php-internal-docs 8.4.8
Unofficial docs for php/php-src
Loading...
Searching...
No Matches
crypt.c
Go to the documentation of this file.
1/*
2 +----------------------------------------------------------------------+
3 | Copyright (c) The PHP Group |
4 +----------------------------------------------------------------------+
5 | This source file is subject to version 3.01 of the PHP license, |
6 | that is bundled with this package in the file LICENSE, and is |
7 | available through the world-wide-web at the following url: |
8 | https://www.php.net/license/3_01.txt |
9 | If you did not receive a copy of the PHP license and are unable to |
10 | obtain it through the world-wide-web, please send a note to |
11 | license@php.net so we can mail you a copy immediately. |
12 +----------------------------------------------------------------------+
13 | Authors: Stig Bakken <ssb@php.net> |
14 | Zeev Suraski <zeev@php.net> |
15 | Rasmus Lerdorf <rasmus@php.net> |
16 | Pierre Joye <pierre@php.net> |
17 +----------------------------------------------------------------------+
18*/
19
20#include <stdlib.h>
21
22#include "php.h"
23
24#ifdef HAVE_UNISTD_H
25#include <unistd.h>
26#endif
27#if PHP_USE_PHP_CRYPT_R
28# include "php_crypt_r.h"
29# include "crypt_freesec.h"
30#else
31# ifdef HAVE_CRYPT_H
32# if defined(CRYPT_R_GNU_SOURCE) && !defined(_GNU_SOURCE)
33# define _GNU_SOURCE
34# endif
35# include <crypt.h>
36# endif
37#endif
38#include <time.h>
39#include <string.h>
40
41#ifdef PHP_WIN32
42#include <process.h>
43#endif
44
45#include "php_crypt.h"
46
47/* Used to check DES salts to ensure that they contain only valid characters */
48#define IS_VALID_SALT_CHARACTER(c) (((c) >= '.' && (c) <= '9') || ((c) >= 'A' && (c) <= 'Z') || ((c) >= 'a' && (c) <= 'z'))
49
50PHP_MINIT_FUNCTION(crypt) /* {{{ */
51{
52#if PHP_USE_PHP_CRYPT_R
53 php_init_crypt_r();
54#endif
55
56 return SUCCESS;
57}
58/* }}} */
59
60PHP_MSHUTDOWN_FUNCTION(crypt) /* {{{ */
61{
62#if PHP_USE_PHP_CRYPT_R
63 php_shutdown_crypt_r();
64#endif
65
66 return SUCCESS;
67}
68/* }}} */
69
70PHPAPI zend_string *php_crypt(const char *password, const int pass_len, const char *salt, int salt_len, bool quiet)
71{
72 char *crypt_res;
73 zend_string *result;
74
75 if (salt[0] == '*' && (salt[1] == '0' || salt[1] == '1')) {
76 return NULL;
77 }
78
79/* Windows (win32/crypt) has a stripped down version of libxcrypt and
80 a CryptoApi md5_crypt implementation */
81#if PHP_USE_PHP_CRYPT_R
82 {
83 struct php_crypt_extended_data buffer;
84
85 if (salt[0]=='$' && salt[1]=='1' && salt[2]=='$') {
86 char output[MD5_HASH_MAX_LEN], *out;
87
88 out = php_md5_crypt_r(password, salt, output);
89 if (out) {
90 return zend_string_init(out, strlen(out), 0);
91 }
92 return NULL;
93 } else if (salt[0]=='$' && salt[1]=='6' && salt[2]=='$') {
94 char *output;
95 output = emalloc(PHP_MAX_SALT_LEN);
96
97 crypt_res = php_sha512_crypt_r(password, salt, output, PHP_MAX_SALT_LEN);
98 if (!crypt_res) {
99 ZEND_SECURE_ZERO(output, PHP_MAX_SALT_LEN);
100 efree(output);
101 return NULL;
102 } else {
103 result = zend_string_init(output, strlen(output), 0);
