Hi!

Please I need help installing this extension. I'm using php 7.4 and when I run

pecl install scrypt

I get the following message:

No releases available for package "pecl.php.net/scrypt"

Any ideas on what could be wrong? I tried following the steps for installation with Visual Studio 2008 however I think it fails because I'm trying to run it inside Visual Studio 2017.

Hi,

I've encountered some issues with the salt being displayed in binary form. To be uniform with other hash functions, I think it would be better to use a hex output.

#7 <- view here

The author of the pull request did not understand the problem of pseudo-random values in cryptogaphy. He is right, that functions based on mt_rand should not be used for cryptographic values, but he misses, that the salt is no cryptographic value.

As the salt is saved to the database. It is not necessary secret and so the security concerns about mt_rand does not apply here – pseudo-random values do not reduce the security in this case. The main demand on the salt is the uniqueness. The pull request adds an unnecessary layer and depency on the code. A missing openssl library might lead to unnecessary error messages. For installations with openssl it reduces the keyspace of the salt which reduces the uniqueness and is there for not useful to contra-productive.

It should be reverted.

The php-scrypt installer says to run "make test" which says the test failed. Report below. System details for my laptop below that. Any ideas how to fix this? Thanks, Joel

make test

Build complete.
Don't forget to run 'make test'.

PHP : /usr/bin/php
PHP_SAPI : cli
PHP_VERSION : 5.3.10-1ubuntu3.5
ZEND_VERSION: 2.3.0
PHP_OS : Linux - Linux joel-thinkpad-t520 3.2.0-35-generic #55-Ubuntu SMP Wed Dec 5 17:42:16 UTC 2012 x86_64
INI actual : /opt/php-scrypt/tmp-php.ini
More .INIs :
CWD : /opt/php-scrypt
Extra dirs :

VALGRIND : Not used

TIME START 2013-01-30 01:39:41

FAIL Test that the scrypt_pickparams() functions works. [tests/params.phpt]

PASS Test scrypt KDF using test vectors. [tests/vectors.phpt]

TIME END 2013-01-30 01:39:45

TEST RESULT SUMMARY

Exts skipped : 0

Exts tested : 45

Number of tests : 2 2
Tests skipped : 0 ( 0.0%) --------
Tests warned : 0 ( 0.0%) ( 0.0%)
Tests failed : 1 ( 50.0%) ( 50.0%)
Expected fail : 0 ( 0.0%) ( 0.0%)

Tests passed : 1 ( 50.0%) ( 50.0%)

Time taken : 4 seconds

FAILED TEST SUMMARY

Test that the scrypt_pickparams() functions works. [tests/params.phpt]

You may have found a problem in PHP.
This report can be automatically sent to the PHP QA team at
http://qa.php.net/reports and http://news.php.net/php.qa.reports
This gives us a better understanding of PHP's behavior.
If you don't want to send the report immediately you can choose
option "s" to save it. You can then email it to [email protected] later.
Do you want to send this report now? [Yns]:

Please enter your email address.
(Your address will be mangled so that it will not go out on any
mailinglist in plain text): [email protected]

Posting to http://qa.php.net/buildtest-process.php

Thank you for helping to make PHP better.

linux-version-info

uname -a
Linux joel-thinkpad-t520 3.2.0-35-generic #55-Ubuntu SMP Wed Dec 5 17:42:16 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

cat /proc/version
Linux version 3.2.0-35-generic (buildd@allspice) (gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) ) #55-Ubuntu SMP Wed Dec 5 17:42:16 UTC 2012

