Disallow non-crypto hashes in HMAC and PBKDF2

narfbg · nikic · commit d89d149edf39 · 2017-01-18T21:13:54.000+01:00
For this purpose add is_crypto flag to php_hash_ops.
diff --git a/UPGRADING b/UPGRADING
@@ -42,6 +42,10 @@ PHP 7.2 UPGRADE NOTES
     such, its behavior now follows fmod() rather than the `%` operator. For
     example `bcmod('4', '3.5')` now returns '0.5' instead of '1'.
 
+- Hash:
+  . The hash_hmac(), hash_hmac_file() and hash_pbkdf2() functions no longer
+    accept non-cryptographic hashes.
+
 - PCRE:
   . preg_match() and other PCRE functions now distinguish between unmatched
     subpatterns and empty matches by reporting NULL and "" (empty string),
diff --git a/ext/hash/hash.c b/ext/hash/hash.c
@@ -248,6 +248,11 @@ static void php_hash_do_hash_hmac(INTERNAL_FUNCTION_PARAMETERS, int isfilename,
 		php_error_docref(NULL, E_WARNING, "Unknown hashing algorithm: %s", algo);
 		RETURN_FALSE;
 	}
+	else if (!ops->is_crypto) {
+		php_error_docref(NULL, E_WARNING, "Non-cryptographic hashing algorithm: %s", algo);
+		RETURN_FALSE;
+	}
+
 	if (isfilename) {
 		if (CHECK_NULL_PATH(data, data_len)) {
 			php_error_docref(NULL, E_WARNING, "Invalid path");
@@ -597,25 +602,6 @@ PHP_FUNCTION(hash_algos)
 }
 /* }}} */
 
-static inline zend_bool php_hash_is_crypto(const char *algo, size_t algo_len) {
-
-	char *blacklist[] = { "adler32", "crc32", "crc32b", "fnv132", "fnv1a32", "fnv164", "fnv1a64", "joaat", NULL };
-	char *lower = zend_str_tolower_dup(algo, algo_len);
-	int i = 0;
-
-	while (blacklist[i]) {
-		if (strcmp(lower, blacklist[i]) == 0) {
-			efree(lower);
-			return 0;
-		}
-
-		i++;
-	}
-
-	efree(lower);
-	return 1;
-}
-
 /* {{{ proto string hash_hkdf(string algo, string ikm [, int length = 0, string info = '', string salt = ''])
 RFC5869 HMAC-based key derivation function */
 PHP_FUNCTION(hash_hkdf)
@@ -636,8 +622,8 @@ PHP_FUNCTION(hash_hkdf)
 		php_error_docref(NULL, E_WARNING, "Unknown hashing algorithm: %s", ZSTR_VAL(algo));
 		RETURN_FALSE;
 	}
-	
-	if (!php_hash_is_crypto(ZSTR_VAL(algo), ZSTR_LEN(algo))) {
+
+	if (!ops->is_crypto) {
 		php_error_docref(NULL, E_WARNING, "Non-cryptographic hashing algorithm: %s", ZSTR_VAL(algo));
 		RETURN_FALSE;
 	}
@@ -736,6 +722,10 @@ PHP_FUNCTION(hash_pbkdf2)
 		php_error_docref(NULL, E_WARNING, "Unknown hashing algorithm: %s", algo);
 		RETURN_FALSE;
 	}
+	else if (!ops->is_crypto) {
+		php_error_docref(NULL, E_WARNING, "Non-cryptographic hashing algorithm: %s", algo);
+		RETURN_FALSE;
+	}
 
 	if (iterations <= 0) {
 		php_error_docref(NULL, E_WARNING, "Iterations must be a positive integer: " ZEND_LONG_FMT, iterations);
diff --git a/ext/hash/hash_adler32.c b/ext/hash/hash_adler32.c
@@ -69,7 +69,8 @@ const php_hash_ops php_hash_adler32_ops = {
 	(php_hash_copy_func_t) PHP_ADLER32Copy,
 	4, /* what to say here? */
 	4,
-	sizeof(PHP_ADLER32_CTX)
+	sizeof(PHP_ADLER32_CTX),
+	0
 };
 