104 ZEND_SECURE_ZERO(output, PHP_MAX_SALT_LEN);
105 efree(output);
106 return result;
107 }
108 } else if (salt[0]=='$' && salt[1]=='5' && salt[2]=='$') {
109 char *output;
110 output = emalloc(PHP_MAX_SALT_LEN);
111
112 crypt_res = php_sha256_crypt_r(password, salt, output, PHP_MAX_SALT_LEN);
113 if (!crypt_res) {
114 ZEND_SECURE_ZERO(output, PHP_MAX_SALT_LEN);
115 efree(output);
116 return NULL;
117 } else {
118 result = zend_string_init(output, strlen(output), 0);
119 ZEND_SECURE_ZERO(output, PHP_MAX_SALT_LEN);
120 efree(output);
121 return result;
122 }
123 } else if (
124 salt[0] == '$' &&
125 salt[1] == '2' &&
126 salt[2] != 0 &&
127 salt[3] == '$') {
128 char output[PHP_MAX_SALT_LEN + 1];
129
130 memset(output, 0, PHP_MAX_SALT_LEN + 1);
131
132 crypt_res = php_crypt_blowfish_rn(password, salt, output, sizeof(output));
133 if (!crypt_res) {
134 ZEND_SECURE_ZERO(output, PHP_MAX_SALT_LEN + 1);
135 return NULL;
136 } else {
137 result = zend_string_init(output, strlen(output), 0);
138 ZEND_SECURE_ZERO(output, PHP_MAX_SALT_LEN + 1);
139 return result;
140 }
141 } else if (salt[0] == '_'
142 || (IS_VALID_SALT_CHARACTER(salt[0]) && IS_VALID_SALT_CHARACTER(salt[1]))) {
143 /* DES Fallback */
144 memset(&buffer, 0, sizeof(buffer));
145 _crypt_extended_init_r();
146
147 crypt_res = _crypt_extended_r((const unsigned char *) password, salt, &buffer);
148 if (!crypt_res || (salt[0] == '*' && salt[1] == '0')) {
149 return NULL;
150 } else {
151 result = zend_string_init(crypt_res, strlen(crypt_res), 0);
152 return result;
153 }
154 } else {
155 /* Unknown hash type */
156 return NULL;
157 }
158 }
159#else
160
161# if defined(HAVE_CRYPT_R) && (defined(_REENTRANT) || defined(_THREAD_SAFE))
162# if defined(CRYPT_R_STRUCT_CRYPT_DATA)
163 struct crypt_data buffer;
164 memset(&buffer, 0, sizeof(buffer));
165# elif defined(CRYPT_R_CRYPTD)
166 CRYPTD buffer;
167# else
168# error Data struct used by crypt_r() is unknown. Please report.
169# endif
170 crypt_res = crypt_r(password, salt, &buffer);
171# elif defined(HAVE_CRYPT)
172 crypt_res = crypt(password, salt);
173# else
174# error No crypt() implementation
175# endif
176#endif
177
178 if (!crypt_res || (salt[0] == '*' && salt[1] == '0')) {
179 return NULL;
180 } else {
181 result = zend_string_init(crypt_res, strlen(crypt_res), 0);
182 return result;
183 }
184}
185/* }}} */
186
187
188/* {{{ Hash a string */
189PHP_FUNCTION(crypt)
190{
191 char salt[PHP_MAX_SALT_LEN + 1];
192 char *str, *salt_in = NULL;
193 size_t str_len, salt_in_len = 0;
194 zend_string *result;
195
196 ZEND_PARSE_PARAMETERS_START(2, 2)
197 Z_PARAM_STRING(str, str_len)
198 Z_PARAM_STRING(salt_in, salt_in_len)
199 ZEND_PARSE_PARAMETERS_END();
200
201 salt[0] = salt[PHP_MAX_SALT_LEN] = '\0';
202
203 /* This will produce suitable results if people depend on DES-encryption
204 * available (passing always 2-character salt). At least for glibc6.1 */
205 memset(&salt[1], '$', PHP_MAX_SALT_LEN - 1);
206 memcpy(salt, salt_in, MIN(PHP_MAX_SALT_LEN, salt_in_len));
207
208 salt_in_len = MIN(PHP_MAX_SALT_LEN, salt_in_len);
209 salt[salt_in_len] = '\0';
