From: Frank Denis Date: Thu, 24 Aug 2017 08:59:02 +0000 (+0200) Subject: sodium ext: sync sodium_crypto_kdf_derive_from_key() with the standalone ext X-Git-Tag: php-7.2.0RC1~18 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a966d21aa8c8056c5c9fab86e0c891073d6a20e5;p=php sodium ext: sync sodium_crypto_kdf_derive_from_key() with the standalone ext Use libsodium's native function if available, use correct constant names in error messages --- diff --git a/ext/sodium/libsodium.c b/ext/sodium/libsodium.c index 692fe971c2..6b230e0589 100644 --- a/ext/sodium/libsodium.c +++ b/ext/sodium/libsodium.c @@ -3050,7 +3050,9 @@ PHP_FUNCTION(sodium_crypto_stream_keygen) PHP_FUNCTION(sodium_crypto_kdf_derive_from_key) { unsigned char ctx_padded[crypto_generichash_blake2b_PERSONALBYTES]; +#ifndef crypto_kdf_PRIMITIVE unsigned char salt[crypto_generichash_blake2b_SALTBYTES]; +#endif char *ctx; char *key; zend_string *subkey; @@ -3059,20 +3061,19 @@ PHP_FUNCTION(sodium_crypto_kdf_derive_from_key) size_t ctx_len; size_t key_len; - if (zend_parse_parameters_throw(ZEND_NUM_ARGS(), "llss", + if (zend_parse_parameters(ZEND_NUM_ARGS(), "llss", &subkey_len, &subkey_id, &ctx, &ctx_len, &key, &key_len) == FAILURE) { - sodium_remove_param_values_from_backtrace(EG(exception)); return; } if (subkey_len < crypto_kdf_BYTES_MIN) { - zend_throw_exception(sodium_exception_ce, "subkey cannot be smaller than sodium_crypto_kdf_BYTES_MIN", 0); + zend_throw_exception(sodium_exception_ce, "subkey cannot be smaller than SODIUM_CRYPTO_KDF_BYTES_MIN", 0); return; } if (subkey_len > crypto_kdf_BYTES_MAX || subkey_len > SIZE_MAX) { - zend_throw_exception(sodium_exception_ce, "subkey cannot be larger than sodium_crypto_kdf_BYTES_MAX", 0); + zend_throw_exception(sodium_exception_ce, "subkey cannot be larger than SODIUM_CRYPTO_KDF_BYTES_MAX", 0); return; } if (subkey_id < 0) { @@ -3080,15 +3081,21 @@ PHP_FUNCTION(sodium_crypto_kdf_derive_from_key) return; } if (ctx_len != crypto_kdf_CONTEXTBYTES) { - zend_throw_exception(sodium_exception_ce, "context should be sodium_crypto_kdf_CONTEXTBYTES bytes", 0); + zend_throw_exception(sodium_exception_ce, "context should be SODIUM_CRYPTO_KDF_CONTEXTBYTES bytes", 0); return; } if (key_len != crypto_kdf_KEYBYTES) { - zend_throw_exception(sodium_exception_ce, "key should be sodium_crypto_kdf_KEYBYTES bytes", 0); + zend_throw_exception(sodium_exception_ce, "key should be SODIUM_CRYPTO_KDF_KEYBYTES bytes", 0); return; } memcpy(ctx_padded, ctx, crypto_kdf_CONTEXTBYTES); memset(ctx_padded + crypto_kdf_CONTEXTBYTES, 0, sizeof ctx_padded - crypto_kdf_CONTEXTBYTES); + subkey = zend_string_alloc((size_t) subkey_len, 0); +#ifdef crypto_kdf_PRIMITIVE + crypto_kdf_derive_from_key((unsigned char *) ZSTR_VAL(subkey), + (size_t) subkey_len, (uint64_t) subkey_id, + ctx, (const unsigned char *) key); +#else salt[0] = (unsigned char) (((uint64_t) subkey_id) ); salt[1] = (unsigned char) (((uint64_t) subkey_id) >> 8); salt[2] = (unsigned char) (((uint64_t) subkey_id) >> 16); @@ -3098,16 +3105,13 @@ PHP_FUNCTION(sodium_crypto_kdf_derive_from_key) salt[6] = (unsigned char) (((uint64_t) subkey_id) >> 48); salt[7] = (unsigned char) (((uint64_t) subkey_id) >> 56); memset(salt + 8, 0, (sizeof salt) - 8); - subkey = zend_string_alloc((size_t) subkey_len, 0); - if (crypto_generichash_blake2b_salt_personal((unsigned char *) ZSTR_VAL(subkey), - (size_t) subkey_len, - NULL, 0, - (const unsigned char *) key, - crypto_kdf_KEYBYTES, - salt, ctx_padded) != 0) { - zend_throw_exception(sodium_exception_ce, "internal error", 0); - return; - } + crypto_generichash_blake2b_salt_personal((unsigned char *) ZSTR_VAL(subkey), + (size_t) subkey_len, + NULL, 0, + (const unsigned char *) key, + crypto_kdf_KEYBYTES, + salt, ctx_padded); +#endif ZSTR_VAL(subkey)[subkey_len] = 0; RETURN_STR(subkey);