public function keygen($pass = null) { $uniqueRandonStr = function ($lenght) { $bytes = openssl_random_pseudo_bytes($lenght); return bin2hex($bytes); }; if ($pass == null) { $pass = $uniqueRandonStr(32); } $salt = Rand::getBytes(strlen($pass), true); $key = Pbkdf2::calc('sha256', $pass, $salt, 10000, strlen($pass) * 2); return $key; }
/** * Execute the scrypt algorithm * * @param string $password * @param string $salt * @param integer $n CPU cost * @param integer $r Memory cost * @param integer $p parallelization cost * @param integer $length size of the output key * @return string */ public static function calc($password, $salt, $n, $r, $p, $length) { if ($n == 0 || ($n & $n - 1) != 0) { throw new Exception\InvalidArgumentException("N must be > 0 and a power of 2"); } if ($n > PHP_INT_MAX / 128 / $r) { throw new Exception\InvalidArgumentException("Parameter n is too large"); } if ($r > PHP_INT_MAX / 128 / $p) { throw new Exception\InvalidArgumentException("Parameter r is too large"); } if (extension_loaded('Scrypt')) { if ($length < 16) { throw new Exception\InvalidArgumentException("Key length is too low, must be greater or equal to 16"); } return self::hex2bin(scrypt($password, $salt, $n, $r, $p, $length)); } $b = Pbkdf2::calc('sha256', $password, $salt, 1, $p * 128 * $r); $s = ''; for ($i = 0; $i < $p; $i++) { $s .= self::scryptROMix(substr($b, $i * 128 * $r, 128 * $r), $n, $r); } return Pbkdf2::calc('sha256', $password, $s, 1, $length); }
/** * Decrypt * * @param string $data * @return string|boolean * @throws Exception\InvalidArgumentException */ public function decrypt($data) { if (!is_string($data)) { throw new Exception\InvalidArgumentException('The data to decrypt must be a string'); } if ('' === $data) { throw new Exception\InvalidArgumentException('The data to decrypt cannot be empty'); } if (empty($this->key)) { throw new Exception\InvalidArgumentException('No key specified for the decryption'); } if (empty($this->cipher)) { throw new Exception\InvalidArgumentException('No symmetric cipher specified'); } $hmacSize = Hmac::getOutputSize($this->hash); $hmac = substr($data, 0, $hmacSize); $ciphertext = substr($data, $hmacSize); if (!$this->binaryOutput) { $ciphertext = base64_decode($ciphertext); } $iv = substr($ciphertext, 0, $this->cipher->getSaltSize()); $keySize = $this->cipher->getKeySize(); // generate the encryption key and the HMAC key for the authentication $hash = Pbkdf2::calc(self::KEY_DERIV_HMAC, $this->getKey(), $iv, $this->keyIteration, $keySize * 2); // set the decryption key $this->cipher->setKey(substr($hash, 0, $keySize)); // set the key for HMAC $keyHmac = substr($hash, $keySize); $hmacNew = Hmac::compute($keyHmac, $this->hash, $this->cipher->getAlgorithm() . $ciphertext); if (!Utils::compareStrings($hmacNew, $hmac)) { return false; } return $this->cipher->decrypt($ciphertext); }
public function encriptyPassword($password) { return base64_encode(Pbkdf2::calc('sha256', $password, $this->createSalt(), 10000, strlen($password * 2))); }
/** * @dataProvider provideTestVectors */ public function testRFC670($hash, $password, $salt, $cycles, $length, $expect) { $result = Pbkdf2::calc($hash, $password, $salt, $cycles, $length); $this->assertEquals($expect, bin2hex($result)); }
public function encryptPassword($password) { return base64_encode(Pbkdf2::calc('sha256', $password, $this->salt, 10000, strlen($password * 2))); }
public function encryptPassword($password) { return base64_encode(Pbkdf2::calc('sha256', $password, $this->userSalt, 10000, 120)); }
/** * Decrypt a file * * @param string $fileIn * @param string $fileOut * @param bool $compress * @return bool * @throws Exception\InvalidArgumentException */ public function decrypt($fileIn, $fileOut) { $this->checkFileInOut($fileIn, $fileOut); if (empty($this->key)) { throw new Exception\InvalidArgumentException('No key specified for decryption'); } $read = fopen($fileIn, "r"); $write = fopen($fileOut, "w"); $hmacRead = fread($read, Hmac::getOutputSize($this->getHashAlgorithm())); $iv = fread($read, $this->cipher->getSaltSize()); $tot = filesize($fileIn); $hmac = $iv; $size = mb_strlen($iv, '8bit') + mb_strlen($hmacRead, '8bit'); $keys = Pbkdf2::calc($this->getPbkdf2HashAlgorithm(), $this->getKey(), $iv, $this->getKeyIteration(), $this->cipher->getKeySize() * 2); $padding = $this->cipher->getPadding(); $this->cipher->setPadding(new Symmetric\Padding\NoPadding()); $this->cipher->setKey(mb_substr($keys, 0, $this->cipher->getKeySize(), '8bit')); $this->cipher->setMode('cbc'); $blockSize = $this->cipher->getBlockSize(); $hashAlgo = $this->getHashAlgorithm(); $algorithm = $this->cipher->getAlgorithm(); $saltSize = $this->cipher->getSaltSize(); $keyHmac = mb_substr($keys, $this->cipher->getKeySize(), null, '8bit'); while ($data = fread($read, self::BUFFER_SIZE)) { $size += mb_strlen($data, '8bit'); // Unpadding if last block if ($size + $blockSize >= $tot) { $this->cipher->setPadding($padding); $data .= fread($read, $blockSize); } $result = $this->cipher->decrypt($iv . $data); $hmac = Hmac::compute($keyHmac, $hashAlgo, $algorithm . $hmac . $data); $iv = mb_substr($data, -1 * $saltSize, null, '8bit'); if (fwrite($write, $result) !== mb_strlen($result, '8bit')) { return false; } } fclose($write); fclose($read); // check for data integrity if (!Utils::compareStrings($hmac, $hmacRead)) { unlink($fileOut); return false; } return true; }
public function verify($password, $hash) { $res = ZendPbkdf2::calc($this->hash, $password, $this->salt, $this->iterations, $this->outputSize, $this->rawOutput); return $this->_secureStringCompare($res, $hash); }
public function encryptPassword($password) { //Gera uma criptografia para a senha return base64_encode(Pbkdf2::calc('sha256', $password, $this->salt, 10000, strlen($password * 2))); }
/** * Set a new Account Password * * @author Marco Rieger * @param $password */ public function setPassword($password) { $salt = Rand::getBytes(32, true); $salt = Pbkdf2::calc('sha256', $password, $salt, 100000, 32); $bcryp = new Bcrypt(); $bcryp->setSalt($salt); $this->password = $bcryp->create($password); }
public function testCalcWithWrongHash() { $this->setExpectedException('Zend\Crypt\Key\Derivation\Exception\InvalidArgumentException', 'The hash algorihtm wrong is not supported by Zend\Crypt\Key\Derivation\Pbkdf2'); $password = Pbkdf2::calc('wrong', 'test', $this->salt, 5000, 32); }