Commit: c7be96b08fb457f8a2b4e2a64f59437b230886c1 Author: Stanislav Malyshev <s...@php.net> Tue, 12 Jun 2012 11:22:49 -0700 Parents: a2bfad051df022058f19afc5f09fd835cbbcf145 Branches: PHP-5.4
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=c7be96b08fb457f8a2b4e2a64f59437b230886c1 Log: Revert "Add PBKDF2 support via openssl()" This reverts commit b5b8ea1050837fba5a6cee55e41b4574ed64158e. Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for now. Changed paths: M ext/openssl/openssl.c M ext/openssl/php_openssl.h D ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt Diff: diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 28f7618..7187a96 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -242,16 +242,6 @@ ZEND_BEGIN_ARG_INFO(arginfo_openssl_pkey_get_details, 0) ZEND_ARG_INFO(0, key) ZEND_END_ARG_INFO() -#if OPENSSL_VERSION_NUMBER >= 0x10000000L -ZEND_BEGIN_ARG_INFO_EX(arginfo_openssl_pkcs5_pbkdf2_hmac, 0, 0, 4) - ZEND_ARG_INFO(0, password) - ZEND_ARG_INFO(0, salt) - ZEND_ARG_INFO(0, key_length) - ZEND_ARG_INFO(0, iterations) - ZEND_ARG_INFO(0, digest_algorithm) -ZEND_END_ARG_INFO() -#endif - ZEND_BEGIN_ARG_INFO_EX(arginfo_openssl_pkcs7_verify, 0, 0, 2) ZEND_ARG_INFO(0, filename) ZEND_ARG_INFO(0, flags) @@ -438,10 +428,6 @@ const zend_function_entry openssl_functions[] = { PHP_FE(openssl_seal, arginfo_openssl_seal) PHP_FE(openssl_open, arginfo_openssl_open) -#if OPENSSL_VERSION_NUMBER >= 0x10000000L - PHP_FE(openssl_pkcs5_pbkdf2_hmac, arginfo_openssl_pkcs5_pbkdf2_hmac) -#endif - /* for S/MIME handling */ PHP_FE(openssl_pkcs7_verify, arginfo_openssl_pkcs7_verify) PHP_FE(openssl_pkcs7_decrypt, arginfo_openssl_pkcs7_decrypt) @@ -3331,57 +3317,6 @@ PHP_FUNCTION(openssl_pkey_get_details) /* }}} */ -#if OPENSSL_VERSION_NUMBER >= 0x10000000L - -/* {{{ proto string openssl_pkcs5_pbkdf2_hmac(string password, string salt, long key_length, long iterations [, string digest_method = "sha1"]) - Generates a PKCS5 v2 PBKDF2 string, defaults to sha1 */ -PHP_FUNCTION(openssl_pkcs5_pbkdf2_hmac) -{ - long key_length = 0, iterations = 0; - char *password; int password_len; - char *salt; int salt_len; - char *method; int method_len = 0; - unsigned char *out_buffer; - - const EVP_MD *digest; - - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssll|s", - &password, &password_len, - &salt, &salt_len, - &key_length, &iterations, - &method, &method_len) == FAILURE) { - return; - } - - if (key_length <= 0) { - RETURN_FALSE; - } - - if (method_len) { - digest = EVP_get_digestbyname(method); - } else { - digest = EVP_sha1(); - } - - if (!digest) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm"); - RETURN_FALSE; - } - - out_buffer = emalloc(key_length + 1); - out_buffer[key_length] = '\0'; - - if (PKCS5_PBKDF2_HMAC(password, password_len, (unsigned char *)salt, salt_len, iterations, digest, key_length, out_buffer) == 1) { - RETVAL_STRINGL((char *)out_buffer, key_length, 0); - } else { - efree(out_buffer); - RETURN_FALSE; - } -} -/* }}} */ - -#endif - /* {{{ PKCS7 S/MIME functions */ /* {{{ proto bool openssl_pkcs7_verify(string filename, long flags [, string signerscerts [, array cainfo [, string extracerts [, string content]]]]) diff --git a/ext/openssl/php_openssl.h b/ext/openssl/php_openssl.h index 0dbe7d2..fc118db 100644 --- a/ext/openssl/php_openssl.h +++ b/ext/openssl/php_openssl.h @@ -52,8 +52,6 @@ PHP_FUNCTION(openssl_private_decrypt); PHP_FUNCTION(openssl_public_encrypt); PHP_FUNCTION(openssl_public_decrypt); -PHP_FUNCTION(openssl_pkcs5_pbkdf2_hmac); - PHP_FUNCTION(openssl_pkcs7_verify); PHP_FUNCTION(openssl_pkcs7_decrypt); PHP_FUNCTION(openssl_pkcs7_sign); diff --git a/ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt b/ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt deleted file mode 100644 index af1fcb1..0000000 --- a/ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt +++ /dev/null @@ -1,26 +0,0 @@ ---TEST-- -openssl_pkcs5_pbkdf2_hmac() tests ---SKIPIF-- -<?php if (!extension_loaded("openssl") || !function_exists("openssl_pkcs5_pbkdf2_hmac")) print "skip"; ?> ---FILE-- -<?php -// official test vectors -var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 1))); -var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 2))); -var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 4096))); - -/* really slow but should be: -string(40) "eefe3d61cd4da4e4e9945b3d6ba2158c2634e984" -var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 16777216))); -*/ - -var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('passwordPASSWORDpassword', 'saltSALTsaltSALTsaltSALTsaltSALTsalt', 25, 4096))); -var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac("pass\0word", "sa\0lt", 16, 4096))); - -?> ---EXPECTF-- -string(40) "0c60c80f961f0e71f3a9b524af6012062fe037a6" -string(40) "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957" -string(40) "4b007901b765489abead49d926f721d065a429c1" -string(50) "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038" -string(32) "56fa6aa75548099dcc37d7f03425e0c3" -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php