cat /etc/issue.net
Ubuntu 12.04.1 LTS

lsb_release -a
LSB Version: core-2.0-amd64:core-2.0-noarch:core-3.0-amd64:core-3.0-noarch:core-3.1-amd64:core-3.1-noarch:core-3.2-amd64:core-3.2-noarch:core-4.0-amd64:core-4.0-noarch:cxx-3.0-amd64:cxx-3.0-noarch:cxx-3.1-amd64:cxx-3.1-noarch:cxx-3.2-amd64:cxx-3.2-noarch:cxx-4.0-amd64:cxx-4.0-noarch:desktop-3.1-amd64:desktop-3.1-noarch:desktop-3.2-amd64:desktop-3.2-noarch:desktop-4.0-amd64:desktop-4.0-noarch:graphics-2.0-amd64:graphics-2.0-noarch:graphics-3.0-amd64:graphics-3.0-noarch:graphics-3.1-amd64:graphics-3.1-noarch:graphics-3.2-amd64:graphics-3.2-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-3.2-amd64:printing-3.2-noarch:printing-4.0-amd64:printing-4.0-noarch:qt4-3.1-amd64:qt4-3.1-noarch
Distributor ID: Ubuntu
Description: Ubuntu 12.04.1 LTS
Release: 12.04
Codename: precise

just a question:
pecl is annoying the hell out of me, the latest errors being

WARNING: php_bin C:\xampp\php.\php.exe appears to have a suffix .exe, but config variable php_suffix does not match
ERROR: The DSP scrypt.dsp does not exist.

is there a way to install it without all those obnoxious gimmick software?
-> this is the exact reason why I refuse to use extra software like composer and similar for such small stuff...
I saw a DLL lying on the pecl servers, can I just download that and include it as extension?

I've tried to report the bug here:

https://bugs.php.net/bug.php?id=70204

They directed me to here instead.

Here is a paste of my bug report there:

I'm trying to install scrypt support for my php server via pecl install scrypt.

Note that the CPU doesn't support SSE2 instructions.

I've also tried:

git clone https://github.com/DomBlack/php-scrypt
cd php-scrypt
phpize
./configure --enable-scrypt
make
make test

The tests fails. but I believe it may be relevant to sse2. The logs can be pasted here if needed.

Here is the output of running pecl install scrypt:

# pecl install scrypt
downloading scrypt-1.2.tgz ...
Starting to download scrypt-1.2.tgz (20,361 bytes)
.......done: 20,361 bytes
17 source files, building
running: phpize
Configuring for:
PHP Api Version:         20131106
Zend Module Api No:      20131226
Zend Extension Api No:   220131226
whether to enable scrypt support [yes] : yes
building in /tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2
running: /tmp/pear/temp/scrypt/configure --enable-scrypt=yes
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking for a sed that does not truncate output... /usr/bin/sed
checking for cc... cc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether cc accepts -g... yes
checking for cc option to accept ISO C89... none needed
checking how to run the C preprocessor... cc -E
checking for icc... no
checking for suncc... no
checking whether cc understands -c and -o together... yes
checking for system library directory... lib
checking if compiler supports -R... no
checking if compiler supports -Wl,-rpath,... yes
checking build system type... i686-pc-linux-gnu
checking host system type... i686-pc-linux-gnu
checking target system type... i686-pc-linux-gnu
checking for PHP prefix... /usr
checking for PHP includes... -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -I/usr/include/php/ext/date/lib
checking for PHP extension directory... /usr/lib/php/modules
checking for PHP installed headers prefix... /usr/include/php
checking if debug is enabled... no
checking if zts is enabled... no
checking for re2c... no
configure: WARNING: You will need re2c 0.13.4 or later if you want to regenerate PHP parsers.
checking for gawk... gawk
checking whether to enable scrypt support... yes, shared
checking for clock_gettime in -lrt... yes
checking for library containing clock_gettime... none required
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for struct sysinfo.uptime... no
checking for struct sysinfo.totalram... no
checking emmintrin.h usability... yes
checking emmintrin.h presence... yes
checking for emmintrin.h... yes
checking for ld used by cc... /usr/bin/ld
checking if the linker (/usr/bin/ld) is GNU ld... yes
checking for /usr/bin/ld option to reload object files... -r
checking for BSD-compatible nm... /usr/bin/nm -B
checking whether ln -s works... yes
checking how to recognize dependent libraries... pass_all
checking dlfcn.h usability... yes
checking dlfcn.h presence... yes
checking for dlfcn.h... yes
checking the maximum length of command line arguments... 1572864
checking command to parse /usr/bin/nm -B output from cc object... ok
checking for objdir... .libs
checking for ar... ar
checking for ranlib... ranlib
checking for strip... strip
checking if cc supports -fno-rtti -fno-exceptions... no
checking for cc option to produce PIC... -fPIC
checking if cc PIC flag -fPIC works... yes
checking if cc static flag -static works... yes
checking if cc supports -c -o file.o... yes
checking whether the cc linker (/usr/bin/ld) supports shared libraries... yes
checking whether -lc should be explicitly linked in... no
checking dynamic linker characteristics... GNU/Linux ld.so
checking how to hardcode library paths into programs... immediate
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... yes
checking whether to build static libraries... no

