diff options
| author | Frank Denis <github@pureftpd.org> | 2017-11-29 13:19:18 +0100 |
|---|---|---|
| committer | Frank Denis <github@pureftpd.org> | 2017-11-29 13:19:56 +0100 |
| commit | fc8793499ac6e1297b05c64bfae54b1246452ab6 (patch) | |
| tree | 7edaddaf856a50e3859ecda5ae6fcb8e787ca395 /ext | |
| parent | 367c0b4c33bbf71819f79da09a2f09a610952c44 (diff) | |
| download | php-git-fc8793499ac6e1297b05c64bfae54b1246452ab6.tar.gz | |
Revert "Revert "ext/sodium: pwhash: do not warn on low parameters""
This reverts commit a1845b7fdb5916b0951146ca18bb67ca83854733.
Revert "Revert "ext/sodium: throw exceptions instead of errors""
This reverts commit 31d221f9c72f0d0322c84907c5d89a4464667244.
Diffstat (limited to 'ext')
| -rw-r--r-- | ext/sodium/libsodium.c | 61 |
1 files changed, 38 insertions, 23 deletions
diff --git a/ext/sodium/libsodium.c b/ext/sodium/libsodium.c index 06a763627d..a9cb17d772 100644 --- a/ext/sodium/libsodium.c +++ b/ext/sodium/libsodium.c @@ -233,6 +233,19 @@ ZEND_END_ARG_INFO() # undef crypto_secretstream_xchacha20poly1305_ABYTES #endif +#ifndef crypto_pwhash_OPSLIMIT_MIN +# define crypto_pwhash_OPSLIMIT_MIN crypto_pwhash_OPSLIMIT_INTERACTIVE +#endif +#ifndef crypto_pwhash_MEMLIMIT_MIN +# define crypto_pwhash_MEMLIMIT_MIN crypto_pwhash_MEMLIMIT_INTERACTIVE +#endif +#ifndef crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN +# define crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE +#endif +#ifndef crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN +# define crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE +#endif + const zend_function_entry sodium_functions[] = { PHP_FE(sodium_crypto_aead_aes256gcm_is_available, AI_None) #ifdef HAVE_AESGCM @@ -1839,12 +1852,14 @@ PHP_FUNCTION(sodium_crypto_pwhash) zend_throw_exception(sodium_exception_ce, "salt should be SODIUM_CRYPTO_PWHASH_SALTBYTES bytes", 0); return; } - if (opslimit < crypto_pwhash_OPSLIMIT_INTERACTIVE) { - zend_error(E_WARNING, - "number of operations for the password hashing function is low"); + if (opslimit < crypto_pwhash_OPSLIMIT_MIN) { + zend_throw_exception(sodium_exception_ce, + "number of operations for the password hashing function is too low", 0); + return; } - if (memlimit < crypto_pwhash_MEMLIMIT_INTERACTIVE) { - zend_error(E_WARNING, "maximum memory for the password hashing function is low"); + if (memlimit < crypto_pwhash_MEMLIMIT_MIN) { + zend_throw_exception(sodium_exception_ce, + "maximum memory for the password hashing function is too low", 0); } hash = zend_string_alloc((size_t) hash_len, 0); ret = -1; @@ -1902,13 +1917,13 @@ PHP_FUNCTION(sodium_crypto_pwhash_str) if (passwd_len <= 0) { zend_error(E_WARNING, "empty password"); } - if (opslimit < crypto_pwhash_OPSLIMIT_INTERACTIVE) { - zend_error(E_WARNING, - "number of operations for the password hashing function is low"); + if (opslimit < crypto_pwhash_OPSLIMIT_MIN) { + zend_throw_exception(sodium_exception_ce, + "number of operations for the password hashing function is too low", 0); } - if (memlimit < crypto_pwhash_MEMLIMIT_INTERACTIVE) { - zend_error(E_WARNING, - "maximum memory for the password hashing function is low"); + if (memlimit < crypto_pwhash_MEMLIMIT_MIN) { + zend_throw_exception(sodium_exception_ce, + "maximum memory for the password hashing function is too low", 0); } hash_str = zend_string_alloc(crypto_pwhash_STRBYTES - 1, 0); if (crypto_pwhash_str @@ -2016,13 +2031,13 @@ PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256) 0); return; } - if (opslimit < crypto_pwhash_scryptsalsa208sha256_opslimit_interactive()) { - zend_error(E_WARNING, - "number of operations for the scrypt function is low"); + if (opslimit < crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE) { + zend_throw_exception(sodium_exception_ce, + "number of operations for the scrypt function is too low", 0); } - if (memlimit < crypto_pwhash_scryptsalsa208sha256_memlimit_interactive()) { - zend_error(E_WARNING, - "maximum memory for the scrypt function is low"); + if (memlimit < crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) { + zend_throw_exception(sodium_exception_ce, + "maximum memory for the scrypt function is too low", 0); } hash = zend_string_alloc((size_t) hash_len, 0); if (crypto_pwhash_scryptsalsa208sha256 @@ -2063,13 +2078,13 @@ PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256_str) if (passwd_len <= 0) { zend_error(E_WARNING, "empty password"); } - if (opslimit < crypto_pwhash_scryptsalsa208sha256_opslimit_interactive()) { - zend_error(E_WARNING, - "number of operations for the scrypt function is low"); + if (opslimit < crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE) { + zend_throw_exception(sodium_exception_ce, + "number of operations for the scrypt function is too low", 0); } - if (memlimit < crypto_pwhash_scryptsalsa208sha256_memlimit_interactive()) { - zend_error(E_WARNING, - "maximum memory for the scrypt function is low"); + if (memlimit < crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) { + zend_throw_exception(sodium_exception_ce, + "maximum memory for the scrypt function is too low", 0); } hash_str = zend_string_alloc (crypto_pwhash_scryptsalsa208sha256_STRBYTES - 1, 0); |