mmeyer2k /
dcrypt
@@ -41,7 +41,7 @@ |
||
| 41 | 41 | $pad = self::paddingString(Str::strlen($input), $blocksize); |
| 42 | 42 | |
| 43 | 43 | // Return input + padding |
| 44 | - return $input . $pad; |
|
| 44 | + return $input.$pad; |
|
| 45 | 45 | } |
| 46 | 46 | |
| 47 | 47 | /** |
@@ -67,7 +67,7 @@ discard block |
||
| 67 | 67 | $chsh = self::costHash($cost, $pass); |
| 68 | 68 | |
| 69 | 69 | // Return the salt + cost + hmac as a single string |
| 70 | - return $salt . $chsh . $cost . $hash; |
|
| 70 | + return $salt.$chsh.$cost.$hash; |
|
| 71 | 71 | } |
| 72 | 72 | |
| 73 | 73 | /** |
@@ -84,7 +84,7 @@ discard block |
||
| 84 | 84 | $packed = pack('N', $cost); |
| 85 | 85 | |
| 86 | 86 | // Encrypt the string with the Otp stream cipher |
| 87 | - return Otp::crypt($packed, ($pass . $salt), self::ALGO); |
|
| 87 | + return Otp::crypt($packed, ($pass.$salt), self::ALGO); |
|
| 88 | 88 | } |
| 89 | 89 | |
| 90 | 90 | /** |
@@ -98,7 +98,7 @@ discard block |
||
| 98 | 98 | private static function costDecrypt(string $pack, string $salt, string $pass): int |
| 99 | 99 | { |
| 100 | 100 | // Decrypt the cost value stored in the 32bit int |
| 101 | - $pack = Otp::crypt($pack, ($pass . $salt), self::ALGO); |
|
| 101 | + $pack = Otp::crypt($pack, ($pass.$salt), self::ALGO); |
|
| 102 | 102 | |
| 103 | 103 | // Unpack the value back to an integer and return to caller |
| 104 | 104 | return unpack('N', $pack)[1]; |
@@ -48,8 +48,8 @@ |
||
| 48 | 48 | // We hash the 2 inputs at this point because hash_equals is still |
| 49 | 49 | // vulnerable to timing attacks when the inputs have different sizes. |
| 50 | 50 | // Inputs are also cast to string like in symfony stringutils. |
| 51 | - $known = \hash_hmac('sha256', (string)$known, $nonce, true); |
|
| 52 | - $given = \hash_hmac('sha256', (string)$given, $nonce, true); |
|
| 51 | + $known = \hash_hmac('sha256', (string) $known, $nonce, true); |
|
| 52 | + $given = \hash_hmac('sha256', (string) $given, $nonce, true); |
|
| 53 | 53 | |
| 54 | 54 | return \hash_equals($known, $given); |
| 55 | 55 | } |
@@ -14,8 +14,8 @@ |
||
| 14 | 14 | |
| 15 | 15 | namespace Dcrypt; |
| 16 | 16 | |
| 17 | -class Rot128 |
|
| 18 | -{
|
|
| 17 | +class Rot128 |
|
| 18 | +{ |
|
| 19 | 19 | /** |
| 20 | 20 | * Rot-128 encode a binary string with strtr. |
| 21 | 21 | * |
@@ -43,7 +43,7 @@ discard block |
||
| 43 | 43 | $msg = Str::substr($data, $isz + $hsz + $tsz + 4); |
| 44 | 44 | |
| 45 | 45 | // Calculate verification checksum |
| 46 | - $chk = \hash_hmac($algo, ($msg . $itr . $ivr), $pass, true); |
|
| 46 | + $chk = \hash_hmac($algo, ($msg.$itr.$ivr), $pass, true); |
|
| 47 | 47 | |
| 48 | 48 | // Verify HMAC before decrypting |
| 49 | 49 | if (!Str::equal($chk, $sum)) { |
@@ -54,7 +54,7 @@ discard block |
||
| 54 | 54 | $cost = \unpack('N', $itr ^ \hash_hmac($algo, $ivr, $pass, true))[1]; |
| 55 | 55 | |
| 56 | 56 | // Derive key from password using pbkdf2 |
| 57 | - $key = \hash_pbkdf2($algo, ($pass . $cipher), $ivr, $cost, 0, true); |
|
| 57 | + $key = \hash_pbkdf2($algo, ($pass.$cipher), $ivr, $cost, 0, true); |
|
| 58 | 58 | |
| 59 | 59 | // Decrypt message and return |
| 60 | 60 | return parent::openssl_decrypt($msg, $cipher, $key, $ivr, $tag); |
@@ -67,7 +67,7 @@ discard block |
||
| 67 | 67 | |
| 68 | 68 | // Derive key from password with hash_pbkdf2 function. |
| 69 | 69 | // Append CIPHER to password beforehand so that cross-method decryptions will fail at checksum step |
| 70 | - $key = \hash_pbkdf2($algo, ($pass . $cipher), $ivr, $cost, 0, true); |
|
| 70 | + $key = \hash_pbkdf2($algo, ($pass.$cipher), $ivr, $cost, 0, true); |
|
| 71 | 71 | |
| 72 | 72 | // Create a placeholder for the authentication tag to be passed by reference |
| 73 | 73 | $tag = ''; |
@@ -79,9 +79,9 @@ discard block |
||
| 79 | 79 | $itr = \pack('N', $cost) ^ \hash_hmac($algo, $ivr, $pass, true); |
| 80 | 80 | |
| 81 | 81 | // Generate the ciphertext checksum to prevent bit tampering |
| 82 | - $chk = \hash_hmac($algo, ($msg . $itr . $ivr), $pass, true); |
|
| 82 | + $chk = \hash_hmac($algo, ($msg.$itr.$ivr), $pass, true); |
|
| 83 | 83 | |
| 84 | 84 | // Return iv + checksum + iterations + cyphertext + tag |
| 85 | - return $ivr . $chk . $tag . $itr . $msg; |
|
| 85 | + return $ivr.$chk.$tag.$itr.$msg; |
|
| 86 | 86 | } |
| 87 | 87 | } |
@@ -42,7 +42,7 @@ |
||
| 42 | 42 | $length = Str::strlen($input); |
| 43 | 43 | |
| 44 | 44 | foreach ($chunks as $i => &$chunk) { |
| 45 | - $chunk = $chunk ^ \hash_hmac($algo, $password . $length, (string)$i, true); |
|
| 45 | + $chunk = $chunk ^ \hash_hmac($algo, $password.$length, (string) $i, true); |
|
| 46 | 46 | } |
| 47 | 47 | |
| 48 | 48 | return \implode($chunks); |
@@ -1,6 +1,6 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -require __DIR__ . '/../vendor/autoload.php'; |
|
| 3 | +require __DIR__.'/../vendor/autoload.php'; |
|
| 4 | 4 | |
| 5 | 5 | foreach (hash_algos() as $algo) { |
| 6 | 6 | foreach (openssl_get_cipher_methods() as $meth) { |
