- rename macros - use openssl RAND_bytes - CS

remicollet · remicollet · commit 85b90062ca84 · 2024-04-02T11:43:41.000+02:00
diff --git a/ext/openssl/openssl_pwhash.c b/ext/openssl/openssl_pwhash.c
@@ -31,51 +31,52 @@
 #include <openssl/core_names.h>
 #include <openssl/kdf.h>
 #include <openssl/thread.h>
+#include <openssl/rand.h>
 
-#define MEMLIMIT_MIN  8u
-#define MEMLIMIT_MAX  UINT32_MAX
-#define OPSLIMIT_MIN  1u
-#define OPSLIMIT_MAX  UINT32_MAX
-#define THREADS_MIN   1u
-#define THREADS_MAX   UINT32_MAX
+#define PHP_OPENSSL_MEMLIMIT_MIN  8u
+#define PHP_OPENSSL_MEMLIMIT_MAX  UINT32_MAX
+#define PHP_OPENSSL_ITERLIMIT_MIN 1u
+#define PHP_OPENSSL_ITERLIMIT_MAX UINT32_MAX
+#define PHP_OPENSSL_THREADS_MIN   1u
+#define PHP_OPENSSL_THREADS_MAX   UINT32_MAX
 
-#define ARGON_VERSION 0x13
+#define PHP_OPENSSL_ARGON_VERSION 0x13
 
-#define SALT_SIZE     16
-#define HASH_SIZE     32
-#define DIGEST_SIZE   128
+#define PHP_OPENSSL_SALT_SIZE     16
+#define PHP_OPENSSL_HASH_SIZE     32
+#define PHP_OPENSSL_DIGEST_SIZE   128
 
-static inline int get_options(zend_array *options, uint32_t *memlimit, uint32_t *opslimit, uint32_t *threads)
+static inline zend_result get_options(zend_array *options, uint32_t *memlimit, uint32_t *iterlimit, uint32_t *threads)
 {
 	zval *opt;
 
-	*opslimit = PHP_OPENSSL_PWHASH_OPSLIMIT;
-	*memlimit = PHP_OPENSSL_PWHASH_MEMLIMIT;
-	*threads  = PHP_OPENSSL_PWHASH_THREADS;
+	*iterlimit = PHP_OPENSSL_PWHASH_ITERLIMIT;
+	*memlimit  = PHP_OPENSSL_PWHASH_MEMLIMIT;
+	*threads   = PHP_OPENSSL_PWHASH_THREADS;
 
 	if (!options) {
 		return SUCCESS;
 	}
 	if ((opt = zend_hash_str_find(options, "memory_cost", strlen("memory_cost")))) {
 		zend_long smemlimit = zval_get_long(opt);
 
-		if ((smemlimit < 0) || (smemlimit < MEMLIMIT_MIN) || (smemlimit > (MEMLIMIT_MAX))) {
+		if ((smemlimit < 0) || (smemlimit < PHP_OPENSSL_MEMLIMIT_MIN) || (smemlimit > (PHP_OPENSSL_MEMLIMIT_MAX))) {
 			zend_value_error("Memory cost is outside of allowed memory range");
 			return FAILURE;
 		}
 		*memlimit = smemlimit;
 	}
 	if ((opt = zend_hash_str_find(options, "time_cost", strlen("time_cost")))) {
-		zend_long sopslimit = zval_get_long(opt);
-		if ((sopslimit < OPSLIMIT_MIN) || (sopslimit > OPSLIMIT_MAX)) {
+		zend_long siterlimit = zval_get_long(opt);
+		if ((siterlimit < PHP_OPENSSL_ITERLIMIT_MIN) || (siterlimit > PHP_OPENSSL_ITERLIMIT_MAX)) {
 			zend_value_error("Time cost is outside of allowed time range");
 			return FAILURE;
 		}
-		*opslimit = sopslimit;
+		*iterlimit = siterlimit;
 	}
 	if ((opt = zend_hash_str_find(options, "threads", strlen("threads"))) && (zval_get_long(opt) != 1)) {
 		zend_long sthreads = zval_get_long(opt);
-		if ((sthreads < THREADS_MIN) || (sthreads > THREADS_MAX)) {
+		if ((sthreads < PHP_OPENSSL_THREADS_MIN) || (sthreads > PHP_OPENSSL_THREADS_MAX)) {
 			zend_value_error("Invalid number of threads");
 			return FAILURE;
 		}
@@ -86,19 +87,22 @@ static inline int get_options(zend_array *options, uint32_t *memlimit, uint32_t
 