creating libtool
appending configuration tag "CXX" to libtool
configure: creating ./config.status
config.status: creating config.h
running: make
/bin/sh /tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/libtool --mode=compile cc  -I. -I/tmp/pear/temp/scrypt -DPHP_ATOM_INC -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/include -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/main -I/tmp/pear/temp/scrypt -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -I/usr/include/php/ext/date/lib -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/crypto  -DHAVE_CONFIG_H  -g -O2   -c /tmp/pear/temp/scrypt/php_scrypt.c -o php_scrypt.lo
mkdir .libs
 cc -I. -I/tmp/pear/temp/scrypt -DPHP_ATOM_INC -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/include -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/main -I/tmp/pear/temp/scrypt -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -I/usr/include/php/ext/date/lib -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/crypto -DHAVE_CONFIG_H -g -O2 -c /tmp/pear/temp/scrypt/php_scrypt.c  -fPIC -DPIC -o .libs/php_scrypt.o
/bin/sh /tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/libtool --mode=compile cc  -I. -I/tmp/pear/temp/scrypt -DPHP_ATOM_INC -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/include -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/main -I/tmp/pear/temp/scrypt -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -I/usr/include/php/ext/date/lib -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/crypto  -DHAVE_CONFIG_H  -g -O2   -c /tmp/pear/temp/scrypt/php_scrypt_utils.c -o php_scrypt_utils.lo
 cc -I. -I/tmp/pear/temp/scrypt -DPHP_ATOM_INC -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/include -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/main -I/tmp/pear/temp/scrypt -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -I/usr/include/php/ext/date/lib -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/crypto -DHAVE_CONFIG_H -g -O2 -c /tmp/pear/temp/scrypt/php_scrypt_utils.c  -fPIC -DPIC -o .libs/php_scrypt_utils.o
/bin/sh /tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/libtool --mode=compile cc  -I. -I/tmp/pear/temp/scrypt -DPHP_ATOM_INC -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/include -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/main -I/tmp/pear/temp/scrypt -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -I/usr/include/php/ext/date/lib -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/crypto  -DHAVE_CONFIG_H  -g -O2   -c /tmp/pear/temp/scrypt/crypto/sha256.c -o crypto/sha256.lo
mkdir crypto/.libs
 cc -I. -I/tmp/pear/temp/scrypt -DPHP_ATOM_INC -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/include -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/main -I/tmp/pear/temp/scrypt -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -I/usr/include/php/ext/date/lib -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/crypto -DHAVE_CONFIG_H -g -O2 -c /tmp/pear/temp/scrypt/crypto/sha256.c  -fPIC -DPIC -o crypto/.libs/sha256.o
/bin/sh /tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/libtool --mode=compile cc  -I. -I/tmp/pear/temp/scrypt -DPHP_ATOM_INC -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/include -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/main -I/tmp/pear/temp/scrypt -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -I/usr/include/php/ext/date/lib -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/crypto  -DHAVE_CONFIG_H  -g -O2   -c /tmp/pear/temp/scrypt/crypto/crypto_scrypt-sse.c -o crypto/crypto_scrypt-sse.lo
 cc -I. -I/tmp/pear/temp/scrypt -DPHP_ATOM_INC -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/include -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/main -I/tmp/pear/temp/scrypt -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -I/usr/include/php/ext/date/lib -I/tmp/pear/temp/pear-build-rootELnQEw/scrypt-1.2/crypto -DHAVE_CONFIG_H -g -O2 -c /tmp/pear/temp/scrypt/crypto/crypto_scrypt-sse.c  -fPIC -DPIC -o crypto/.libs/crypto_scrypt-sse.o
/tmp/pear/temp/scrypt/crypto/crypto_scrypt-sse.c: In function ‘smix’:
/tmp/pear/temp/scrypt/crypto/crypto_scrypt-sse.c:216:16: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
         blkcpy((void *)((uintptr_t)(V) + i * 128 * r), X, 128 * r);
                ^
/tmp/pear/temp/scrypt/crypto/crypto_scrypt-sse.c:222:16: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
         blkcpy((void *)((uintptr_t)(V) + (i + 1) * 128 * r),
                ^
/tmp/pear/temp/scrypt/crypto/crypto_scrypt-sse.c:235:19: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
         blkxor(X, (void *)((uintptr_t)(V) + j * 128 * r), 128 * r);
                   ^
/tmp/pear/temp/scrypt/crypto/crypto_scrypt-sse.c:242:19: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
         blkxor(Y, (void *)((uintptr_t)(V) + j * 128 * r), 128 * r);
                   ^
/tmp/pear/temp/scrypt/crypto/crypto_scrypt-sse.c: In function ‘blkxor’:
/tmp/pear/temp/scrypt/crypto/crypto_scrypt-sse.c:76:14: warning: SSE vector return without SSE enabled changes the ABI [-Wpsabi]
         D[i] = _mm_xor_si128(D[i], S[i]);
              ^
In file included from /tmp/pear/temp/scrypt/crypto/crypto_scrypt-sse.c:37:0:
/usr/lib/gcc/i686-pc-linux-gnu/5.2.0/include/emmintrin.h:1286:1: error: inlining failed in call to always_inline ‘_mm_xor_si128’: target specific option mismatch
 _mm_xor_si128 (__m128i __A, __m128i __B)
 ^
/tmp/pear/temp/scrypt/crypto/crypto_scrypt-sse.c:76:16: error: called from here
         D[i] = _mm_xor_si128(D[i], S[i]);
                ^
Makefile:187: recipe for target 'crypto/crypto_scrypt-sse.lo' failed
make: *** [crypto/crypto_scrypt-sse.lo] Error 1
ERROR: `make' failed

