/trunk/vendor/composer/installed.json |
---|
233,12 → 233,12 |
"source": { |
"type": "git", |
"url": "https://github.com/danielmarschall/php-sha3.git", |
"reference": "130de4c248b0d7b054da980ddc5fc9bcf05b0715" |
"reference": "5605bd539677494558470234266cb5885343e72b" |
}, |
"dist": { |
"type": "zip", |
"url": "https://api.github.com/repos/danielmarschall/php-sha3/zipball/130de4c248b0d7b054da980ddc5fc9bcf05b0715", |
"reference": "130de4c248b0d7b054da980ddc5fc9bcf05b0715", |
"url": "https://api.github.com/repos/danielmarschall/php-sha3/zipball/5605bd539677494558470234266cb5885343e72b", |
"reference": "5605bd539677494558470234266cb5885343e72b", |
"shasum": "" |
}, |
"require": { |
249,7 → 249,7 |
"phpstan/phpstan": "^1.8", |
"phpunit/phpunit": "^4.8" |
}, |
"time": "2022-11-05T00:21:36+00:00", |
"time": "2023-02-28T22:45:45+00:00", |
"default-branch": true, |
"type": "library", |
"installation-source": "dist", |
288,18 → 288,18 |
"source": { |
"type": "git", |
"url": "https://github.com/danielmarschall/php_utils.git", |
"reference": "3bb2754808a886be321f639ffed0283abb8b42fa" |
"reference": "11ea6163db866fcda8bc0a4275626739a1a0d50d" |
}, |
"dist": { |
"type": "zip", |
"url": "https://api.github.com/repos/danielmarschall/php_utils/zipball/3bb2754808a886be321f639ffed0283abb8b42fa", |
"reference": "3bb2754808a886be321f639ffed0283abb8b42fa", |
"url": "https://api.github.com/repos/danielmarschall/php_utils/zipball/11ea6163db866fcda8bc0a4275626739a1a0d50d", |
"reference": "11ea6163db866fcda8bc0a4275626739a1a0d50d", |
"shasum": "" |
}, |
"require": { |
"php": ">=7.0" |
}, |
"time": "2023-02-27T11:58:05+00:00", |
"time": "2023-02-28T22:48:27+00:00", |
"default-branch": true, |
"type": "library", |
"installation-source": "dist", |
/trunk/vendor/composer/installed.php |
---|
62,7 → 62,7 |
'danielmarschall/php-sha3' => array( |
'pretty_version' => 'dev-master', |
'version' => 'dev-master', |
'reference' => '130de4c248b0d7b054da980ddc5fc9bcf05b0715', |
'reference' => '5605bd539677494558470234266cb5885343e72b', |
'type' => 'library', |
'install_path' => __DIR__ . '/../danielmarschall/php-sha3', |
'aliases' => array( |
73,7 → 73,7 |
'danielmarschall/php_utils' => array( |
'pretty_version' => 'dev-master', |
'version' => 'dev-master', |
'reference' => '3bb2754808a886be321f639ffed0283abb8b42fa', |
'reference' => '11ea6163db866fcda8bc0a4275626739a1a0d50d', |
'type' => 'library', |
'install_path' => __DIR__ . '/../danielmarschall/php_utils', |
'aliases' => array( |
/trunk/vendor/danielmarschall/php-sha3/README.md |
---|
28,8 → 28,8 |
Sha3::hash_hmac('', 'key', 512); |
// 7539119b6367aa902bdc6f558d20c906d6acbd4aba3fd344eb08b0200144a1fa453ff6e7919962358be53f6db2a320d1852c52a3dea3e907070775f7a91f1282 |
Sha3::hash_pbkdf2('', 'salt', 100000, 512); |
// 7539119b6367aa902bdc6f558d20c906d6acbd4aba3fd344eb08b0200144a1fa453ff6e7919962358be53f6db2a320d1852c52a3dea3e907070775f7a91f1282 |
Sha3::hash_pbkdf2('', 'salt', 100, 512); |
// 9905ce6f575c61a15fdc4bcf40e798dcdd89c54709cf70f546113ac247ec2e17c15ae50383a20546a243c5f1b775c6ec7a7e1b31eb1b596c5edf8595f6b8f8fb |
Sha3::shake('', 128, 256); |
// 7f9c2ba4e88f827d616045507605853ed73b8093f6efbc88eb1a6eacfa66ef26 |
/trunk/vendor/danielmarschall/php-sha3/src/Sha3.php |
---|
1,5 → 1,32 |
<?php |
/* |
* Pure PHP implementation of SHA-3. |
* Revision 2023-02-28 |
* |
* The MIT License (MIT) |
* Copyright (c) 2015 Bruno Bierbaumer |
* Copyright (c) 2022-2023 Daniel Marschall |
* |
* Permission is hereby granted, free of charge, to any person obtaining a copy |
* of this software and associated documentation files (the "Software"), to deal |
* in the Software without restriction, including without limitation the rights |
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
* copies of the Software, and to permit persons to whom the Software is |
* furnished to do so, subject to the following conditions: |
* |
* The above copyright notice and this permission notice shall be included in all |
* copies or substantial portions of the Software. |
* |
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
* SOFTWARE. |
*/ |
namespace bb\Sha3; |
final class Sha3 |
330,6 → 357,7 |
public static function hash_pbkdf2($password, $salt, $iterations, $mdlen, $length=0, $binary=false) { |
