Merge pull request #21135 from owncloud/add-polyfill

Add polyfills for PHP55, PHP56 and PHP70 functionalities

3 files changed, 9 insertions, 111 deletions

diff --git a/apps/encryption/lib/crypto/crypt.php b/apps/encryption/lib/crypto/crypt.php
index dbc0364a157..12e9008545a 100644
--- a/apps/encryption/lib/crypto/crypt.php
+++ b/apps/encryption/lib/crypto/crypt.php
@@ -30,7 +30,6 @@ use OC\Encryption\Exceptions\DecryptionFailedException;
 use OC\Encryption\Exceptions\EncryptionFailedException;
 use OCA\Encryption\Exceptions\MultiKeyDecryptException;
 use OCA\Encryption\Exceptions\MultiKeyEncryptException;
-use OCA\Encryption\Vendor\PBKDF2Fallback;
 use OCP\Encryption\Exceptions\GenericEncryptionException;
 use OCP\IConfig;
 use OCP\ILogger;
@@ -293,28 +292,14 @@ class Crypt {
 		$salt = hash('sha256', $uid . $instanceId . $instanceSecret, true);
 		$keySize = $this->getKeySize($cipher);
 
-		if (function_exists('hash_pbkdf2')) {
-			$hash = hash_pbkdf2(
-				'sha256',
-				$password,
-				$salt,
-				100000,
-				$keySize,
-				true
-			);
-		} else {
-			// fallback to 3rdparty lib for PHP <= 5.4.
-			// FIXME: Can be removed as soon as support for PHP 5.4 was dropped
-			$fallback = new PBKDF2Fallback();
-			$hash = $fallback->pbkdf2(
-				'sha256',
-				$password,
-				$salt,
-				100000,
-				$keySize,
-				true
-			);
-		}
+		$hash = hash_pbkdf2(
+			'sha256',
+			$password,
+			$salt,
+			100000,
+			$keySize,
+			true
+		);
 
 		return $hash;
 	}
diff --git a/apps/encryption/vendor/pbkdf2fallback.php b/apps/encryption/vendor/pbkdf2fallback.php
deleted file mode 100644
index ca579f8e7dc..00000000000
--- a/apps/encryption/vendor/pbkdf2fallback.php
+++ /dev/null
@@ -1,87 +0,0 @@
-<?php
-/* Note; This class can be removed as soon as we drop PHP 5.4 support.
- *
- *
- * Password Hashing With PBKDF2 (http://crackstation.net/hashing-security.htm).
- * Copyright (c) 2013, Taylor Hornby
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * 1. Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright notice,
- * this list of conditions and the following disclaimer in the documentation
- * and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-namespace OCA\Encryption\Vendor;
-
-class PBKDF2Fallback {
-
-	/*
-	 * PBKDF2 key derivation function as defined by RSA's PKCS #5: https://www.ietf.org/rfc/rfc2898.txt
-	 * $algorithm - The hash algorithm to use. Recommended: SHA256
-	 * $password - The password.
-	 * $salt - A salt that is unique to the password.
-	 * $count - Iteration count. Higher is better, but slower. Recommended: At least 1000.
-	 * $key_length - The length of the derived key in bytes.
-	 * $raw_output - If true, the key is returned in raw binary format. Hex encoded otherwise.
-	 * Returns: A $key_length-byte key derived from the password and salt.
-	 *
-	 * Test vectors can be found here: https://www.ietf.org/rfc/rfc6070.txt
-	 *
-	 * This implementation of PBKDF2 was originally created by https://defuse.ca
-	 * With improvements by http://www.variations-of-shadow.com
-	 */
-	public function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false) {
-		$algorithm = strtolower($algorithm);
-		if (!in_array($algorithm, hash_algos(), true))
-			trigger_error('PBKDF2 ERROR: Invalid hash algorithm.', E_USER_ERROR);
-		if ($count <= 0 || $key_length <= 0)
-			trigger_error('PBKDF2 ERROR: Invalid parameters.', E_USER_ERROR);
-
-		if (function_exists("hash_pbkdf2")) {
-			// The output length is in NIBBLES (4-bits) if $raw_output is false!
-			if (!$raw_output) {
-				$key_length = $key_length * 2;
-			}
-			return hash_pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output);
-		}
-
-		$hash_length = strlen(hash($algorithm, "", true));
-		$block_count = ceil($key_length / $hash_length);
-
-		$output = "";
-		for ($i = 1; $i <= $block_count; $i++) {
-			// $i encoded as 4 bytes, big endian.
-			$last = $salt . pack("N", $i);
-			// first iteration
-			$last = $xorsum = hash_hmac($algorithm, $last, $password, true);
-			// perform the other $count - 1 iterations
-			for ($j = 1; $j < $count; $j++) {
-				$xorsum ^= ($last = hash_hmac($algorithm, $last, $password, true));
-			}
-			$output .= $xorsum;
-		}
-
-		if ($raw_output)
-			return substr($output, 0, $key_length);
-		else
-			return bin2hex(substr($output, 0, $key_length));
-	}
-}
diff --git a/apps/federation/api/ocsauthapi.php b/apps/federation/api/ocsauthapi.php
index 42d7113820d..d165a0bd22f 100644
--- a/apps/federation/api/ocsauthapi.php
+++ b/apps/federation/api/ocsauthapi.php
@@ -139,7 +139,7 @@ class OCSAuthAPI {
 
 	protected function isValidToken($url, $token) {
 		$storedToken = $this->dbHandler->getToken($url);
-		return StringUtils::equals($storedToken, $token);
+		return hash_equals($storedToken, $token);
 	}
 
 }