mmeyer2k /
dcrypt
@@ -41,7 +41,7 @@ |
||
| 41 | 41 | $pad = self::paddingString(Str::strlen($input), $blocksize); |
| 42 | 42 | |
| 43 | 43 | // Return input + padding |
| 44 | - return $input . $pad; |
|
| 44 | + return $input.$pad; |
|
| 45 | 45 | } |
| 46 | 46 | |
| 47 | 47 | /** |
@@ -53,7 +53,7 @@ |
||
| 53 | 53 | $length = Str::strlen($input); |
| 54 | 54 | |
| 55 | 55 | foreach ($chunks as $i => &$chunk) { |
| 56 | - $chunk = $chunk ^ \hash_hmac($algo, $password . $length, $i, true); |
|
| 56 | + $chunk = $chunk ^ \hash_hmac($algo, $password.$length, $i, true); |
|
| 57 | 57 | } |
| 58 | 58 | |
| 59 | 59 | return \implode($chunks); |
@@ -67,7 +67,7 @@ discard block |
||
| 67 | 67 | $chsh = self::costHash($cost, $pass); |
| 68 | 68 | |
| 69 | 69 | // Return the salt + cost + hmac as a single string |
| 70 | - return $salt . $chsh . $cost . $hash; |
|
| 70 | + return $salt.$chsh.$cost.$hash; |
|
| 71 | 71 | } |
| 72 | 72 | |
| 73 | 73 | /** |
@@ -84,7 +84,7 @@ discard block |
||
| 84 | 84 | $packed = pack('N', $cost); |
| 85 | 85 | |
| 86 | 86 | // Encrypt the string with the Otp stream cipher |
| 87 | - return Otp::crypt($packed, ($pass . $salt), self::ALGO); |
|
| 87 | + return Otp::crypt($packed, ($pass.$salt), self::ALGO); |
|
| 88 | 88 | } |
| 89 | 89 | |
| 90 | 90 | /** |
@@ -98,7 +98,7 @@ discard block |
||
| 98 | 98 | private static function costDecrypt(string $pack, string $salt, string $pass): int |
| 99 | 99 | { |
| 100 | 100 | // Decrypt the cost value stored in the 32bit int |
| 101 | - $pack = Otp::crypt($pack, ($pass . $salt), self::ALGO); |
|
| 101 | + $pack = Otp::crypt($pack, ($pass.$salt), self::ALGO); |
|
| 102 | 102 | |
| 103 | 103 | // Unpack the value back to an integer and return to caller |
| 104 | 104 | return unpack('N', $pack)[1]; |
@@ -1,6 +1,6 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -require __DIR__ . '/vendor/autoload.php'; |
|
| 3 | +require __DIR__.'/vendor/autoload.php'; |
|
| 4 | 4 | |
| 5 | 5 | foreach (hash_algos() as $algo) { |
| 6 | 6 | foreach (openssl_get_cipher_methods() as $meth) { |
@@ -1,4 +1,4 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -require __DIR__ . '/vendor/autoload.php'; |
|
| 4 | -require __DIR__ . '/tests/AesBase.php'; |
|
| 3 | +require __DIR__.'/vendor/autoload.php'; |
|
| 4 | +require __DIR__.'/tests/AesBase.php'; |
|
@@ -48,8 +48,8 @@ |
||
| 48 | 48 | // We hash the 2 inputs at this point because hash_equals is still |
| 49 | 49 | // vulnerable to timing attacks when the inputs have different sizes. |
| 50 | 50 | // Inputs are also cast to string like in symfony stringutils. |
| 51 | - $known = \hash_hmac('sha256', (string)$known, $nonce, true); |
|
| 52 | - $given = \hash_hmac('sha256', (string)$given, $nonce, true); |
|
| 51 | + $known = \hash_hmac('sha256', (string) $known, $nonce, true); |
|
| 52 | + $given = \hash_hmac('sha256', (string) $given, $nonce, true); |
|
| 53 | 53 | |
| 54 | 54 | return \hash_equals($known, $given); |
| 55 | 55 | } |
@@ -44,7 +44,7 @@ discard block |
||
| 44 | 44 | $msg = Str::substr($data, $isz + $hsz + $tsz + 4); |
| 45 | 45 | |
| 46 | 46 | // Calculate verification checksum |
| 47 | - $chk = \hash_hmac($algo, ($msg . $itr . $ivr), $pass, true); |
|
| 47 | + $chk = \hash_hmac($algo, ($msg.$itr.$ivr), $pass, true); |
|
| 48 | 48 | |
| 49 | 49 | // Verify HMAC before decrypting |
| 50 | 50 | if (!Str::equal($chk, $sum)) { |
@@ -55,7 +55,7 @@ discard block |
||
| 55 | 55 | $cost = \unpack('N', $itr ^ \hash_hmac($algo, $ivr, $pass, true))[1]; |
| 56 | 56 | |
| 57 | 57 | // Derive key from password |
| 58 | - $key = \hash_pbkdf2($algo, ($pass . $cipher), $ivr, $cost, 0, true); |
|
| 58 | + $key = \hash_pbkdf2($algo, ($pass.$cipher), $ivr, $cost, 0, true); |
|
| 59 | 59 | |
| 60 | 60 | // Decrypt message and return |
| 61 | 61 | return parent::openssl_decrypt($msg, $cipher, $key, $ivr, $tag); |
@@ -68,7 +68,7 @@ discard block |
||
| 68 | 68 | |
| 69 | 69 | // Derive key from password with hash_pbkdf2 function. |
| 70 | 70 | // Append CIPHER to password beforehand so that cross-method decryptions will fail at checksum step |
| 71 | - $key = \hash_pbkdf2($algo, ($pass . $cipher), $ivr, $cost, 0, true); |
|
| 71 | + $key = \hash_pbkdf2($algo, ($pass.$cipher), $ivr, $cost, 0, true); |
|
| 72 | 72 | |
| 73 | 73 | // Create a placeholder for the authentication tag to be passed by reference |
| 74 | 74 | $tag = ''; |
@@ -80,9 +80,9 @@ discard block |
||
| 80 | 80 | $itr = \pack('N', $cost) ^ \hash_hmac($algo, $ivr, $pass, true); |
| 81 | 81 | |
| 82 | 82 | // Generate the ciphertext checksum to prevent bit tampering |
| 83 | - $chk = \hash_hmac($algo, ($msg . $itr . $ivr), $pass, true); |
|
| 83 | + $chk = \hash_hmac($algo, ($msg.$itr.$ivr), $pass, true); |
|
| 84 | 84 | |
| 85 | 85 | // Return iv + checksum + iterations + cyphertext + tag |
| 86 | - return $ivr . $chk . $tag . $itr . $msg; |
|
| 86 | + return $ivr.$chk.$tag.$itr.$msg; |
|
| 87 | 87 | } |
| 88 | 88 | } |