From a fuzzing run on the extension:
Calling scrypt()with a r = 11111 leads to a segfault because of an invalid free in php-scrypt/crypto/crypto_scrypt-sse.c:337

Reproduce

php -r 'var_dump(scrypt("foo", null, 1, 11111, 1, 16));'

The Password code can't decide how the salt is formatted. If openssl is enabled, then generateSalt will return a hex encoded string. If openssl is disabled, the encoding is done using a custom alphabet.

Due to the way the salt is generated, this in particular means that if openssl is enabled you get 8_8=64 bits of entropy, but if it is disabled you get 8_log(alphabetSize)=8*log(69) = 48.8 bits of entropy.

For a user-defined salt, it's unclear what encoding you can/should use. Also it silently drops $ characters in this case.

The verification function uses $calculated == $hash. This is subject to timing attacks. You need to use a fixed-time comparison instead.

The verification function also does not check whether $hash is in a valid hash format and does not check that the return value of scrypt is valid. A simple exploit would be having $hash = false, which would trigger scrypt() = false, thus making the condition evaluate to true. false or 0 or '' etc are all plausible values in case of a database error.

Furthermore the class suggests you to use a pepper. This is usually discouraged, see for example http://stackoverflow.com/questions/16891729/best-practices-salting-peppering-passwords/16896216#16896216.

I believe it would be very convenient to have a function that evaluates whether a password's hash has been generated using lower costs that the current implemented ones. I like to store my costs in a configuration file so that if I am to upgrade my machine's hardware I can increase the cost easily, this way maintaining my new hashes updated with the latest machine power. I also like to update old hashes when they were generated with lower costs so if a password is verified I'll go through this check. I already have implemented this function in my local scrypt.php file and if you agree this is a good idea I would like it to be implemented on your repo.

