Revert "Add PBKDF2 support via openssl()"

This reverts commit b5b8ea1050837fba5a6cee55e41b4574ed64158e.
Looks like we don't have agreement yet on this for 5.4. Let's keep it in 5.5 for now.

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 28f76184f4947e72e92a8d99189c7980fa5cbbbc..7187a9601e6628bf0f389acb76f6762c500da9be 100644 (file)
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -242,16 +242,6 @@ ZEND_BEGIN_ARG_INFO(arginfo_openssl_pkey_get_details, 0)
     ZEND_ARG_INFO(0, key)
 ZEND_END_ARG_INFO()
 
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-ZEND_BEGIN_ARG_INFO_EX(arginfo_openssl_pkcs5_pbkdf2_hmac, 0, 0, 4)
-    ZEND_ARG_INFO(0, password)
-    ZEND_ARG_INFO(0, salt)
-    ZEND_ARG_INFO(0, key_length)
-    ZEND_ARG_INFO(0, iterations)
-    ZEND_ARG_INFO(0, digest_algorithm)
-ZEND_END_ARG_INFO()
-#endif
-
 ZEND_BEGIN_ARG_INFO_EX(arginfo_openssl_pkcs7_verify, 0, 0, 2)
     ZEND_ARG_INFO(0, filename)
     ZEND_ARG_INFO(0, flags)
@@ -438,10 +428,6 @@ const zend_function_entry openssl_functions[] = {
        PHP_FE(openssl_seal,                            arginfo_openssl_seal)
        PHP_FE(openssl_open,                            arginfo_openssl_open)
 
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-       PHP_FE(openssl_pkcs5_pbkdf2_hmac,       arginfo_openssl_pkcs5_pbkdf2_hmac)
-#endif
-
 /* for S/MIME handling */
        PHP_FE(openssl_pkcs7_verify,            arginfo_openssl_pkcs7_verify)
        PHP_FE(openssl_pkcs7_decrypt,           arginfo_openssl_pkcs7_decrypt)
@@ -3331,57 +3317,6 @@ PHP_FUNCTION(openssl_pkey_get_details)
 
 /* }}} */
 
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-
-/* {{{ proto string openssl_pkcs5_pbkdf2_hmac(string password, string salt, long key_length, long iterations [, string digest_method = "sha1"])
-   Generates a PKCS5 v2 PBKDF2 string, defaults to sha1 */
-PHP_FUNCTION(openssl_pkcs5_pbkdf2_hmac)
-{
-       long key_length = 0, iterations = 0;
-       char *password; int password_len;
-       char *salt; int salt_len;
-       char *method; int method_len = 0;
-       unsigned char *out_buffer;
-
-       const EVP_MD *digest;
-
-       if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssll|s",
-                               &password, &password_len,
-                               &salt, &salt_len,
-                               &key_length, &iterations,
-                               &method, &method_len) == FAILURE) {
-               return;
-       }
-
-       if (key_length <= 0) {
-               RETURN_FALSE;
-       }
-
-       if (method_len) {
-               digest = EVP_get_digestbyname(method);
-       } else {
-               digest = EVP_sha1();
-       }
-
-       if (!digest) {
-               php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm");
-               RETURN_FALSE;
-       }
-
-       out_buffer = emalloc(key_length + 1);
-       out_buffer[key_length] = '\0';
-
-       if (PKCS5_PBKDF2_HMAC(password, password_len, (unsigned char *)salt, salt_len, iterations, digest, key_length, out_buffer) == 1) {
-               RETVAL_STRINGL((char *)out_buffer, key_length, 0);
-       } else {
-               efree(out_buffer);
-               RETURN_FALSE;
-       }
-}
-/* }}} */
-
-#endif
-
 /* {{{ PKCS7 S/MIME functions */
 
 /* {{{ proto bool openssl_pkcs7_verify(string filename, long flags [, string signerscerts [, array cainfo [, string extracerts [, string content]]]])

diff --git a/ext/openssl/php_openssl.h b/ext/openssl/php_openssl.h
index 0dbe7d288730273a37284b1981341eca427be93a..fc118dba1ebb8d9f4af038852db18531bdf5712b 100644 (file)
--- a/ext/openssl/php_openssl.h
+++ b/ext/openssl/php_openssl.h
@@ -52,8 +52,6 @@ PHP_FUNCTION(openssl_private_decrypt);
 PHP_FUNCTION(openssl_public_encrypt);
 PHP_FUNCTION(openssl_public_decrypt);
 
-PHP_FUNCTION(openssl_pkcs5_pbkdf2_hmac);
-
 PHP_FUNCTION(openssl_pkcs7_verify);
 PHP_FUNCTION(openssl_pkcs7_decrypt);
 PHP_FUNCTION(openssl_pkcs7_sign);

diff --git a/ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt b/ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt
deleted file mode 100644 (file)
index af1fcb1..0000000
--- a/ext/openssl/tests/openssl_pkcs5_pbkdf2_hmac.phpt
+++ /dev/null
@@ -1,26 +0,0 @@
---TEST--
-openssl_pkcs5_pbkdf2_hmac() tests
---SKIPIF--
-<?php if (!extension_loaded("openssl") || !function_exists("openssl_pkcs5_pbkdf2_hmac")) print "skip"; ?>
---FILE--
-<?php
-// official test vectors
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 1)));
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 2)));
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 4096)));
-
-/* really slow but should be:
-string(40) "eefe3d61cd4da4e4e9945b3d6ba2158c2634e984"
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('password', 'salt', 20, 16777216)));
-*/
-
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac('passwordPASSWORDpassword', 'saltSALTsaltSALTsaltSALTsaltSALTsalt', 25, 4096)));
-var_dump(bin2hex(openssl_pkcs5_pbkdf2_hmac("pass\0word", "sa\0lt", 16, 4096)));
-
-?>
---EXPECTF--
-string(40) "0c60c80f961f0e71f3a9b524af6012062fe037a6"
-string(40) "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957"
-string(40) "4b007901b765489abead49d926f721d065a429c1"
-string(50) "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038"
-string(32) "56fa6aa75548099dcc37d7f03425e0c3"