 static bool php_openssl_argon2_compute_hash(
 	const char *algo,
-	uint32_t version, uint32_t memlimit, uint32_t opslimit, uint32_t threads,
+	uint32_t version, uint32_t memlimit, uint32_t iterlimit, uint32_t threads,
 	const char *pass, size_t pass_len,
 	const unsigned char *salt, size_t salt_len,
 	unsigned char *hash, size_t hash_len)
 {
 	OSSL_PARAM params[7], *p = params;
+	OSSL_LIB_CTX *ctx = NULL;
 	EVP_KDF *kdf = NULL;
 	EVP_KDF_CTX *kctx = NULL;
 	bool ret = false;
 
-
 	if (threads > 1) {
-		if (OSSL_set_max_threads(NULL, threads) != 1) {
+		if ((ctx = OSSL_LIB_CTX_new()) == NULL) {
+			goto fail;
+		}
+		if (OSSL_set_max_threads(ctx, threads) != 1) {
 			goto fail;
 		}
 	}
@@ -108,76 +112,77 @@ static bool php_openssl_argon2_compute_hash(
 	*p++ = OSSL_PARAM_construct_uint32(OSSL_KDF_PARAM_ARGON2_LANES,
 		&threads);
 	*p++= OSSL_PARAM_construct_uint32(OSSL_KDF_PARAM_ITER,
-		&opslimit);
+		&iterlimit);
 	*p++ = OSSL_PARAM_construct_uint32(OSSL_KDF_PARAM_ARGON2_MEMCOST,
 		&memlimit);
 	*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
 		(void *)salt, salt_len);
 	*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD,
 		(void *)pass, pass_len);
-    *p++ = OSSL_PARAM_construct_end();
+	*p++ = OSSL_PARAM_construct_end();
 
-    if ((kdf = EVP_KDF_fetch(NULL, algo, NULL)) == NULL) {
+	if ((kdf = EVP_KDF_fetch(ctx, algo, NULL)) == NULL) {
 		goto fail;
 	}
 	if ((kctx = EVP_KDF_CTX_new(kdf)) == NULL) {
 		goto fail;
 	}
-    if (EVP_KDF_derive(kctx, hash, hash_len, params) != 1) {
+	if (EVP_KDF_derive(kctx, hash, hash_len, params) != 1) {
 		zend_value_error("Unexpected failure hashing password");
 		goto fail;
 	}
 
 	ret = true;
 
 fail:
-    EVP_KDF_free(kdf);
-    EVP_KDF_CTX_free(kctx);
+	EVP_KDF_free(kdf);
+	EVP_KDF_CTX_free(kctx);
 
 	if (threads > 1) {
-	    OSSL_set_max_threads(NULL, 0);
+		OSSL_set_max_threads(ctx, 0);
+		OSSL_LIB_CTX_free(ctx);
 	}
 	return ret;
 }
 
 static zend_string *php_openssl_argon2_hash(const zend_string *password, zend_array *options, const char *algo)
 {
-	uint32_t opslimit, memlimit, threads, version = ARGON_VERSION;
+	uint32_t iterlimit, memlimit, threads, version = PHP_OPENSSL_ARGON_VERSION;
 	zend_string *digest = NULL, *salt64 = NULL, *hash64 = NULL;
-	unsigned char hash[HASH_SIZE+1], salt[SALT_SIZE+1];
+	unsigned char hash[PHP_OPENSSL_HASH_SIZE+1], salt[PHP_OPENSSL_SALT_SIZE+1];
 
