getOption('salt', $options, false); if (is_string($salt) && strlen($salt) > 0) { $iterations = (integer) $this->getOption('iterations', $options, 1000); $derivedKeyLength = (integer) $this->getOption('derived_key_length', $options, 32); $algorithm = $this->getOption('algorithm', $options, 'sha256'); $hashLength = strlen(hash($algorithm, null, true)); $keyBlocks = ceil($derivedKeyLength / $hashLength); $derivedKey = ''; for ($block = 1; $block <= $keyBlocks; $block++) { $hashBlock = $hb = hash_hmac($algorithm, $salt . pack('N', $block), $string, true); for ($blockIteration = 1; $blockIteration < $iterations; $blockIteration++) { $hashBlock ^= ($hb = hash_hmac($algorithm, $hb, $string, true)); } $derivedKey .= $hashBlock; } $derivedKey = substr($derivedKey, 0, $derivedKeyLength); if (!$this->getOption('raw_output', $options, false)) { $derivedKey = base64_encode($derivedKey); } } else { $this->host->modx->log(modX::LOG_LEVEL_ERROR, "PBKDF2 requires a valid salt string.", '', __METHOD__, __FILE__, __LINE__); } return $derivedKey; } }