Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: DomBlack/php-scrypt
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.4.3
Choose a base ref
...
head repository: DomBlack/php-scrypt
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
Loading
41 changes: 41 additions & 0 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
name: Continuous Integration

on:
push:
pull_request:

env:
REPORT_EXIT_STATUS: 1
NO_INTERACTION: 1

jobs:
tests:
name: Tests
runs-on: ubuntu-latest
strategy:
matrix:
php-version:
- 7.0
- 7.1
- 7.2
- 7.3
- 7.4
- 8.0
- 8.1
- nightly
steps:
- name: Checkout
uses: actions/checkout@master
- name: Install PHP ${{ matrix.php-version }}
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php-version }}
coverage: none
tools: none
- name: Build extension
run: |
phpize
./configure --enable-scrypt
make -j$(nproc) all
- name: Run tests
run: make -j$(nproc) test
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -8,6 +8,7 @@ scrypt-*.tgz
#

.deps
*.dep
*.lo
*.la
.libs
@@ -23,6 +24,7 @@ libtool
configure*
install-sh
ltmain.sh
ltmain.sh.backup
Makefile*
missing
mkinstalldirs
27 changes: 0 additions & 27 deletions .travis.yml

This file was deleted.

18 changes: 10 additions & 8 deletions config.m4
Original file line number Diff line number Diff line change
@@ -22,14 +22,16 @@ if test $PHP_SCRYPT != "no"; then
AC_CHECK_MEMBER([struct sysinfo.totalram], [AC_DEFINE(HAVE_STRUCT_SYSINFO_TOTALRAM)])

version=nosse
if test "$(uname)" == 'Darwin'; then
sysctl -a | grep -iq "^machdep.cpu.features.\+sse2"
else
grep -iq "^flags.\+sse2" /proc/cpuinfo
fi
if test $? == 0; then
version=sse
CFLAGS="$CFLAGS -msse -msse2"
if test "$(uname -m)" == 'x86_64' || test "$(uname -m)" == 'i386' || test "$(uname -m)" == 'i686'; then
if test "$(uname)" == 'Darwin'; then
sysctl -a | grep -iq "^machdep.cpu.features.\+sse2"
else
grep -iq "^flags.\+sse2" /proc/cpuinfo
fi
if test $? == 0; then
version=sse
CFLAGS="$CFLAGS -msse -msse2"
fi
fi
AC_DEFINE(HAVE_SCRYPT, 1, [Whether you have scrypt])
PHP_NEW_EXTENSION(scrypt, php_scrypt.c php_scrypt_utils.c crypto/sha256.c crypto/crypto_scrypt-$version.c crypto/params.c, $ext_shared)
10 changes: 4 additions & 6 deletions crypto/crypto_scrypt-nosse.c
Original file line number Diff line number Diff line change
@@ -231,24 +231,22 @@ crypto_scrypt(const uint8_t * passwd, size_t passwdlen,
uint8_t * XY;
uint32_t i;

TSRMLS_FETCH();

/* Sanity-check parameters. */
#if SIZE_MAX > UINT32_MAX
if (buflen > (((uint64_t)(1) << 32) - 1) * 32) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid Parameters: $keyLength too big");
php_error_docref(NULL, E_WARNING, "Invalid Parameters: $keyLength too big");
errno = EFBIG;
goto err0;
}
#endif
if ((uint64_t)(r) * (uint64_t)(p) >= (1 << 30)) {
errno = EFBIG;
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid Parameters; $r * $p is >= 2^30");
php_error_docref(NULL, E_WARNING, "Invalid Parameters; $r * $p is >= 2^30");
goto err0;
}
if (((N & (N - 1)) != 0) || (N == 0)) {
errno = EINVAL;
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid Parameters; $N is not a power of two greater than 1");
php_error_docref(NULL, E_WARNING, "Invalid Parameters; $N is not a power of two greater than 1");
goto err0;
}
if ((r > SIZE_MAX / 128 / p) ||
@@ -257,7 +255,7 @@ crypto_scrypt(const uint8_t * passwd, size_t passwdlen,
#endif
(N > SIZE_MAX / 128 / r)) {
errno = ENOMEM;
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid Parameters");
php_error_docref(NULL, E_WARNING, "Invalid Parameters");
goto err0;
}

10 changes: 4 additions & 6 deletions crypto/crypto_scrypt-sse.c
Original file line number Diff line number Diff line change
@@ -273,32 +273,30 @@ crypto_scrypt(const uint8_t * passwd, size_t passwdlen,
uint32_t * XY;
uint32_t i;

TSRMLS_FETCH();

