Skip to content

Commit 88c1289

Browse files
narfbgnarfbg
committed
Convert hash_hkdf() string inputs to zend_string
1 parent 16127e9 commit 88c1289

File tree

1 file changed

+20
-19
lines changed

1 file changed

+20
-19
lines changed

ext/hash/hash.c

Lines changed: 20 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -610,26 +610,25 @@ PHP_FUNCTION(hash_algos)
610610
RFC5869 HMAC-based key derivation function */
611611
PHP_FUNCTION(hash_hkdf)
612612
{
613-
zend_string *returnval;
614-
char *prk, *ikm, *algo, *info = NULL, *salt = NULL;
615-
unsigned char *digest, *K = NULL;
616-
int i, rounds;
613+
zend_string *returnval, *ikm, *algo, *info = NULL, *salt;
617614
zend_long length = 0;
618-
size_t ikm_len = 0, algo_len, info_len = 0, salt_len = 0;
615+
char *prk, *computed_salt;
616+
unsigned char *digest, *K;
617+
int i, rounds;
619618
const php_hash_ops *ops;
620619
void *context;
621620

622-
if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss|lss", &algo, &algo_len, &ikm, &ikm_len, &length, &info, &info_len, &salt, &salt_len) == FAILURE) {
621+
if (zend_parse_parameters(ZEND_NUM_ARGS(), "SS|lSS", &algo, &ikm, &length, &info, &salt) == FAILURE) {
623622
return;
624623
}
625624

626-
ops = php_hash_fetch_ops(algo, algo_len);
625+
ops = php_hash_fetch_ops(algo->val, algo->len);
627626
if (!ops) {
628-
php_error_docref(NULL, E_WARNING, "Unknown hashing algorithm: %s", algo);
627+
php_error_docref(NULL, E_WARNING, "Unknown hashing algorithm: %s", algo->val, algo->len);
629628
RETURN_FALSE;
630629
}
631630

632-
if (ikm_len <= 0) {
631+
if (ikm->len <= 0) {
633632
php_error_docref(NULL, E_WARNING, "Input keying material cannot be empty");
634633
RETURN_FALSE;
635634
}
@@ -646,29 +645,31 @@ PHP_FUNCTION(hash_hkdf)
646645
RETURN_FALSE;
647646
}
648647

649-
if (salt_len == 0)
648+
if (salt->len == 0)
650649
{
651-
salt = safe_emalloc(ops->digest_size, ops->digest_size, 0);
650+
computed_salt = safe_emalloc(ops->digest_size, ops->digest_size, 0);
652651
for (i = 0; i < ops->digest_size; i++)
653652
{
654-
salt[i] = 0x00;
653+
computed_salt[i] = 0x00;
655654
}
656655
}
656+
else {
657+
computed_salt = safe_emalloc(salt->len, salt->len, 0);
658+
memcpy(computed_salt, salt->val, salt->len);
659+
}
657660

658661
context = emalloc(ops->context_size);
659662

660663
// Extract
661664
ops->hash_init(context);
662665
K = emalloc(ops->block_size);
663-
php_hash_hmac_prep_key(K, ops, context, salt, salt_len ? salt_len : ops->digest_size);
666+
php_hash_hmac_prep_key(K, ops, context, computed_salt, salt->len ? salt->len : ops->digest_size);
664667
prk = safe_emalloc(ops->digest_size, ops->digest_size, 0);
665-
php_hash_hmac_round(prk, ops, context, K, (unsigned char *) ikm, ikm_len);
668+
php_hash_hmac_round(prk, ops, context, K, ikm->val, ikm->len);
666669
php_hash_string_xor_char(K, K, 0x6A, ops->block_size);
667670
php_hash_hmac_round(prk, ops, context, K, prk, ops->digest_size);
668671
ZEND_SECURE_ZERO(K, ops->block_size);
669-
if (salt_len == 0) {
670-
efree(salt);
671-
}
672+
efree(computed_salt);
672673

673674
// Expand
674675
returnval = zend_string_alloc(length, 0);
@@ -686,8 +687,8 @@ PHP_FUNCTION(hash_hkdf)
686687
ops->hash_update(context, digest, ops->digest_size);
687688
}
688689

689-
if (info_len) {
690-
ops->hash_update(context, (unsigned char *) info, info_len);
690+
if (info != NULL && info->len > 0) {
691+
ops->hash_update(context, info->val, info->len);
691692
}
692693

693694
ops->hash_update(context, c, 1);

0 commit comments

Comments
 (0)