delta/php-git.git/ext/hash/sha3, branch php-8.0.3 git.php.net: repository/php-src.git Make HashContexts serializable. 2020-06-30T12:30:33+00:00 Eddie Kohler ekohler@gmail.com 2020-06-08T12:29:42+00:00 ada776c84cad810e69c0d9764cbef1628744cdd4 * Modify php_hash_ops to contain the algorithm name and serialize and unserialize methods. * Implement __serialize and __unserialize magic methods on HashContext. Note that serialized HashContexts are not necessarily portable between PHP versions or from architecture to architecture. (Most are, though Keccak and slow SHA3s are not.) An exception is thrown when an unsupported serialization is attempted. Because of security concerns, HASH_HMAC contexts are not currently serializable; attempting to serialize one throws an exception. Serialization exposes the state of HashContext memory, so ensure that memory is zeroed before use by allocating it with a new php_hash_alloc_context function. Performance impact is negligible. Some hash internal states have logical pointers into a buffer, or sponge, that absorbs input provided in bytes rather than chunks. The unserialize functions for these hash functions must validate that the logical pointers are all within bounds, lest future hash operations cause out-of-bounds memory accesses. * Adler32, CRC32, FNV, joaat: simple state, no buffer positions * Gost, MD2, SHA3, Snefru, Tiger, Whirlpool: buffer positions must be validated * MD4, MD5, SHA1, SHA2, haval, ripemd: buffer positions encoded bitwise, forced to within bounds on use; no need to validate 
* Modify php_hash_ops to contain the algorithm name and
  serialize and unserialize methods.

* Implement __serialize and __unserialize magic methods on
  HashContext.

Note that serialized HashContexts are not necessarily portable
between PHP versions or from architecture to architecture.
(Most are, though Keccak and slow SHA3s are not.)

An exception is thrown when an unsupported serialization is
attempted.

Because of security concerns, HASH_HMAC contexts are not
currently serializable; attempting to serialize one throws
an exception.

Serialization exposes the state of HashContext memory, so ensure
that memory is zeroed before use by allocating it with a new
php_hash_alloc_context function. Performance impact is
negligible.

Some hash internal states have logical pointers into a buffer,
or sponge, that absorbs input provided in bytes rather than
chunks. The unserialize functions for these hash functions
must validate that the logical pointers are all within bounds,
lest future hash operations cause out-of-bounds memory accesses.

* Adler32, CRC32, FNV, joaat: simple state, no buffer positions
* Gost, MD2, SHA3, Snefru, Tiger, Whirlpool: buffer positions
  must be validated
* MD4, MD5, SHA1, SHA2, haval, ripemd: buffer positions encoded
  bitwise, forced to within bounds on use; no need to validate
Mark Keccak functions that contain expected misaligned accesses. 2020-06-30T12:26:48+00:00 Eddie Kohler ekohler@gmail.com 2020-06-27T04:12:51+00:00 dc85be5456ec2ca081ef6e94c38cbf3d78addee2 To avoid undefined behavior warnings for those accesses. 
To avoid undefined behavior warnings for those accesses.
Trailing whitespaces 2018-01-03T13:38:00+00:00 Gabriel Caruso carusogabriel34@gmail.com 2017-12-31T04:35:25+00:00 64002648562362b97fcb78b68366b1b2118ffd5b Signed-off-by: Gabriel Caruso <carusogabriel34@gmail.com> 
Signed-off-by: Gabriel Caruso <carusogabriel34@gmail.com>
Replace slow generic sha3 implementation by https://github.com/gvanas/KeccakCodePackage 2017-05-28T10:50:33+00:00 Christian Schneider schneider@search.ch 2017-04-05T15:30:23+00:00 91663a92d1697fc30a7ba4687d73e0f63ec2baa1 Fix hash_copy() tests by using correct size for sha3 context sync config.w32 with with new sha3 files Move dependency on KeccakHash.h to hash_sha3.c so we do not rely on it to install php_hash_sha3.h Allocate memory for KeccacInstance in hash_sha3.c so header files do not need to know about implementation details while keeping API backward compatible to original sha3 implementation Fix memory leak because hash_copy is called after init which already allocates the hashinstance 
Fix hash_copy() tests by using correct size for sha3 context

sync config.w32 with with new sha3 files

Move dependency on KeccakHash.h to hash_sha3.c so we do not rely on it to install php_hash_sha3.h

Allocate memory for KeccacInstance in hash_sha3.c so header files do not need to know about implementation details while keeping API backward compatible to original sha3 implementation

Fix memory leak because hash_copy is called after init which already allocates the hashinstance