 /*
diff --git a/ext/hash/hash_crc32.c b/ext/hash/hash_crc32.c
@@ -79,7 +79,8 @@ const php_hash_ops php_hash_crc32_ops = {
 	(php_hash_copy_func_t) PHP_CRC32Copy,
 	4, /* what to say here? */
 	4,
-	sizeof(PHP_CRC32_CTX)
+	sizeof(PHP_CRC32_CTX),
+	0
 };
 
 const php_hash_ops php_hash_crc32b_ops = {
@@ -89,7 +90,8 @@ const php_hash_ops php_hash_crc32b_ops = {
 	(php_hash_copy_func_t) PHP_CRC32Copy,
 	4, /* what to say here? */
 	4,
-	sizeof(PHP_CRC32_CTX)
+	sizeof(PHP_CRC32_CTX),
+	0
 };
 
 /*
diff --git a/ext/hash/hash_fnv.c b/ext/hash/hash_fnv.c
@@ -31,17 +31,19 @@ const php_hash_ops php_hash_fnv132_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	4,
 	4,
-	sizeof(PHP_FNV132_CTX)
+	sizeof(PHP_FNV132_CTX),
+	0
 };
 
-	const php_hash_ops php_hash_fnv1a32_ops = {
+const php_hash_ops php_hash_fnv1a32_ops = {
 	(php_hash_init_func_t) PHP_FNV132Init,
 	(php_hash_update_func_t) PHP_FNV1a32Update,
  	(php_hash_final_func_t) PHP_FNV132Final,
 	(php_hash_copy_func_t) php_hash_copy,
 	4,
 	4,
-	sizeof(PHP_FNV132_CTX)
+	sizeof(PHP_FNV132_CTX),
+	0
 };
 
 const php_hash_ops php_hash_fnv164_ops = {
@@ -51,7 +53,8 @@ const php_hash_ops php_hash_fnv164_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	8,
 	4,
-	sizeof(PHP_FNV164_CTX)
+	sizeof(PHP_FNV164_CTX),
+	0
 };
 
 const php_hash_ops php_hash_fnv1a64_ops = {
@@ -61,7 +64,8 @@ const php_hash_ops php_hash_fnv1a64_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	8,
 	4,
-	sizeof(PHP_FNV164_CTX)
+	sizeof(PHP_FNV164_CTX),
+	0
 };
 
 /* {{{ PHP_FNV132Init
diff --git a/ext/hash/hash_gost.c b/ext/hash/hash_gost.c
@@ -316,7 +316,8 @@ const php_hash_ops php_hash_gost_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	32,
 	32,
-	sizeof(PHP_GOST_CTX)
+	sizeof(PHP_GOST_CTX),
+	1
 };
 
 const php_hash_ops php_hash_gost_crypto_ops = {
@@ -326,7 +327,8 @@ const php_hash_ops php_hash_gost_crypto_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	32,
 	32,
-	sizeof(PHP_GOST_CTX)
+	sizeof(PHP_GOST_CTX),
+	1
 };
 
 /*
diff --git a/ext/hash/hash_haval.c b/ext/hash/hash_haval.c
@@ -255,7 +255,7 @@ const php_hash_ops php_hash_##p##haval##b##_ops = { \
 	(php_hash_update_func_t) PHP_HAVALUpdate, \
 	(php_hash_final_func_t) PHP_HAVAL##b##Final, \
 	(php_hash_copy_func_t) php_hash_copy, \
-	((b) / 8), 128, sizeof(PHP_HAVAL_CTX) }; \
+	((b) / 8), 128, sizeof(PHP_HAVAL_CTX), 1 }; \
 PHP_HASH_API void PHP_##p##HAVAL##b##Init(PHP_HAVAL_CTX *context) \
 {	int i; context->count[0] = 	context->count[1] = 	0; \
 	for(i = 0; i < 8; i++) context->state[i] = D0[i]; \
diff --git a/ext/hash/hash_joaat.c b/ext/hash/hash_joaat.c
@@ -32,7 +32,8 @@ const php_hash_ops php_hash_joaat_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	4,
 	4,
-	sizeof(PHP_JOAAT_CTX)
+	sizeof(PHP_JOAAT_CTX),
+	0
 };
 
