From: Eddie Kohler Date: Sun, 21 Jun 2020 23:54:39 +0000 (-0400) Subject: Correct implementation of joaat hash. X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=efad1372a532037d54978cc61589178076c9172f;p=php Correct implementation of joaat hash. Before this commit, the result produced by a joaat hash depended on how the input data was chunked. A hash produced by multiple `hash_update` operations was incorrect. For example, this code, which should produce three identical lines: var_dump(hash("joaat", "abcd")); $hash = hash_init("joaat"); hash_update($hash, "ab"); hash_update($hash, "cd"); var_dump(hash_final($hash)); $hash = hash_init("joaat"); hash_update($hash, "abc"); hash_update($hash, "d"); var_dump(hash_final($hash)); instead produced: string(8) "cd8b6206" string(8) "e590d137" string(8) "2d59d087" This is because the finalization step, involving shift operations and adds, was applied on every chunk, rather than once at the end as is required by the hash definition. After this commit, the code above produces: string(8) "cd8b6206" string(8) "cd8b6206" string(8) "cd8b6206" as expected. Some tests encoded the wrong behavior and were corrected. Closes GH-5749 --- diff --git a/ext/hash/hash_joaat.c b/ext/hash/hash_joaat.c index d6311e81de..10c3ca2748 100644 --- a/ext/hash/hash_joaat.c +++ b/ext/hash/hash_joaat.c @@ -44,17 +44,22 @@ PHP_HASH_API void PHP_JOAATUpdate(PHP_JOAAT_CTX *context, const unsigned char *i PHP_HASH_API void PHP_JOAATFinal(unsigned char digest[4], PHP_JOAAT_CTX * context) { + uint32_t hval = context->state; + hval += (hval << 3); + hval ^= (hval >> 11); + hval += (hval << 15); + #ifdef WORDS_BIGENDIAN - memcpy(digest, &context->state, 4); + memcpy(digest, &hval, 4); #else int i = 0; - unsigned char *c = (unsigned char *) &context->state; + unsigned char *c = (unsigned char *) &hval; for (i = 0; i < 4; i++) { digest[i] = c[3 - i]; } #endif - context->state = 0; + context->state = 0; } /* @@ -79,9 +84,5 @@ joaat_buf(void *buf, size_t len, uint32_t hval) hval ^= (hval >> 6); } - hval += (hval << 3); - hval ^= (hval >> 11); - hval += (hval << 15); - return hval; } diff --git a/ext/hash/tests/hash-clone.phpt b/ext/hash/tests/hash-clone.phpt index 0ef0df4449..57567c0bc5 100644 --- a/ext/hash/tests/hash-clone.phpt +++ b/ext/hash/tests/hash-clone.phpt @@ -301,7 +301,7 @@ string(16) "bebc746a33b6ab62" string(16) "893899e4415a920f" string(5) "joaat" string(8) "aaebf370" -string(8) "513479b4" +string(8) "836fb0e5" string(10) "haval128,3" string(32) "86362472c8895e68e223ef8b3711d8d9" string(32) "ebeeeb05c18af1e53d2d127b561d5e0d" diff --git a/ext/hash/tests/hash_copy_001.phpt b/ext/hash/tests/hash_copy_001.phpt index 27993b61b0..271326178d 100644 --- a/ext/hash/tests/hash_copy_001.phpt +++ b/ext/hash/tests/hash_copy_001.phpt @@ -301,7 +301,7 @@ string(16) "bebc746a33b6ab62" string(16) "893899e4415a920f" string(5) "joaat" string(8) "aaebf370" -string(8) "513479b4" +string(8) "836fb0e5" string(10) "haval128,3" string(32) "86362472c8895e68e223ef8b3711d8d9" string(32) "ebeeeb05c18af1e53d2d127b561d5e0d"