210
211 if ((result = php_crypt(str, (int)str_len, salt, (int)salt_in_len, 0)) == NULL) {
212 if (salt[0] == '*' && salt[1] == '0') {
213 RETURN_STRING("*1");
214 } else {
215 RETURN_STRING("*0");
216 }
217 }
218 RETURN_STR(result);
219}
220/* }}} */
crypt
crypt(#[\SensitiveParameter] string $string, string $salt)
Definition basic_functions.stub.php:2112
IS_VALID_SALT_CHARACTER
#define IS_VALID_SALT_CHARACTER(c)
Definition crypt.c:48
php_crypt
PHPAPI zend_string * php_crypt(const char *password, const int pass_len, const char *salt, int salt_len, bool quiet)
Definition crypt.c:70
php_crypt_blowfish_rn
char * php_crypt_blowfish_rn(const char *key, const char *setting, char *output, int size)
Definition crypt_blowfish.c:803
_crypt_extended_r
char * _crypt_extended_r(const unsigned char *key, const char *setting, struct php_crypt_extended_data *data)
Definition crypt_freesec.c:608
crypt_freesec.h
MD5_HASH_MAX_LEN
#define MD5_HASH_MAX_LEN
Definition crypt_freesec.h:6
php_sha256_crypt_r
char * php_sha256_crypt_r(const char *key, const char *salt, char *buffer, int buflen)
Definition crypt_sha256.c:319
php_sha512_crypt_r
char * php_sha512_crypt_r(const char *key, const char *salt, char *buffer, int buflen)
Definition crypt_sha512.c:358
memcpy
memcpy(ptr1, ptr2, size)
memset
memset(ptr, 0, type->size)
NULL
#define NULL
Definition gdcache.h:45
SUCCESS
#define SUCCESS
Definition hash_sha3.c:261
PHP_FUNCTION
#define PHP_FUNCTION
Definition php.h:364
PHP_MSHUTDOWN_FUNCTION
#define PHP_MSHUTDOWN_FUNCTION
Definition php.h:401
PHP_MINIT_FUNCTION
#define PHP_MINIT_FUNCTION
Definition php.h:400
PHPAPI
#define PHPAPI
Definition php.h:71
php_crypt.h
PHP_MAX_SALT_LEN
#define PHP_MAX_SALT_LEN
Definition php_crypt.h:28
php_shutdown_crypt_r
void php_shutdown_crypt_r(void)
Definition php_crypt_r.c:57
php_init_crypt_r
void php_init_crypt_r(void)
Definition php_crypt_r.c:50
_crypt_extended_init_r
void _crypt_extended_init_r(void)
Definition php_crypt_r.c:64
php_md5_crypt_r
char * php_md5_crypt_r(const char *pw, const char *salt, char *out)
Definition php_crypt_r.c:101
php_crypt_r.h
buffer
Definition file.h:177
php_crypt_extended_data
Definition crypt_freesec.h:8
RETURN_STRING
#define RETURN_STRING(s)
Definition zend_API.h:1043
ZEND_PARSE_PARAMETERS_END
#define ZEND_PARSE_PARAMETERS_END()
Definition zend_API.h:1641
Z_PARAM_STRING
#define Z_PARAM_STRING(dest, dest_len)
Definition zend_API.h:2071
ZEND_PARSE_PARAMETERS_START
#define ZEND_PARSE_PARAMETERS_START(min_num_args, max_num_args)
Definition zend_API.h:1620
RETURN_STR
#define RETURN_STR(s)
Definition zend_API.h:1039
efree
#define efree(ptr)
Definition zend_alloc.h:155
emalloc
#define emalloc(size)
Definition zend_alloc.h:151
strlen
strlen(string $string)
Definition zend_builtin_functions.stub.php:25
zend_string
struct _zend_string zend_string
Definition zend_map_ptr.h:24
MIN
#define MIN(a, b)
Definition zend_portability.h:460
ZEND_SECURE_ZERO
#define ZEND_SECURE_ZERO(var, size)
Definition zend_portability.h:504
result
bool result
Definition zend_vm_def.h:455
out
out($f, $s)
Definition zend_vm_gen.php:551