"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "includes/libs/CryptHKDF.php" between
mediawiki-1.31.1.tar.gz and mediawiki-1.32.0.tar.gz

About: MediaWiki is a wiki engine (the collaborative editing software that runs for e.g. Wikipedia, the free encyclopedia).

CryptHKDF.php  (mediawiki-1.31.1):CryptHKDF.php  (mediawiki-1.32.0)
skipping to change at line 103 skipping to change at line 103
'sha384' => 48, 'sha384' => 48,
'sha512' => 64, 'sha512' => 64,
'ripemd128' => 16, 'ripemd128' => 16,
'ripemd160' => 20, 'ripemd160' => 20,
'ripemd256' => 32, 'ripemd256' => 32,
'ripemd320' => 40, 'ripemd320' => 40,
'whirlpool' => 64, 'whirlpool' => 64,
]; ];
/** /**
* @var CryptRand
*/
private $cryptRand;
/**
* @param string $secretKeyMaterial * @param string $secretKeyMaterial
* @param string $algorithm Name of hashing algorithm * @param string $algorithm Name of hashing algorithm
* @param BagOStuff $cache * @param BagOStuff $cache
* @param string|array $context Context to mix into HKDF context * @param string|array $context Context to mix into HKDF context
* @param CryptRand $cryptRand
* @throws InvalidArgumentException if secret key material is too short * @throws InvalidArgumentException if secret key material is too short
*/ */
public function __construct( $secretKeyMaterial, $algorithm, BagOStuff $c public function __construct( $secretKeyMaterial, $algorithm, BagOStuff $c
ache, $context, ache, $context ) {
CryptRand $cryptRand
) {
if ( strlen( $secretKeyMaterial ) < 16 ) { if ( strlen( $secretKeyMaterial ) < 16 ) {
throw new InvalidArgumentException( "secret was too short ." ); throw new InvalidArgumentException( "secret was too short ." );
} }
$this->skm = $secretKeyMaterial; $this->skm = $secretKeyMaterial;
$this->algorithm = $algorithm; $this->algorithm = $algorithm;
$this->cache = $cache; $this->cache = $cache;
$this->context = is_array( $context ) ? $context : [ $context ]; $this->context = is_array( $context ) ? $context : [ $context ];
$this->cryptRand = $cryptRand;
// To prevent every call from hitting the same memcache server, p ick // To prevent every call from hitting the same memcache server, p ick
// from a set of keys to use. mt_rand is only use to pick a rando m // from a set of keys to use. mt_rand is only use to pick a rando m
// server, and does not affect the security of the process. // server, and does not affect the security of the process.
$this->cacheKey = $cache->makeKey( 'HKDF', mt_rand( 0, 16 ) ); $this->cacheKey = $cache->makeKey( 'HKDF', mt_rand( 0, 16 ) );
} }
/** /**
* Save the last block generated, so the next user will compute a differe nt PRK * Save the last block generated, so the next user will compute a differe nt PRK
* from the same SKM. This should keep things unpredictable even if an at tacker * from the same SKM. This should keep things unpredictable even if an at tacker
skipping to change at line 153 skipping to change at line 144
/** /**
* MW specific salt, cached from last run * MW specific salt, cached from last run
* @return string Binary string * @return string Binary string
*/ */
protected function getSaltUsingCache() { protected function getSaltUsingCache() {
if ( $this->salt == '' ) { if ( $this->salt == '' ) {
$lastSalt = $this->cache->get( $this->cacheKey ); $lastSalt = $this->cache->get( $this->cacheKey );
if ( $lastSalt === false ) { if ( $lastSalt === false ) {
// If we don't have a previous value to use as ou r salt, we use // If we don't have a previous value to use as ou r salt, we use
// 16 bytes from CryptRand, which will use a smal l amount of // 16 bytes from random_bytes(), which will use a small amount of
// entropy from our pool. Note, "XTR may be deter ministic or keyed // entropy from our pool. Note, "XTR may be deter ministic or keyed
// via an optional “salt value” (i.e., a non-sec ret random // via an optional “salt value” (i.e., a non-sec ret random
// value)..." - http://eprint.iacr.org/2010/264.p df. However, we // value)..." - http://eprint.iacr.org/2010/264.p df. However, we
// use a strongly random value since we can. // use a strongly random value since we can.
$lastSalt = $this->cryptRand->generate( 16 ); $lastSalt = random_bytes( 16 );
} }
// Get a binary string that is hashLen long // Get a binary string that is hashLen long
$this->salt = hash( $this->algorithm, $lastSalt, true ); $this->salt = hash( $this->algorithm, $lastSalt, true );
} }
return $this->salt; return $this->salt;
} }
/** /**
* Produce $bytes of secure random data. As a side-effect, * Produce $bytes of secure random data. As a side-effect,
* $this->lastK is set to the last hashLen block of key material. * $this->lastK is set to the last hashLen block of key material.
skipping to change at line 220 skipping to change at line 211
* XTS is the "extractor salt" * XTS is the "extractor salt"
* SKM is the "secret keying material" * SKM is the "secret keying material"
* *
* N.B. http://eprint.iacr.org/2010/264.pdf seems to differ from RFC 5869 in that the test * N.B. http://eprint.iacr.org/2010/264.pdf seems to differ from RFC 5869 in that the test
* vectors from RFC 5869 only work if K(0) = '' and K(1) = HMAC(PRK, K(0) || CTXinfo || 1) * vectors from RFC 5869 only work if K(0) = '' and K(1) = HMAC(PRK, K(0) || CTXinfo || 1)
* *
* @param string $hash The hashing function to use (e.g., sha256) * @param string $hash The hashing function to use (e.g., sha256)
* @param string $ikm The input keying material * @param string $ikm The input keying material
* @param string $salt The salt to add to the ikm, to get the prk * @param string $salt The salt to add to the ikm, to get the prk
* @param string $info Optional context (change the output without affect ing * @param string $info Optional context (change the output without affect ing
* the randomness properties of the output) * the randomness properties of the output)
* @param int $L Number of bytes to return * @param int $L Number of bytes to return
* @return string Cryptographically secure pseudorandom binary string * @return string Cryptographically secure pseudorandom binary string
*/ */
public static function HKDF( $hash, $ikm, $salt, $info, $L ) { public static function HKDF( $hash, $ikm, $salt, $info, $L ) {
$prk = self::HKDFExtract( $hash, $salt, $ikm ); $prk = self::HKDFExtract( $hash, $salt, $ikm );
$okm = self::HKDFExpand( $hash, $prk, $info, $L ); $okm = self::HKDFExpand( $hash, $prk, $info, $L );
return $okm; return $okm;
} }
/** /**
 End of changes. 7 change blocks. 
14 lines changed or deleted 5 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)