/**
* @covers \Sarciszewski\PHPFuture\Security::pbkdf2()
* ref https://www.ietf.org/rfc/rfc6070.txt
*/
public function testPBKDF2()
{
$a = Future\Security::pbkdf2("sha1", "password", "salt", 2, 20, true);
$this->assertEquals($a, hex2bin('ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957'));
$b = Future\Security::pbkdf2("sha1", "password", "salt", 2, 20, false);
$this->assertEquals($b, 'ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957');
}
/**
* Returns whether this response is valid.
*
* @param SignatureComposer $composer
* @return bool
*/
public function isValid(SignatureComposer $composer)
{
// Constant Time String Comparison @see http://php.net/hash_equals
if (!function_exists('hash_equals')) {
// Polyfill for PHP < 5.6
return Security::hashEquals($composer->compose($this->parameters), $this->signature);
} else {
return hash_equals($composer->compose($this->parameters), $this->signature);
}
}
/**
* From PHP 5.5
*
* @ref https://php.net/openssl_pbkdf2
*
* @param string $password
* @param string $salt
* @param int $iterations
* @param int $length
* @param string $algo
*
* @return string
*/
function openssl_pbkdf2($password, $salt, $length, $iterations, $algo = 'sha1')
{
$key = Future\Security::pbkdf2($algo, $password, $salt, $iterations, $length);
return $key;
}