summaryrefslogtreecommitdiff
path: root/ext
diff options
context:
space:
mode:
authorStanislav Malyshev <stas@php.net>2012-06-12 18:22:49 (GMT)
committerStanislav Malyshev <stas@php.net>2012-06-12 18:22:49 (GMT)
commitc7be96b08fb457f8a2b4e2a64f59437b230886c1 (patch)
tree4a7c4fd476bd934cecfe27ccf0eb1b0a20ae1fce /ext
parenta2bfad051df022058f19afc5f09fd835cbbcf145 (diff)
downloadphp-c7be96b08fb457f8a2b4e2a64f59437b230886c1.tar.gz
Revert "Add PBKDF2 support via openssl()"
This reverts commit b5b8ea1050837fba5a6cee55e41b4574ed64158e. Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for now.
Diffstat (limited to 'ext')
-rw-r--r--ext/openssl/openssl.c65
-rw-r--r--ext/openssl/php_openssl.h2
-rw-r--r--ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt26
3 files changed, 0 insertions, 93 deletions
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 28f7618..7187a96 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -242,16 +242,6 @@ ZEND_BEGIN_ARG_INFO(arginfo_openssl_pkey_get_details, 0)
ZEND_ARG_INFO(0, key)
ZEND_END_ARG_INFO()
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-ZEND_BEGIN_ARG_INFO_EX(arginfo_openssl_pkcs5_pbkdf2_hmac, 0, 0, 4)
- ZEND_ARG_INFO(0, password)
- ZEND_ARG_INFO(0, salt)
- ZEND_ARG_INFO(0, key_length)
- ZEND_ARG_INFO(0, iterations)
- ZEND_ARG_INFO(0, digest_algorithm)
-ZEND_END_ARG_INFO()
-#endif
-
ZEND_BEGIN_ARG_INFO_EX(arginfo_openssl_pkcs7_verify, 0, 0, 2)
ZEND_ARG_INFO(0, filename)
ZEND_ARG_INFO(0, flags)
@@ -438,10 +428,6 @@ const zend_function_entry openssl_functions[] = {
PHP_FE(openssl_seal, arginfo_openssl_seal)
PHP_FE(openssl_open, arginfo_openssl_open)
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
- PHP_FE(openssl_pkcs5_pbkdf2_hmac, arginfo_openssl_pkcs5_pbkdf2_hmac)
-#endif
-
/* for S/MIME handling */
PHP_FE(openssl_pkcs7_verify, arginfo_openssl_pkcs7_verify)
PHP_FE(openssl_pkcs7_decrypt, arginfo_openssl_pkcs7_decrypt)
@@ -3331,57 +3317,6 @@ PHP_FUNCTION(openssl_pkey_get_details)
/* }}} */
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-
-/* {{{ proto string openssl_pkcs5_pbkdf2_hmac(string password, string salt, long key_length, long iterations [, string digest_method = "sha1"])
- Generates a PKCS5 v2 PBKDF2 string, defaults to sha1 */
-PHP_FUNCTION(openssl_pkcs5_pbkdf2_hmac)
-{
- long key_length = 0, iterations = 0;
- char *password; int password_len;
- char *salt; int salt_len;
- char *method; int method_len = 0;
- unsigned char *out_buffer;
-
- const EVP_MD *digest;
-
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssll|s",
- &password, &password_len,
- &salt, &salt_len,
- &key_length, &iterations,
- &method, &method_len) == FAILURE) {
- return;
- }
-
- if (key_length <= 0) {
- RETURN_FALSE;
- }
-
- if (method_len) {
- digest = EVP_get_digestbyname(method);
- } else {
- digest = EVP_sha1();
- }
-
- if (!digest) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm");
- RETURN_FALSE;
- }
-
- out_buffer = emalloc(key_length + 1);
- out_buffer[key_length] = '\0';
-
- if (PKCS5_PBKDF2_HMAC(password, password_len, (unsigned char *)salt, salt_len, iterations, digest, key_length, out_buffer) == 1) {
- RETVAL_STRINGL((char *)out_buffer, key_length, 0);
- } else {
- efree(out_buffer);
- RETURN_FALSE;
- }
-}
-/* }}} */
-
-#endif
-
/* {{{ PKCS7 S/MIME functions */
/* {{{ proto bool openssl_pkcs7_verify(string filename, long flags [, string signerscerts [, array cainfo [, string extracerts [, string content]]]])
diff --git a/ext/openssl/php_openssl.h b/ext/openssl/php_openssl.h
index 0dbe7d2..fc118db 100644
--- a/ext/openssl/php_openssl.h
+++ b/ext/openssl/php_openssl.h
@@ -52,8 +52,6 @@ PHP_FUNCTION(openssl_private_decrypt);
PHP_FUNCTION(openssl_public_encrypt);
PHP_FUNCTION(openssl_public_decrypt);
-PHP_FUNCTION(openssl_pkcs5_pbkdf2_hmac);
-
PHP_FUNCTION(openssl_pkcs7_verify);
PHP_FUNCTION(openssl_pkcs7_decrypt);
PHP_FUNCTION(openssl_pkcs7_sign);
diff --git a/ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt b/ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt
deleted file mode 100644
index af1fcb1..0000000
--- a/ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt
+++ /dev/null
@@ -1,26 +0,0 @@
---TEST--
-openssl_pkcs5_pbkdf2_hmac() tests
---SKIPIF--
-<?php if (!extension_loaded("openssl") || !function_exists("openssl_pkcs5_pbkdf2_hmac")) print "skip"; ?>
---FILE--
-<?php
-// official test vectors
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 1)));
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 2)));
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 4096)));
-
-/* really slow but should be:
-string(40) "eefe3d61cd4da4e4e9945b3d6ba2158c2634e984"
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 16777216)));
-*/
-
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('passwordPASSWORDpassword', 'saltSALTsaltSALTsaltSALTsaltSALTsalt', 25, 4096)));
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac("pass\0word", "sa\0lt", 16, 4096)));
-
-?>
---EXPECTF--
-string(40) "0c60c80f961f0e71f3a9b524af6012062fe037a6"
-string(40) "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"
-string(40) "4b007901b765489abead49d926f721d065a429c1"
-string(50) "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038"
-string(32) "56fa6aa75548099dcc37d7f03425e0c3"