Time attack protection on hmac comparison

This fixes issue 2.7 of https://defuse.ca/audits/zerobin.htm, and thus (with commit a24212afda90ca3e4b4ff5ce30d2012709b58a28) also issue 2.8. (cherry picked from commit 0b4db7ece313dd268e51fc47a0293a649927558a) Conflicts: index.php
2014-02-06 22:52:17 +01:00
parent daf5522b1e
commit 43a439e7d0
6 changed files with 135 additions and 58 deletions
--- a/tst/mcrypt_mock.php
+++ b/tst/mcrypt_mock.php
@@ -0,0 +1,17 @@
+<?php
+
+define('MCRYPT_DEV_URANDOM', 1);
+
+function mcrypt_create_iv($int, $flag)
+{
+    $randomSalt = '';
+    for($i = 0; $i < 16; ++$i) {
+        $randomSalt .= base_convert(mt_rand(), 10, 16);
+    }
+    // hex2bin requires an even length, pad if necessary
+    if (strlen($randomSalt) % 2)
+    {
+        $randomSalt = '0' . $randomSalt;
+    }
+    return hex2bin($randomSalt);
+}