 	if ((ZSTR_LEN(password) >= UINT32_MAX)) {
 		zend_value_error("Password is too long");
 		return NULL;
 	}
-	if (get_options(options, &memlimit, &opslimit, &threads) == FAILURE) {
+	if (get_options(options, &memlimit, &iterlimit, &threads) == FAILURE) {
 		return NULL;
 	}
-	if (FAILURE == php_random_bytes_throw(salt, SALT_SIZE)) {
+	if (RAND_bytes(salt, PHP_OPENSSL_SALT_SIZE) <= 0) {
 		return NULL;
 	}
 
-	if (!php_openssl_argon2_compute_hash(algo, version, memlimit, opslimit, threads,
-			ZSTR_VAL(password), ZSTR_LEN(password),	salt, SALT_SIZE, hash, HASH_SIZE)) {
+	if (!php_openssl_argon2_compute_hash(algo, version, memlimit, iterlimit, threads,
+			ZSTR_VAL(password), ZSTR_LEN(password),	salt, PHP_OPENSSL_SALT_SIZE, hash, PHP_OPENSSL_HASH_SIZE)) {
 		return NULL;
 	}
 
-	hash64 = php_base64_encode_ex(hash, HASH_SIZE, PHP_BASE64_NO_PADDING);
+	hash64 = php_base64_encode_ex(hash, PHP_OPENSSL_HASH_SIZE, PHP_BASE64_NO_PADDING);
 
-	salt64 = php_base64_encode_ex(salt, SALT_SIZE, PHP_BASE64_NO_PADDING);
+	salt64 = php_base64_encode_ex(salt, PHP_OPENSSL_SALT_SIZE, PHP_BASE64_NO_PADDING);
 
-	digest = zend_string_alloc(DIGEST_SIZE, 0);
+	digest = zend_string_alloc(PHP_OPENSSL_DIGEST_SIZE, 0);
 	ZSTR_LEN(digest) = snprintf(ZSTR_VAL(digest), ZSTR_LEN(digest), "$%s$v=%d$m=%u,t=%u,p=%u$%s$%s",
-		algo, version, memlimit, opslimit, threads, ZSTR_VAL(salt64), ZSTR_VAL(hash64));
+		algo, version, memlimit, iterlimit, threads, ZSTR_VAL(salt64), ZSTR_VAL(hash64));
 
 	zend_string_release(salt64);
 	zend_string_release(hash64);
 
-    return digest;
+	return digest;
 }
 
 static int php_openssl_argon2_extract(
-	const zend_string *digest, uint32_t *version, uint32_t *memlimit, uint32_t *opslimit,
+	const zend_string *digest, uint32_t *version, uint32_t *memlimit, uint32_t *iterlimit,
 	uint32_t *threads, zend_string **salt, zend_string **hash)
 {
 	const char *p;
@@ -195,7 +200,7 @@ static int php_openssl_argon2_extract(
 		return FAILURE;
 	}
 	if (sscanf(p, "v=%" PRIu32 "$m=%" PRIu32 ",t=%" PRIu32 ",p=%" PRIu32,
-	       version, memlimit, opslimit, threads) != 4) {
+		   version, memlimit, iterlimit, threads) != 4) {
 		return FAILURE;
 	}
 	if (salt && hash) {
@@ -226,19 +231,19 @@ static int php_openssl_argon2_extract(
 
 static bool php_openssl_argon2_verify(const zend_string *password, const zend_string *digest, const char *algo)
 {
-	uint32_t version, opslimit, memlimit, threads;
+	uint32_t version, iterlimit, memlimit, threads;
 	zend_string *salt, *hash, *new;
 	bool ret = false;
 
