Create hash_pbkdf2 function addition #105
Conversation
| @@ -42,6 +42,9 @@ PHP NEWS | |||
| still exists for backward compatibility but is doing nothing). (Pierrick) | |||
| . Fixed bug #54995 (Missing CURLINFO_RESPONSE_CODE support). (Pierrick) | |||
|
|
|||
| - Hash | |||
| . Added support for PBKDF2 via hash_pbkdf2()F | |||
There was a problem hiding this comment.
The F looks strange :) Also I'm missing your name there :)
| /* Reduce the key first */ | ||
| ops->hash_init(context); | ||
| ops->hash_update(context, (unsigned char *) key, key_len); | ||
| ops->hash_final((unsigned char *) K, context); |
There was a problem hiding this comment.
Are the two unsigned char * cast necessary here? Look to me like they are already declared to be of that type.
|
@scottmac As far as that's concerned, I'm not sure how that would look. The API between PBKDF2 and SCrypt are very different. One takes a hash algorithm, a key (password), a salt, an iteration count, and a length. The other takes a key (password), a salt, and 3 integer parameters: N, p, r. So without having a generic "options" array (which I wouldn't care for). Instead, why not add a second function: |
| } | ||
|
|
||
| if (length < 0) { | ||
| php_error_docref(NULL TSRMLS_CC, E_WARNING, "Length Must Be Greater Than Or Equal To 0: %ld", length); |
There was a problem hiding this comment.
This and the previous error message Have All Words Capitalized. PHP doesn't usually make use of that scheme :)
|
@nikic Thanks! I've updated all of the issues you've identified. The reason for the casts, was that before the refactor it was needed, but I never changed the argument after I extracted the method. You are correct that the second memset is not needed. I've removed that as well. I'll push the changes once Thanks! |
| /* result += temp */ | ||
| memcpy(result + ((i - 1) * ops->digest_size), temp, ops->digest_size); | ||
| } | ||
| /* Zero potentiall sensitive variables */ |
There was a problem hiding this comment.
nit: potentiall should probably be potentially
* upstream/master: (101 commits) Fixed Bug #62500 (Segfault in DateInterval class when extended) Fixed test bug #62312 (warnings changed one more time) fix valgrind warning fix valgrind warning fixed #62433 test for win update NEWS Fixed bug #62499 (curl_setopt($ch, CURLOPT_COOKIEFILE, "") returns false) appease MSVC (doesnt like unary minus of unsigned ints) appease MSVC (doesnt like unary minus of unsigned ints) appease MSVC (doesnt like unary minus of unsigned ints) - Fixed bug #62507 (['REQUEST_TIME'] under mod_php5 returns miliseconds instead of seconds) Fixed Bug #62500 (Segfault in DateInterval class when extended) Added in NEWS and UPGRADING for feature 55218 Fix two issues with run-tests.php Fix potential integer overflow in nl2br Fix potential integer overflow in bin2hex This wil be PHP 5.3.16 Revert change 3f3ad30: There shouldn't be new features in 5.3, especially not if they aren't in 5.4, too. fix (signed) integer overflow (part of bug #52550 fix (signed) integer overflow (part of bug #52550 ...
This pull request adds a new function to the hash package:
hash_pbkdf2(), providing the ability to natively hash content using the PKCS5 approved PBKDF2 algorithm. See Wikipedia and RSA for more information about the algorithm.This patch refactors the internal implementation of
hash_hmac()to allow code reuse between it and the newhash_pbkdf2()function. No internal APIs were changed, and the only API addition is the PHP functionhash_pbkdf2(). A fewstatic inlinefunctions were either added, or extracted from the inside ofhash_hmacand its implementation. These refactorings should have no public impact, since they are static to the extension.