View GitHub Repository dcrypt

Schedule Inspection
Subscribe
Completed
Pull Request — master (#15)
by Michael
06:49
created
Status
Category
Toggle Patches
src/OpensslBridge.php 1 patch
Spacing   +5 added lines, -5 removed lines patch added patch discarded remove patch 
@@ -57,7 +57,7 @@  discard block
 
 block discarded – undo
57 57 
         $cost = \unpack('N', $itr ^ \hash_hmac(static::CHKSUM, $ivr, $pass, true))[1];
58 58
59 59 
         // Calculate verification checksum
60 
-        $chk = \hash_hmac(static::CHKSUM, ($msg . $itr . $ivr), $pass, true);
60 
+        $chk = \hash_hmac(static::CHKSUM, ($msg.$itr.$ivr), $pass, true);
61 61
62 62 
         // Verify HMAC before decrypting
63 63 
         if (!Str::equal($chk, $sum)) {
 
@@ -65,7 +65,7 @@  discard block
 
 block discarded – undo
65 65 
         }
66 66
67 67 
         // Derive key from password
68 
-        $key = \hash_pbkdf2(static::CHKSUM, ($pass . static::CIPHER), $ivr, $cost, 0, true);
68 
+        $key = \hash_pbkdf2(static::CHKSUM, ($pass.static::CIPHER), $ivr, $cost, 0, true);
69 69
70 70 
         // Decrypt message and return
71 71 
         return OpensslWrapper::decrypt($msg, static::CIPHER, $key, $ivr);
 
@@ -86,7 +86,7 @@  discard block
 
 block discarded – undo
86 86
87 87 
         // Derive key from password with hash_pbkdf2 function.
88 88 
         // Append CIPHER to password beforehand so that cross-method decryptions will fail at checksum step
89 
-        $key = \hash_pbkdf2(static::CHKSUM, ($pass . static::CIPHER), $ivr, $cost, 0, true);
89 
+        $key = \hash_pbkdf2(static::CHKSUM, ($pass.static::CIPHER), $ivr, $cost, 0, true);
90 90
91 91 
         // Encrypt the plaintext data
92 92 
         $msg = OpensslWrapper::encrypt($data, static::CIPHER, $key, $ivr);
 
@@ -95,9 +95,9 @@  discard block
 
 block discarded – undo
95 95 
         $itr = \pack('N', $cost) ^ \hash_hmac(static::CHKSUM, $ivr, $pass, true);
96 96
97 97 
         // Generate the ciphertext checksum to prevent bit tampering
98 
-        $chk = \hash_hmac(static::CHKSUM, ($msg . $itr . $ivr), $pass, true);
98 
+        $chk = \hash_hmac(static::CHKSUM, ($msg.$itr.$ivr), $pass, true);
99 99
100 100 
         // Return iv + checksum + iterations + cyphertext
101 
-        return $ivr . $chk . $itr . $msg;
101 
+        return $ivr.$chk.$itr.$msg;
102 102 
     }
103 103 
 }
Please login to merge, or discard this patch.
src/Hash.php 1 patch
Spacing   +3 added lines, -3 removed lines patch added patch discarded remove patch 
@@ -67,7 +67,7 @@  discard block
 
 block discarded – undo
67 67 
         $chsh = self::costHash($cost, $pass);
68 68
69 69 
         // Return the salt + cost + hmac as a single string
70 
-        return $salt . $chsh . $cost . $hash;
70 
+        return $salt.$chsh.$cost.$hash;
71 71 
     }
72 72
73 73 
     /**
 
@@ -84,7 +84,7 @@  discard block
 
 block discarded – undo
84 84 
         $packed = pack('N', $cost);
85 85
86 86 
         // Encrypt the string with the Otp stream cipher
87 
-        return Otp::crypt($packed, ($pass . $salt), self::ALGO);
87 
+        return Otp::crypt($packed, ($pass.$salt), self::ALGO);
88 88 
     }
89 89
90 90 
     /**
 
@@ -98,7 +98,7 @@  discard block
 
 block discarded – undo
98 98 
     private static function costDecrypt(string $pack, string $salt, string $pass): int
99 99 
     {
100 100 
         // Decrypt the cost value stored in the 32bit int
101 
-        $pack = Otp::crypt($pack, ($pass . $salt), self::ALGO);
101 
+        $pack = Otp::crypt($pack, ($pass.$salt), self::ALGO);
102 102
103 103 
         // Unpack the value back to an integer and return to caller
104 104 
         return unpack('N', $pack)[1];
Please login to merge, or discard this patch.