/* Sanity-check parameters. */
#if SIZE_MAX > UINT32_MAX
if (buflen > (((uint64_t)(1) << 32) - 1) * 32) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid Parameters: $keyLength too big");
php_error_docref(NULL, E_WARNING, "Invalid Parameters: $keyLength too big");
errno = EFBIG;
goto err0;
}
#endif
if ((uint64_t)(r) * (uint64_t)(p) >= (1 << 30)) {
errno = EFBIG;
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid Parameters; $r * $p is >= 2^30");
php_error_docref(NULL, E_WARNING, "Invalid Parameters; $r * $p is >= 2^30");
goto err0;
}
if (((N & (N - 1)) != 0) || (N == 0)) {
errno = EINVAL;
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid Parameters; $N is not a power of two greater than 1");
php_error_docref(NULL, E_WARNING, "Invalid Parameters; $N is not a power of two greater than 1");
goto err0;
}
if ((r > SIZE_MAX / 128 / p) ||
#if SIZE_MAX / 256 <= UINT32_MAX
(r > (SIZE_MAX - 64) / 256) ||
#endif
(N > SIZE_MAX / 128 / r)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid Parameters");
php_error_docref(NULL, E_WARNING, "Invalid Parameters");
errno = ENOMEM;
goto err0;
}
56 changes: 49 additions & 7 deletions package.xml
Original file line number Diff line number Diff line change
@@ -25,17 +25,19 @@ http://pear.php.net/dtd/package-2.0.xsd">
<email>kocsismate@woohoolabs.com</email>
<active>yes</active>
</lead>
<date>2022-08-17</date>
<date>2023-05-07</date>
<version>
<release>1.4.3</release>
<api>1.4.3</api>
<release>2.0.1</release>
<api>2.0.0</api>
</version>
<stability>
<release>stable</release>
<api>stable</api>
</stability>
<license uri="http://opensource.org/licenses/BSD-2-Clause">BSD 2-Clause</license>
<notes>Fixed memory leak in PHP 7 (#48), weak CSPRNG on salts in the example file (#44)</notes>
<notes>
Check CPU architecture before attempting to enable SSE (#76)
</notes>
<contents>
<dir name="/">
<file name="config.m4" role="src" />
@@ -44,6 +46,9 @@ http://pear.php.net/dtd/package-2.0.xsd">
<file name="LICENSE" role="doc" />
<file name="php_scrypt.c" role="src" />
<file name="php_scrypt.h" role="src" />
<file name="php_scrypt_arginfo.h" role="src" />
<file name="php_scrypt_legacy_arginfo.h" role="src" />
<file name="php_scrypt.stub.php" role="src" />
<file name="php_scrypt_utils.c" role="src" />
<file name="php_scrypt_utils.h" role="src" />
<file name="README.md" role="doc" />
@@ -60,15 +65,18 @@ http://pear.php.net/dtd/package-2.0.xsd">
<file name="sysendian.h" role="src" />
</dir>
<dir name="tests">
<file role="test" name="params.phpt" />
<file role="test" name="vectors.phpt" />
<file role="test" name="scrypt_error_stacktrace.phpt" />
<file role="test" name="scrypt_errors.phpt" />
<file role="test" name="scrypt_pickparams_errors.phpt" />
<file role="test" name="scrypt_pickparams_success.phpt" />
<file role="test" name="scrypt_vectors.phpt" />
</dir>
</dir>
</contents>
<dependencies>
<required>
<php>
<min>5.3</min>
<min>7.0</min>
</php>
<pearinstaller>
<min>1.4.0</min>
@@ -80,6 +88,40 @@ http://pear.php.net/dtd/package-2.0.xsd">
<configureoption default="yes" name="enable-scrypt" prompt="whether to enable scrypt support" />
</extsrcrelease>
<changelog>
<release>
<version>
<release>2.0.1</release>
<api>2.0.0</api>
</version>
<stability>
<release>stable</release>
<api>stable</api>
</stability>
<date>2023-05-07</date>
<license uri="http://opensource.org/licenses/BSD-2-Clause">BSD 2-Clause</license>
<notes>
Check CPU architecture before attempting to enable SSE (#76)
</notes>
</release>
<release>
<version>
<release>2.0.0</release>
<api>2.0.0</api>
</version>
<stability>
<release>stable</release>
<api>stable</api>
</stability>
<date>2022-09-06</date>
<license uri="http://opensource.org/licenses/BSD-2-Clause">BSD 2-Clause</license>
<notes>
Increased PHP version requirement to 7.0 (#67, #69)
Improved parameter reflection and validation (#63, #64)
Fixed memory leak in scrypt() (#68)
Fixed compilation warning (#69)
Added support for sensitive parameters on PHP 8.2+ (#70)
</notes>
</release>
<release>
<version>
<release>1.4.3</release>
Loading