diff options
| -rw-r--r-- | ext/standard/crypt.c | 1 | ||||
| -rw-r--r-- | ext/standard/crypt_blowfish.c | 30 | ||||
| -rw-r--r-- | ext/standard/crypt_blowfish.h | 8 | ||||
| -rw-r--r-- | ext/standard/crypt_freesec.c | 2 | ||||
| -rw-r--r-- | ext/standard/php_crypt_r.c | 206 | ||||
| -rw-r--r-- | ext/standard/php_crypt_r.h | 21 |
6 files changed, 6 insertions, 262 deletions
diff --git a/ext/standard/crypt.c b/ext/standard/crypt.c index 18839624d4..e592d3bf55 100644 --- a/ext/standard/crypt.c +++ b/ext/standard/crypt.c @@ -81,6 +81,7 @@ PHP_MSHUTDOWN_FUNCTION(crypt) /* {{{ */ static unsigned char itoa64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; +/* Encode a string of bytes as Base64 */ static void php_to64(char *s, int n) /* {{{ */ { while (--n >= 0) { diff --git a/ext/standard/crypt_blowfish.c b/ext/standard/crypt_blowfish.c index 7f3a6fbb34..1f20debf28 100644 --- a/ext/standard/crypt_blowfish.c +++ b/ext/standard/crypt_blowfish.c @@ -872,33 +872,3 @@ char *php_crypt_blowfish_rn(const char *key, const char *setting, __set_errno(EINVAL); /* pretend we don't support this hash type */ return NULL; } - -#if 0 -char *_crypt_gensalt_blowfish_rn(const char *prefix, unsigned long count, - const char *input, int size, char *output, int output_size) -{ - if (size < 16 || output_size < 7 + 22 + 1 || - (count && (count < 4 || count > 31)) || - prefix[0] != '$' || prefix[1] != '2' || - (prefix[2] != 'a' && prefix[2] != 'b' && prefix[2] != 'y')) { - if (output_size > 0) output[0] = '\0'; - __set_errno((output_size < 7 + 22 + 1) ? ERANGE : EINVAL); - return NULL; - } - - if (!count) count = 5; - - output[0] = '$'; - output[1] = '2'; - output[2] = prefix[2]; - output[3] = '$'; - output[4] = '0' + count / 10; - output[5] = '0' + count % 10; - output[6] = '$'; - - BF_encode(&output[7], (const BF_word *)input, 16); - output[7 + 22] = '\0'; - - return output; -} -#endif diff --git a/ext/standard/crypt_blowfish.h b/ext/standard/crypt_blowfish.h index d540990fe1..a1150b5f66 100644 --- a/ext/standard/crypt_blowfish.h +++ b/ext/standard/crypt_blowfish.h @@ -17,15 +17,7 @@ #ifndef _CRYPT_BLOWFISH_H #define _CRYPT_BLOWFISH_H -#if 0 -extern int _crypt_output_magic(const char *setting, char *output, int size); -#endif extern char *php_crypt_blowfish_rn(const char *key, const char *setting, char *output, int size); -#if 0 -extern char *_crypt_gensalt_blowfish_rn(const char *prefix, - unsigned long count, - const char *input, int size, char *output, int output_size); -#endif #endif diff --git a/ext/standard/crypt_freesec.c b/ext/standard/crypt_freesec.c index 572e5127b1..6e94322626 100644 --- a/ext/standard/crypt_freesec.c +++ b/ext/standard/crypt_freesec.c @@ -170,8 +170,6 @@ static const u_char bits8[8] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 static const unsigned char ascii64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; -/* 0000000000111111111122222222223333333333444444444455555555556666 */ -/* 0123456789012345678901234567890123456789012345678901234567890123 */ static u_char m_sbox[4][4096]; static uint32_t psbox[4][256]; diff --git a/ext/standard/php_crypt_r.c b/ext/standard/php_crypt_r.c index 432657cf47..1e55f5f9b5 100644 --- a/ext/standard/php_crypt_r.c +++ b/ext/standard/php_crypt_r.c @@ -41,20 +41,12 @@ #include "php_crypt_r.h" #include "crypt_freesec.h" - -#if !PHP_WIN32 #include "ext/standard/md5.h" -#endif #ifdef ZTS MUTEX_T php_crypt_extended_init_lock; #endif -/* TODO: enable it when enabling vista/2k8 mode in tsrm */ -#if 0 -CONDITION_VARIABLE initialized; -#endif - void php_init_crypt_r() { #ifdef ZTS @@ -87,15 +79,15 @@ void _crypt_extended_init_r(void) #endif } -/* MD% crypt implementation using the windows CryptoApi */ +/* MD5 crypt implementation using the windows CryptoApi */ #define MD5_MAGIC "$1$" #define MD5_MAGIC_LEN 3 static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */ "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; -static void -to64(char *s, int32_t v, int n) +/* Convert a 16/32 bit integer to Base64 string representation */ +static void to64(char *s, int32_t v, int n) { while (--n >= 0) { *s++ = itoa64[v & 0x3f]; @@ -103,194 +95,6 @@ to64(char *s, int32_t v, int n) } } -#ifdef PHP_WIN32 -char * php_md5_crypt_r(const char *pw, const char *salt, char *out) { - HCRYPTPROV hCryptProv; - HCRYPTHASH ctx, ctx1; - DWORD i, pwl, sl; - const BYTE magic_md5[4] = "$1$"; - const DWORD magic_md5_len = 3; - DWORD dwHashLen; - int pl; - __int32 l; - const char *sp = salt; - const char *ep = salt; - char *p = NULL; - char *passwd = out; - unsigned char final[16]; - - /* Acquire a cryptographic provider context handle. */ - if(!CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { - return NULL; - } - - pwl = (DWORD) strlen(pw); - - /* Refine the salt first */ - sp = salt; - - /* If it starts with the magic string, then skip that */ - if (strncmp(sp, MD5_MAGIC, MD5_MAGIC_LEN) == 0) { - sp += MD5_MAGIC_LEN; - } - - /* It stops at the first '$', max 8 chars */ - for (ep = sp; *ep != '\0' && *ep != '$' && ep < (sp + 8); ep++); - - /* get the length of the true salt */ - sl = (DWORD)(ep - sp); - - /* Create an empty hash object. */ - if(!CryptCreateHash(hCryptProv, CALG_MD5, 0, 0, &ctx)) { - goto _destroyProv; - } - - /* The password first, since that is what is most unknown */ - if(!CryptHashData(ctx, (BYTE *)pw, pwl, 0)) { - goto _destroyCtx0; - } - - /* Then our magic string */ - if(!CryptHashData(ctx, magic_md5, magic_md5_len, 0)) { - goto _destroyCtx0; - } - - /* Then the raw salt */ - if(!CryptHashData( ctx, (BYTE *)sp, sl, 0)) { - goto _destroyCtx0; - } - - /* MD5(pw,salt,pw), valid. */ - /* Then just as many characters of the MD5(pw,salt,pw) */ - if(!CryptCreateHash(hCryptProv, CALG_MD5, 0, 0, &ctx1)) { - goto _destroyCtx0; - } - if(!CryptHashData(ctx1, (BYTE *)pw, pwl, 0)) { - goto _destroyCtx1; - } - if(!CryptHashData(ctx1, (BYTE *)sp, sl, 0)) { - goto _destroyCtx1; - } - if(!CryptHashData(ctx1, (BYTE *)pw, pwl, 0)) { - goto _destroyCtx1; - } - - dwHashLen = 16; - CryptGetHashParam(ctx1, HP_HASHVAL, final, &dwHashLen, 0); - /* MD5(pw,salt,pw). Valid. */ - - for (pl = pwl; pl > 0; pl -= 16) { - CryptHashData(ctx, final, (DWORD)(pl > 16 ? 