nextcloud/passman
1
1
Fork 0
mirror of https://github.com/nextcloud/passman.git synced 2025-10-10 21:46:25 +08:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'fix/642/hash_equals'

Browse source
This commit is contained in:
Marcos Zuriaga 2022-05-08 21:47:13 +02:00
commit ad1e4b8d4a
No known key found for this signature in database
GPG key ID: 7D15585354D072FF
1 changed files with 6 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
lib/Service/EncryptService.php
View file

@ -152,16 +152,16 @@ class EncryptService {
list ($cipherKey, $macKey, $iv) = $this->getKeys($salt, $key); list ($cipherKey, $macKey, $iv) = $this->getKeys($salt, $key);
if (!$this->hash_equals(hash_hmac('sha512', $enc, $macKey, true), $mac)) { if (hash_equals(hash_hmac('sha512', $enc, $macKey, true), $mac)) {
return false;
}
$dec = openssl_decrypt($enc, $this->cipher, $cipherKey, true, $iv); $dec = openssl_decrypt($enc, $this->cipher, $cipherKey, true, $iv);
$data = $this->unpad($dec); $data = $this->unpad($dec);
return $data; return $data;
} }
return false;
}
/** /**
* Encrypt the supplied data using the supplied key * Encrypt the supplied data using the supplied key
* *
@ -206,15 +206,6 @@ class EncryptService {
return array($cipherKey, $macKey, $iv); return array($cipherKey, $macKey, $iv);
} }
protected function hash_equals($a, $b) {
if (function_exists('random_bytes')) {
$key = random_bytes(128);
} else {
$key = openssl_random_pseudo_bytes(128);
}
return hash_hmac('sha512', $a, $key) === hash_hmac('sha512', $b, $key);
}
/** /**
* Stretch the key using the PBKDF2 algorithm * Stretch the key using the PBKDF2 algorithm
* *