Attempted to compile on Freebsd 9 with GCC4.7, resulted in the following errors:

/php-scrypt/php_scrypt.c:45:1: error: unknown type name 'function_entry'
/php-scrypt/php_scrypt.c:46:5: warning: braces around scalar initializer [enabled by default]
/php-scrypt/php_scrypt.c:46:5: warning: (near initialization for 'scrypt_functions[0]') [enabled by default]
/php-scrypt/php_scrypt.c:46:5: warning: initialization makes integer from pointer without a cast [enabled by default]
/php-scrypt/php_scrypt.c:46:5: warning: (near initialization for 'scrypt_functions[0]') [enabled by default]
/php-scrypt/php_scrypt.c:46:5: error: initializer element is not computable at load time
/php-scrypt/php_scrypt.c:46:5: error: (near initialization for 'scrypt_functions[0]')
/php-scrypt/php_scrypt.c:46:5: warning: excess elements in scalar initializer [enabled by default]
/php-scrypt/php_scrypt.c:46:5: warning: (near initialization for 'scrypt_functions[0]') [enabled by default]
/php-scrypt/php_scrypt.c:46:5: warning: excess elements in scalar initializer [enabled by default]
/php-scrypt/php_scrypt.c:46:5: warning: (near initialization for 'scrypt_functions[0]') [enabled by default]
/php-scrypt/php_scrypt.c:46:5: warning: excess elements in scalar initializer [enabled by default]
/php-scrypt/php_scrypt.c:46:5: warning: (near initialization for 'scrypt_functions[0]') [enabled by default]
/php-scrypt/php_scrypt.c:46:5: warning: excess elements in scalar initializer [enabled by default]
/php-scrypt/php_scrypt.c:46:5: warning: (near initialization for 'scrypt_functions[0]') [enabled by default]
/php-scrypt/php_scrypt.c:47:5: warning: braces around scalar initializer [enabled by default]
/php-scrypt/php_scrypt.c:47:5: warning: (near initialization for 'scrypt_functions[1]') [enabled by default]
/php-scrypt/php_scrypt.c:47:5: warning: initialization makes integer from pointer without a cast [enabled by default]

I'm having a problem where I get a key that's longer than the one I requested.
Here's what I'm calling:
$key = scrypt($password, $_pepper.$salt, $_scrypt_n, $_scrypt_r, $_scrypt_p, 512);
and I get a key that has a length of 1024. Am I missing something?

Hash generated by the following function doesn't match when it is run from PHP72 and PHP74

$hash = scrypt('pass123','NaCl', 16384, 8, 1, 64);

Using version 1.4.2 from https://pecl.php.net/package/scrypt

I tried to compile this for php 7, but it does not seem to work. compiles with php 7, but the scrypt.so file is not used and does not show up in phpinfo.php, even though it is in the extension directory.

Hi, I found a small error in php_scrypt.c:

if (keyLength <= 16)
{
    keyLength = -1;
    php_error(1, "Key length is too low, must be greater or equal to 16");
} 

It must be greater than 16 in the text or the condition must be keyLength < 16. I don't know which is correct. Are there any explanations on scrypt besides the original source code?

A more preferable approach might be:

http://www.php.net/manual/en/function.base-convert.php#106546

substr(convBase(bin2hex(openssl_random_pseudo_bytes($length)), '0123456789abcdef', $chars), 0, $length);

mt_rand() is not cryptographically secure

What do crypto experts think about that?

Since this extension doesn't seem to be updated anymore (and doesn't have php 8/8.1 support) i was wondering if there is a replacement within the Sodium extension.

i'm trying to use the sodium_crypto_pwhash_scryptsalsa208sha256 function but i'm unsure how to convert the scrypt parameters to this sodium implementation so that the hashes remain backwards compatible.

how can scrypt hashes be identified?
for example bcrypt usually starts with $2a$ (or $2y$ in later PHP) which makes them easy to identify on sight for both humans and machines.

is there some "identifier" for scrypt?

The latest pull commit, in reference to issue #24, was riddled with errors and completely broke the wrapper class. Was there no review on this?

Read this commit: 5dddf81

It introduced a new static method for calculating the length of a string, whether it be multibyte or not. That is a good method to have. However, with a moment's glance, you can already see the imminent parsing error that PHP will throw:

protected static strlen( $str ) {

There's no function declaration.

