MWException("Cannot use MWCryptHKDF without a secret.");
}
// In HKDF, the context can be known to the attacker, but this will
// keep simultaneous runs from producing the same output.
$context = array();
$context[] = microtime();
$context[] = getmypid();
$context[] = gethostname();
// Setup salt cache. Use APC, or fallback to the main cache if it isn't setup
try {
$cache = ObjectCache::newAccelerator(array());
} catch (Exception $e) {
$cache = wfGetMainCache();
}
if (is_null(self::$singleton)) {
self::$singleton = new self($secret, $wgHKDFAlgorithm, $cache, $context);
}
return self::$singleton;
}
/**
* Return a singleton instance, based on the global configs.
* @return HKDF
* @throws MWException
*/
protected static function singleton()
{
global $wgHKDFAlgorithm, $wgHKDFSecret, $wgSecretKey, $wgMainCacheType;
$secret = $wgHKDFSecret ?: $wgSecretKey;
if (!$secret) {
throw new MWException("Cannot use MWCryptHKDF without a secret.");
}
// In HKDF, the context can be known to the attacker, but this will
// keep simultaneous runs from producing the same output.
$context = [];
$context[] = microtime();
$context[] = getmypid();
$context[] = gethostname();
// Setup salt cache. Use APC, or fallback to the main cache if it isn't setup
$cache = ObjectCache::getLocalServerInstance($wgMainCacheType);
if (is_null(self::$singleton)) {
self::$singleton = new self($secret, $wgHKDFAlgorithm, $cache, $context);
}
return self::$singleton;
}