16 : pl), 0); - } - - /* Don't leave anything around in vm they could use. */ - ZEND_SECURE_ZERO(final, sizeof(final)); - - /* Then something really weird... */ - for (i = pwl; i != 0; i >>= 1) { - if ((i & 1) != 0) { - CryptHashData(ctx, (const BYTE *)final, 1, 0); - } else { - CryptHashData(ctx, (const BYTE *)pw, 1, 0); - } - } - - memcpy(passwd, MD5_MAGIC, MD5_MAGIC_LEN); - - if (strncpy_s(passwd + MD5_MAGIC_LEN, MD5_HASH_MAX_LEN - MD5_MAGIC_LEN, sp, sl + 1) != 0) { - goto _destroyCtx1; - } - passwd[MD5_MAGIC_LEN + sl] = '\0'; - strcat_s(passwd, MD5_HASH_MAX_LEN, "$"); - - dwHashLen = 16; - - /* Fetch the ctx hash value */ - CryptGetHashParam(ctx, HP_HASHVAL, final, &dwHashLen, 0); - - for (i = 0; i < 1000; i++) { - if(!CryptCreateHash(hCryptProv, CALG_MD5, 0, 0, &ctx1)) { - goto _destroyCtx1; - } - - if ((i & 1) != 0) { - if(!CryptHashData(ctx1, (BYTE *)pw, pwl, 0)) { - goto _destroyCtx1; - } - } else { - if(!CryptHashData(ctx1, (BYTE *)final, 16, 0)) { - goto _destroyCtx1; - } - } - - if ((i % 3) != 0) { - if(!CryptHashData(ctx1, (BYTE *)sp, sl, 0)) { - goto _destroyCtx1; - } - } - - if ((i % 7) != 0) { - if(!CryptHashData(ctx1, (BYTE *)pw, pwl, 0)) { - goto _destroyCtx1; - } - } - - if ((i & 1) != 0) { - if(!CryptHashData(ctx1, (BYTE *)final, 16, 0)) { - goto _destroyCtx1; - } - } else { - if(!CryptHashData(ctx1, (BYTE *)pw, pwl, 0)) { - goto _destroyCtx1; - } - } - - /* Fetch the ctx hash value */ - dwHashLen = 16; - CryptGetHashParam(ctx1, HP_HASHVAL, final, &dwHashLen, 0); - if(!(CryptDestroyHash(ctx1))) { - goto _destroyCtx0; - } - } - - ctx1 = (HCRYPTHASH) NULL; - - p = passwd + sl + MD5_MAGIC_LEN + 1; - - l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p,l,4); p += 4; - l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p,l,4); p += 4; - l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p,l,4); p += 4; - l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p,l,4); p += 4; - l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p,l,4); p += 4; - l = final[11]; to64(p,l,2); p += 2; - - *p = '\0'; - - ZEND_SECURE_ZERO(final, sizeof(final)); - - -_destroyCtx1: - if (ctx1) { - if (!CryptDestroyHash(ctx1)) { - - } - } - -_destroyCtx0: - CryptDestroyHash(ctx); - -_destroyProv: - /* Release the provider handle.*/ - if(hCryptProv) { - if(!(CryptReleaseContext(hCryptProv, 0))) { - return NULL; - } - } - - return out; -} -#else - /* * MD5 password encryption. */ @@ -398,7 +202,3 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) ZEND_SECURE_ZERO(final, sizeof(final)); return (passwd); } - -#undef MD5_MAGIC -#undef MD5_MAGIC_LEN -#endif diff --git a/ext/standard/php_crypt_r.h b/ext/standard/php_crypt_r.h index 20cf215dfd..8ea5282d82 100644 --- a/ext/standard/php_crypt_r.h +++ b/ext/standard/php_crypt_r.h @@ -17,28 +17,14 @@ #ifndef _CRYPT_WIHN32_H_ #define _CRYPT_WIHN32_H_ -#ifdef __cplusplus -extern "C" -{ -#endif +BEGIN_EXTERN_C() #include "crypt_freesec.h" -#ifndef __const -#ifdef __GNUC__ -#define __CONST __const -#else -#define __CONST -#endif -#else -#define __CONST __const -#endif - void php_init_crypt_r(); void php_shutdown_crypt_r(); extern void _crypt_extended_init_r(void); -/*PHPAPI char* crypt(const char *key, const char *salt);*/ PHPAPI char *php_crypt_r (const char *__key, const char *__salt, struct php_crypt_extended_data * __data); #define MD5_HASH_MAX_LEN 120 @@ -48,9 +34,6 @@ PHPAPI char *php_crypt_r (const char *__key, const char *__salt, struct php_cryp extern char * php_md5_crypt_r(const char *pw, const char *salt, char *out); extern char * php_sha512_crypt_r (const char *key, const char *salt, char *buffer, int buflen); extern char * php_sha256_crypt_r (const char *key, const char *salt, char *buffer, int buflen); - -#ifdef __cplusplus -} -#endif +END_EXTERN_C() #endif /* _CRYPT_WIHN32_H_ */ |