Use hash with appended "a" of the original password for the authentication
This commit is contained in:
parent
9bb97c714b
commit
3b62459c41
|
@ -475,6 +475,7 @@ class Crypt {
|
|||
* @return string
|
||||
*/
|
||||
private function createSignature($data, $passPhrase) {
|
||||
$passPhrase = hash('sha512', $passPhrase . 'a', true);
|
||||
$signature = hash_hmac('sha256', $data, $passPhrase);
|
||||
return $signature;
|
||||
}
|
||||
|
@ -607,14 +608,14 @@ class Crypt {
|
|||
}
|
||||
|
||||
/**
|
||||
* Generate a cryptographically secure pseudo-random base64 encoded 256-bit
|
||||
* ASCII key, used as file key
|
||||
* Generate a cryptographically secure pseudo-random 256-bit ASCII key, used
|
||||
* as file key
|
||||
*
|
||||
* @return string
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function generateFileKey() {
|
||||
return base64_encode(random_bytes(32));
|
||||
return random_bytes(32);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in New Issue