X-Git-Url: http://git.cyclocoop.org/%7B%24www_url%7Dadmin/compta/exercices/modifier.php?a=blobdiff_plain;f=includes%2FServiceWiring.php;h=a071ff719c6a5e78d419bd6faddb6676f65ce7db;hb=f73a68e15cab42ad2e2772b0eea51d75b44ba321;hp=49183e5705818a46f34cf2f76b48473a5f893973;hpb=0d87d67d61520d34064f2eaae0f20b8ef11d4c59;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/ServiceWiring.php b/includes/ServiceWiring.php
index 49183e5705..a071ff719c 100644
--- a/includes/ServiceWiring.php
+++ b/includes/ServiceWiring.php
@@ -184,6 +184,29 @@ return [
 		);
 	},
 
+	'CryptHKDF' => function( MediaWikiServices $services ) {
+		$config = $services->getMainConfig();
+
+		$secret = $config->get( 'HKDFSecret' ) ?: $config->get( 'SecretKey' );
+		if ( !$secret ) {
+			throw new RuntimeException( "Cannot use MWCryptHKDF without a secret." );
+		}
+
+		// In HKDF, the context can be known to the attacker, but this will
+		// keep simultaneous runs from producing the same output.
+		$context = [ microtime(), getmypid(), gethostname() ];
+
+		// Setup salt cache. Use APC, or fallback to the main cache if it isn't setup
+		$cache = $services->getLocalServerObjectCache();
+		if ( $cache instanceof EmptyBagOStuff ) {
+			$cache = ObjectCache::getLocalClusterInstance();
+		}
+
+		return new CryptHKDF( $secret, $config->get( 'HKDFAlgorithm' ),
+			$cache, $context, $services->getCryptRand()
+		);
+	},
+
 	'MediaHandlerFactory' => function( MediaWikiServices $services ) {
 		return new MediaHandlerFactory(
 			$services->getMainConfig()->get( 'MediaHandlers' )