 	if ((ZSTR_LEN(password) >= UINT32_MAX) || (ZSTR_LEN(digest) >= UINT32_MAX)) {
 		return false;
 	}
-	if (FAILURE == php_openssl_argon2_extract(digest, &version, &memlimit, &opslimit, &threads, &salt, &hash)) {
+	if (FAILURE == php_openssl_argon2_extract(digest, &version, &memlimit, &iterlimit, &threads, &salt, &hash)) {
 		return false;
 	}
 
 	new = zend_string_alloc(ZSTR_LEN(hash), 0);
-	if (php_openssl_argon2_compute_hash(algo, version, memlimit, opslimit, threads,
+	if (php_openssl_argon2_compute_hash(algo, version, memlimit, iterlimit, threads,
 			ZSTR_VAL(password), ZSTR_LEN(password),	(unsigned char *)ZSTR_VAL(salt),
 			ZSTR_LEN(salt), (unsigned char *)ZSTR_VAL(new), ZSTR_LEN(new))) {
 		ret = (php_safe_bcmp(hash, new) == 0);
@@ -263,19 +268,19 @@ static bool php_openssl_argon2id_verify(const zend_string *password, const zend_
 
 static bool php_openssl_argon2_needs_rehash(const zend_string *hash, zend_array *options)
 {
-	uint32_t version, opslimit, memlimit, threads;
-	uint32_t new_version = ARGON_VERSION, new_opslimit, new_memlimit, new_threads;
+	uint32_t version, iterlimit, memlimit, threads;
+	uint32_t new_version = PHP_OPENSSL_ARGON_VERSION, new_iterlimit, new_memlimit, new_threads;
 
-	if (FAILURE == get_options(options, &new_memlimit, &new_opslimit, &new_threads)) {
+	if (FAILURE == get_options(options, &new_memlimit, &new_iterlimit, &new_threads)) {
 		return true;
 	}
-	if (FAILURE == php_openssl_argon2_extract(hash, &version, &memlimit, &opslimit, &threads, NULL, NULL)) {
+	if (FAILURE == php_openssl_argon2_extract(hash, &version, &memlimit, &iterlimit, &threads, NULL, NULL)) {
 		return true;
 	}
 
 	// Algo already checked in pasword_needs_rehash implementation
 	return (version != new_version) ||
-		(opslimit != new_opslimit) ||
+		(iterlimit != new_iterlimit) ||
 		(memlimit != new_memlimit) ||
 		(threads != new_threads);
 }
diff --git a/ext/openssl/openssl_pwhash.stub.php b/ext/openssl/openssl_pwhash.stub.php
@@ -18,7 +18,7 @@
 const PASSWORD_ARGON2_DEFAULT_MEMORY_COST = UNKNOWN;
 /**
  * @var int
- * @cvalue PHP_OPENSSL_PWHASH_OPSLIMIT
+ * @cvalue PHP_OPENSSL_PWHASH_ITERLIMIT
  */
 const PASSWORD_ARGON2_DEFAULT_TIME_COST = UNKNOWN;
 /**
diff --git a/ext/openssl/openssl_pwhash_arginfo.h b/ext/openssl/openssl_pwhash_arginfo.h
diff --git a/ext/openssl/php_openssl.h b/ext/openssl/php_openssl.h
@@ -172,9 +172,9 @@ static inline php_openssl_certificate_object *php_openssl_certificate_from_obj(z
 #define PHP_OPENSSL_PWHASH_MEMLIMIT (64 << 10)
 #endif
 #if defined(PHP_PASSWORD_ARGON2_TIME_COST)
-#define PHP_OPENSSL_PWHASH_OPSLIMIT PHP_PASSWORD_ARGON2_TIME_COST
+#define PHP_OPENSSL_PWHASH_ITERLIMIT PHP_PASSWORD_ARGON2_TIME_COST
 #else
-#define PHP_OPENSSL_PWHASH_OPSLIMIT 4
+#define PHP_OPENSSL_PWHASH_ITERLIMIT 4
 #endif
 #if defined(PHP_PASSWORD_ARGON2_THREADS)
 #define PHP_OPENSSL_PWHASH_THREADS PHP_PASSWORD_ARGON2_THREADS