In addition, the checks written in the method are redundant. There's no need to check for the extension and function availability, and especially no need to check for function overloading. The logic should be as follows: use mb_strlen if available, because this is ultimately what we want, otherwise fallback to standard strlen. I deferred to @ircmaxell's usage here: https://github.com/ircmaxell/password_compat/blob/master/lib/password.php#L253.

Another mistake was accessing the new strlen method using the static keyword instead of self. For this class, it's more accurate and safe to only refer to itself, and not the possibility of referencing a class that may have called it.

Lastly, without reason, the strlen hash check was removed from the check method. Why?

I'm sending a pull request with the appropriate fixes.

Could you please release a new version which contains the PHP 8.0 related fix from the master branch?

The key length can safely be set to 16 instead of 32 because the string length of the hash returned by scrypt() for some reason is always doubled. So if you put 16 in, you get a 32 character hash, if you put 32 in you get 64 characters being produced. Since only the first 32 characters of the hash are ever used, making it longer than this is unnecessary.

var_dump(scrypt('password', 'salty', pow(2,14), 8, 2, 16));
var_dump(scrypt('password', 'salty', pow(2,14), 8, 2, 20));
var_dump(scrypt('password', 'salty', pow(2,14), 8, 2, 24));
var_dump(scrypt('password', 'salty', pow(2,14), 8, 2, 28));
var_dump(scrypt('password', 'salty', pow(2,14), 8, 2, 32));
var_dump(scrypt('password', 'salty', pow(2,14), 8, 2, 50));

Produces the output:

string(32) "e5135483ad9e2955f65dd1287a3b83d0"
string(40) "e5135483ad9e2955f65dd1287a3b83d0632f5082"
string(48) "e5135483ad9e2955f65dd1287a3b83d0632f50823b3ad12f"
string(56) "e5135483ad9e2955f65dd1287a3b83d0632f50823b3ad12fc3b7e874"
string(64) "e5135483ad9e2955f65dd1287a3b83d0632f50823b3ad12fc3b7e87432085014"
string(100) "e5135483ad9e2955f65dd1287a3b83d0632f50823b3ad12fc3b7e87432085014bf127be1b54afcb040ac456c4ff

Haven't tested on linux yet, but Windows + PHP 5.4 has this issue

`echo scrypt('pleaseletmein', 'SodiumChloride', 1048576, 8, 1, 64);"

Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 1073741824 bytes) in Command line code on line 1`

That's the last line from the vectors.phpt.

Maybe submit this to PECL so it can be installed with a quick command? ;)

Strange, only on RHEL-6 x86_64 and PHP 7.0

TEST 2/2 [tests/vectors.phpt]
========DIFF========
002+ 3f0ca2344531c2440c69bab9397fd30dd2ed72b47cb57e3ee83dba2c38318b12465ad8fde304e949fef187b9e1ca7cc8802c98c791322219b05959f503aa0235
003+ 379e9bff2afb37c9f58f947db0c8080fa5fb937b905f1ebbe63ee88a7d6599e29667b3e2b0d11d61c76d61363f89773fdbc9573ebf46373f2d88317b533ef4ef
004+ b63059fab1deaf46ec48a42a2751bb72c353ff5e57791ef265d75f29ed11977d4a7f25017481d7ff45d2cfe29472ee3e6b6c7d433250fd61b9d91066a7e50620
002- fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640
003- 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887
004- 2101cb9b6a511aaeaddbbe09cf70f881ec568d574a2ffd4dabe5ee9820adaa478e56fd8f4ba5d09ffa1c6d927c40f4c337304049e8a952fbcbf45c6fa77a41a4
========DONE========
FAIL Test scrypt KDF using test vectors. [tests/vectors.phpt] 

Ok on i386, with php 5.4, 5.5, 5.6, and other distro (fedora 20-24n RHEL 5 and 7)

scrypt('qq7510201', 'd59a3c9bfe243c989c0b0d48650e20f0718bf9e467dcce940f269ff7e1c3ec71', 262144, 8, 1, 32)的结果是‘708cef6027d565ad4213434bf262bf2c472f4c7e99be1083b21e6db84f629562’。
期望结果是‘5dd3edca314acc87dd1d85e2e798da78772c0e166218138ddc4af2ddf01f58e1’。
java,nodejs.python都是期望的结果

Hey There! 👋
We've recently ran into an issue with php-scrypt where it will attempt to compile using SSE flags on non-SSE environments in cases such as cross-compilation or compiling within docker.

