summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStanislav Malyshev <stas@php.net>2012-06-12 18:22:49 (GMT)
committerStanislav Malyshev <stas@php.net>2012-06-12 18:22:49 (GMT)
commitc7be96b08fb457f8a2b4e2a64f59437b230886c1 (patch)
tree4a7c4fd476bd934cecfe27ccf0eb1b0a20ae1fce
parenta2bfad051df022058f19afc5f09fd835cbbcf145 (diff)
downloadphp-c7be96b08fb457f8a2b4e2a64f59437b230886c1.tar.gz
Revert "Add PBKDF2 support via openssl()"
This reverts commit b5b8ea1050837fba5a6cee55e41b4574ed64158e. Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for now.
-rw-r--r--ext/openssl/openssl.c65
-rw-r--r--ext/openssl/php_openssl.h2
-rw-r--r--ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt26
3 files changed, 0 insertions, 93 deletions
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 28f7618..7187a96 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -242,16 +242,6 @@ ZEND_BEGIN_ARG_INFO(arginfo_openssl_pkey_get_details, 0)
ZEND_ARG_INFO(0, key)
ZEND_END_ARG_INFO()
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-ZEND_BEGIN_ARG_INFO_EX(arginfo_openssl_pkcs5_pbkdf2_hmac, 0, 0, 4)
- ZEND_ARG_INFO(0, password)
- ZEND_ARG_INFO(0, salt)
- ZEND_ARG_INFO(0, key_length)
- ZEND_ARG_INFO(0, iterations)
- ZEND_ARG_INFO(0, digest_algorithm)
-ZEND_END_ARG_INFO()
-#endif
-
ZEND_BEGIN_ARG_INFO_EX(arginfo_openssl_pkcs7_verify, 0, 0, 2)
ZEND_ARG_INFO(0, filename)
ZEND_ARG_INFO(0, flags)
@@ -438,10 +428,6 @@ const zend_function_entry openssl_functions[] = {
PHP_FE(openssl_seal, arginfo_openssl_seal)
PHP_FE(openssl_open, arginfo_openssl_open)
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
- PHP_FE(openssl_pkcs5_pbkdf2_hmac, arginfo_openssl_pkcs5_pbkdf2_hmac)
-#endif
-
/* for S/MIME handling */
PHP_FE(openssl_pkcs7_verify, arginfo_openssl_pkcs7_verify)
PHP_FE(openssl_pkcs7_decrypt, arginfo_openssl_pkcs7_decrypt)
@@ -3331,57 +3317,6 @@ PHP_FUNCTION(openssl_pkey_get_details)
/* }}} */
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-
-/* {{{ proto string openssl_pkcs5_pbkdf2_hmac(string password, string salt, long key_length, long iterations [, string digest_method = "sha1"])
- Generates a PKCS5 v2 PBKDF2 string, defaults to sha1 */
-PHP_FUNCTION(openssl_pkcs5_pbkdf2_hmac)
-{
- long key_length = 0, iterations = 0;
- char *password; int password_len;
- char *salt; int salt_len;
- char *method; int method_len = 0;
- unsigned char *out_buffer;
-
- const EVP_MD *digest;
-
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssll|s",
- &password, &password_len,
- &salt, &salt_len,
- &key_length, &iterations,
- &method, &method_len) == FAILURE) {
- return;
- }
-
- if (key_length <= 0) {
- RETURN_FALSE;
- }
-
- if (method_len) {
- digest = EVP_get_digestbyname(method);
- } else {
- digest = EVP_sha1();
- }
-
- if (!digest) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm");
- RETURN_FALSE;
- }
-
- out_buffer = emalloc(key_length + 1);
- out_buffer[key_length] = '\0';
-
- if (PKCS5_PBKDF2_HMAC(password, password_len, (unsigned char *)salt, salt_len, iterations, digest, key_length, out_buffer) == 1) {
- RETVAL_STRINGL((char *)out_buffer, key_length, 0);
- } else {
- efree(out_buffer);
- RETURN_FALSE;
- }
-}
-/* }}} */
-
-#endif
-
/* {{{ PKCS7 S/MIME functions */
/* {{{ proto bool openssl_pkcs7_verify(string filename, long flags [, string signerscerts [, array cainfo [, string extracerts [, string content]]]])
diff --git a/ext/openssl/php_openssl.h b/ext/openssl/php_openssl.h
index 0dbe7d2..fc118db 100644
--- a/ext/openssl/php_openssl.h
+++ b/ext/openssl/php_openssl.h
@@ -52,8 +52,6 @@ PHP_FUNCTION(openssl_private_decrypt);
PHP_FUNCTION(openssl_public_encrypt);
PHP_FUNCTION(openssl_public_decrypt);
-PHP_FUNCTION(openssl_pkcs5_pbkdf2_hmac);
-
PHP_FUNCTION(openssl_pkcs7_verify);
PHP_FUNCTION(openssl_pkcs7_decrypt);
PHP_FUNCTION(openssl_pkcs7_sign);
diff --git a/ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt b/ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt
deleted file mode 100644
index af1fcb1..0000000
--- a/ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt
+++ /dev/null
@@ -1,26 +0,0 @@
---TEST--
-openssl_pkcs5_pbkdf2_hmac() tests
---SKIPIF--
-<?php if (!extension_loaded("openssl") || !function_exists("openssl_pkcs5_pbkdf2_hmac")) print "skip"; ?>
---FILE--
-<?php
-// official test vectors
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 1)));
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 2)));
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 4096)));
-
-/* really slow but should be:
-string(40) "eefe3d61cd4da4e4e9945b3d6ba2158c2634e984"
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 16777216)));
-*/
-
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('passwordPASSWORDpassword', 'saltSALTsaltSALTsaltSALTsaltSALTsalt', 25, 4096)));
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac("pass\0word", "sa\0lt", 16, 4096)));
-
-?>
---EXPECTF--
-string(40) "0c60c80f961f0e71f3a9b524af6012062fe037a6"
-string(40) "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"
-string(40) "4b007901b765489abead49d926f721d065a429c1"
-string(50) "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038"
-string(32) "56fa6aa75548099dcc37d7f03425e0c3"