| 185,6 → 185,7 |
|---|
| $bin_hash = hash_hmac_ex($algo, $str_password, $bin_hash.$i, true); |
| } |
| } else if ($mode == PASSWORD_VTS_MCF1_MODE_PBKDF2) { |
| // Note: If $iterations=0, then hash_pbkdf2_ex() will correct it to the best value depending on $algo, see _vts_password_default_iterations(). |
| $bin_hash = hash_pbkdf2_ex($algo, $str_password, $str_salt, $iterations, 0, true); |
| } else { |
| throw new Exception("Invalid VTS crypt version 1 mode. Expect sp, ps, sps, hmac, or pbkdf2."); |
| 266,7 → 267,7 |
|---|
| // OID_MCF_VTS_V1 |
| $mcf = crypt_modular_format_decode($hash); |
| |
| //$options['salt_length'] = strlen($mcf['salt']); // Note: salt_length is not a MCF option! It's just a hint for vts_password_hash() |
| //$options['salt_length'] = strlen($mcf['salt']); // Note: salt_length is not an MCF option! It's just a hint for vts_password_hash() |
| |
| if (!isset($mcf['params']['a'])) throw new Exception('Param "a" (algo) missing'); |
| $options['algo'] = $mcf['params']['a']; |
| 405,7 → 406,7 |
|---|
| $algo = $options['algo']; |
| $mode = $options['mode']; |
| $iterations = $options['iterations']; |
| $salt_len = isset($options['salt_length']) ? $options['salt_length'] : 50; // Note: salt_length is not a MCF option! It's just a hint for vts_password_hash() |
| $salt_len = isset($options['salt_length']) ? $options['salt_length'] : 32; // Note: salt_length is not an MCF option! It's just a hint for vts_password_hash() |
| $salt = random_bytes_ex($salt_len, true, true); |
| return vts_crypt_hash($algo, $password, $salt, $ver, $mode, $iterations); |
| } else { |