This is due to checking the compilng machine's CPU arch instead of the target machines arch where in the case of compiling on a x86 machine to a arm machine this fails due to arm not having SSE Extensions.

We've been able to get around it by adding our own check for SSE within config.m4 and I am currently drafting a PR now to merge those checks into your codebase.

I got scrypt version available for PHP 7.4 Thread Safe (TS) x64 from https://pecl.php.net/package/scrypt/1.4.2/windows

In Windows, no matter which salt I pass, the hash is always the same.

/home/sergey/debuild/php52/php52-mod-scrypt/php-scrypt/crypto/crypto_scrypt-sse.c: In function ‘blkxor’:
/home/sergey/debuild/php52/php52-mod-scrypt/php-scrypt/crypto/crypto_scrypt-sse.c:76:14: warning: SSE vector return without SSE enabled changes the ABI [-Wpsabi]
D[i] = _mm_xor_si128(D[i], S[i]);
^
In file included from /home/sergey/debuild/php52/php52-mod-scrypt/php-scrypt/crypto/crypto_scrypt-sse.c:37:0:
/usr/lib/gcc/i686-linux-gnu/4.9/include/emmintrin.h:1266:1: error: inlining failed in call to always_inline ‘_mm_xor_si128’: target specific option mismatch
_mm_xor_si128 (__m128i __A, __m128i __B)
^
/home/sergey/debuild/php52/php52-mod-scrypt/php-scrypt/crypto/crypto_scrypt-sse.c:76:16: error: called from here
D[i] = _mm_xor_si128(D[i], S[i]);
^
make: *** [crypto/crypto_scrypt-sse.lo] Error 1

PHP 5.5 will have a new set of "password" functions. See https://wiki.php.net/rfc/password_hash

Currently, PHP has implementation of BCrypt, but having SCrypt would be a good addition. Would you be interested? @ircmaxell can help, probably

From BSD License:

1. Redistributions of source code must retain the above copyright...
2. Redistributions in binary form must reproduce the above copyright..

Fedora Packaging Guidelines requires (to respect the License term) that each RPM includes the LICENSE file, when provided by upstream, and to request for it when missing.

So I do.

http://fedoraproject.org/wiki/Packaging/LicensingGuidelines#License_Text

https://github.com/DomBlack/php-scrypt/blob/master/scrypt.php#L69-L111

This code seems to do the following to try generate a salt:

• Try use mcrypt_create_iv
• Try use openssl_random_pseudo_bytes
• Try use /dev/urandom
• use mt_rand

This is a flawed approach (mainly because of windows/lack of sanity checking/usage of mt_rand). In general, you should consider the following path:

• Use libsodium if available.
• fread() /dev/urandom if available (never on Windows)
• mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM)
• COM('CAPICOM.Utilities.1')->GetRandom()
• openssl_random_pseudo_bytes() (absolute last resort)
• if none of the above, FAIL. Your execution can't continue past this point if the platform is unable to give you sufficient randomness for the salt.

You also must check when you read /dev/urandom that you've been provided with a char device, rather than something pretending to be /dev/urandom.

To be honest, though, it's best to just look at including/requiring something like https://github.com/paragonie/random_compat/releases and just using random_bytes() as this'll then ensure you get the right amount of randomess on any platform that this code could possibly run under.

After installing scrypt with pecl, PHP -m can see the extension, but in phpstorm, the package cannot be found.

Shouldn't you be using mb_strlen instead of strlen in https://github.com/DomBlack/php-scrypt/blob/master/scrypt.php

See this for more info: https://github.com/ircmaxell/password_compat/blob/master/lib/password.php#L245#L246