// https://www.php.net/manual/en/function.hash-pbkdf2.php#118301 |
// TODO: This is extremely slow! Can we improve it somehow? |
if (!is_numeric($iterations)) trigger_error(__FUNCTION__ . '(): expects parameter 3 to be long, ' . gettype($iterations) . ' given', E_USER_WARNING); |
if (!is_numeric($length)) trigger_error(__FUNCTION__ . '(): expects parameter 4 to be long, ' . gettype($length) . ' given', E_USER_WARNING); |
/trunk/vendor/danielmarschall/php_utils/vts_crypt.inc.php |
---|
48,7 → 48,7 |
ps = password + salt |
sps = salt + password + salt |
hmac = HMAC (salt is the key) |
pbkdf2 = PBKDF2 (Additional param i= contains the number of iterations) |
pbkdf2 = PBKDF2-HMAC (Additional param i= contains the number of iterations) |
Like most Crypt-hashes, <salt> and <hash> are Radix64 coded |
with alphabet './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' and no padding. |
Link to the online specification: |
175,7 → 175,7 |
} else if ($mode == 'pbkdf2') { |
if (!hash_pbkdf2_supported_natively($algo) && str_starts_with($algo, 'sha3-') && method_exists('\bb\Sha3\Sha3', 'hash_pbkdf2')) { |
if ($iterations == 0) { |
$iterations = 2000; // because userland implementations are much slower, we must choose a small value... |
$iterations = 100; // because the userland implementation is EXTREMELY slow, we must choose a small value, sorry... |
} |
$bits = explode('-',$algo)[1]; |
$bin_hash = \bb\Sha3\Sha3::hash_pbkdf2($str_password, $str_salt, $iterations, $bits, 0, true); |
182,19 → 182,18 |
} else { |
if ($iterations == 0) { |
// Recommendations taken from https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2 |
// I am not sure if these recommendations are correct. They write PBKDF2-HMAC-SHA1... |
// Does this count for us, or does hash_pbkdf2() implement PBKDF2-SHA1 rather than PBKDF2-HMAC-SHA1? |
// Note that hash_pbkdf2() implements PBKDF2-HMAC-* |
if ($algo == 'sha3-512') $iterations = 100000; |
else if ($algo == 'sha3-384') $iterations = 100000; |
else if ($algo == 'sha3-256') $iterations = 100000; |
else if ($algo == 'sha3-224') $iterations = 100000; |
else if ($algo == 'sha512') $iterations = 210000; // value by owasp.org cheatcheat (28.02.2023) |
else if ($algo == 'sha512/256') $iterations = 210000; // value by owasp.org cheatcheat (28.02.2023) |
else if ($algo == 'sha512/224') $iterations = 210000; // value by owasp.org cheatcheat (28.02.2023) |
else if ($algo == 'sha512') $iterations = 210000; // value by owasp.org cheatcheat (28 February 2023) |
else if ($algo == 'sha512/256') $iterations = 210000; // value by owasp.org cheatcheat (28 February 2023) |
else if ($algo == 'sha512/224') $iterations = 210000; // value by owasp.org cheatcheat (28 February 2023) |
else if ($algo == 'sha384') $iterations = 600000; |
else if ($algo == 'sha256') $iterations = 600000; // value by owasp.org cheatcheat (28.02.2023) |
else if ($algo == 'sha256') $iterations = 600000; // value by owasp.org cheatcheat (28 February 2023) |
else if ($algo == 'sha224') $iterations = 600000; |
else if ($algo == 'sha1') $iterations = 1300000; // value by owasp.org cheatcheat (28.02.2023) |
else if ($algo == 'sha1') $iterations = 1300000; // value by owasp.org cheatcheat (28 February 2023) |
else if ($algo == 'md5') $iterations = 5000000; |
else $iterations = 5000; |
} |
/trunk/vendor/licenses |
---|
10,10 → 10,10 |
danielmarschall/fileformats dev-master 880e97b Apache-2.0 |
danielmarschall/oidconverter 9999999-dev 75088eb Apache-2.0 |
danielmarschall/oidconverter dev-master 75088eb Apache-2.0 |
danielmarschall/php-sha3 9999999-dev 130de4c MIT |
danielmarschall/php-sha3 dev-master 130de4c MIT |
danielmarschall/php_utils 9999999-dev 3bb2754 Apache-2.0 |
danielmarschall/php_utils dev-master 3bb2754 Apache-2.0 |
danielmarschall/php-sha3 9999999-dev 5605bd5 MIT |
danielmarschall/php-sha3 dev-master 5605bd5 MIT |
danielmarschall/php_utils 9999999-dev 11ea616 Apache-2.0 |
danielmarschall/php_utils dev-master 11ea616 Apache-2.0 |
danielmarschall/uuid_mac_utils 9999999-dev d0edce1 Apache-2.0 |
danielmarschall/uuid_mac_utils dev-master d0edce1 Apache-2.0 |
danielmarschall/vnag 9999999-dev 839d7dd Apache-2.0 |