 PHP_HASH_API void PHP_JOAATInit(PHP_JOAAT_CTX *context)
diff --git a/ext/hash/hash_md.c b/ext/hash/hash_md.c
@@ -28,7 +28,8 @@ const php_hash_ops php_hash_md5_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	16,
 	64,
-	sizeof(PHP_MD5_CTX)
+	sizeof(PHP_MD5_CTX),
+	1
 };
 
 const php_hash_ops php_hash_md4_ops = {
@@ -38,7 +39,8 @@ const php_hash_ops php_hash_md4_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	16,
 	64,
-	sizeof(PHP_MD4_CTX)
+	sizeof(PHP_MD4_CTX),
+	1
 };
 
 const php_hash_ops php_hash_md2_ops = {
@@ -48,7 +50,8 @@ const php_hash_ops php_hash_md2_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	16,
 	16,
-	sizeof(PHP_MD2_CTX)
+	sizeof(PHP_MD2_CTX),
+	1
 };
 
 /* MD common stuff */
diff --git a/ext/hash/hash_ripemd.c b/ext/hash/hash_ripemd.c
@@ -32,7 +32,8 @@ const php_hash_ops php_hash_ripemd128_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	16,
 	64,
-	sizeof(PHP_RIPEMD128_CTX)
+	sizeof(PHP_RIPEMD128_CTX),
+	1
 };
 
 const php_hash_ops php_hash_ripemd160_ops = {
@@ -42,7 +43,8 @@ const php_hash_ops php_hash_ripemd160_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	20,
 	64,
-	sizeof(PHP_RIPEMD160_CTX)
+	sizeof(PHP_RIPEMD160_CTX),
+	1
 };
 
 const php_hash_ops php_hash_ripemd256_ops = {
@@ -52,7 +54,8 @@ const php_hash_ops php_hash_ripemd256_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	32,
 	64,
-	sizeof(PHP_RIPEMD256_CTX)
+	sizeof(PHP_RIPEMD256_CTX),
+	1
 };
 
 const php_hash_ops php_hash_ripemd320_ops = {
@@ -62,7 +65,8 @@ const php_hash_ops php_hash_ripemd320_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	40,
 	64,
-	sizeof(PHP_RIPEMD320_CTX)
+	sizeof(PHP_RIPEMD320_CTX),
+	1
 };
 
 /* {{{ PHP_RIPEMD128Init
diff --git a/ext/hash/hash_sha.c b/ext/hash/hash_sha.c
@@ -73,7 +73,8 @@ const php_hash_ops php_hash_sha1_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	20,
 	64,
-	sizeof(PHP_SHA1_CTX)
+	sizeof(PHP_SHA1_CTX),
+	1
 };
 
 #ifdef PHP_HASH_SHA1_NOT_IN_CORE
@@ -415,7 +416,8 @@ const php_hash_ops php_hash_sha256_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	32,
 	64,
-	sizeof(PHP_SHA256_CTX)
+	sizeof(PHP_SHA256_CTX),
+	1
 };
 
 const php_hash_ops php_hash_sha224_ops = {
@@ -425,7 +427,8 @@ const php_hash_ops php_hash_sha224_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	28,
 	64,
-	sizeof(PHP_SHA224_CTX)
+	sizeof(PHP_SHA224_CTX),
+	1
 };
 
 #define ROTR32(b,x)		((x >> b) | (x << (32 - b)))
@@ -917,7 +920,8 @@ const php_hash_ops php_hash_sha384_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	48,
 	128,
-	sizeof(PHP_SHA384_CTX)
+	sizeof(PHP_SHA384_CTX),
+	1
 };
 
 /* {{{ PHP_SHA512Init
@@ -1089,7 +1093,8 @@ const php_hash_ops php_hash_sha512_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	64,
 	128,
-	sizeof(PHP_SHA512_CTX)
+	sizeof(PHP_SHA512_CTX),
+	1
 };
 
 const php_hash_ops php_hash_sha512_256_ops = {
@@ -1099,7 +1104,8 @@ const php_hash_ops php_hash_sha512_256_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	32,
 	128,
-	sizeof(PHP_SHA512_CTX)
+	sizeof(PHP_SHA512_CTX),
+	1
 };
 
 const php_hash_ops php_hash_sha512_224_ops = {
@@ -1109,7 +1115,8 @@ const php_hash_ops php_hash_sha512_224_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	28,
 	128,
-	sizeof(PHP_SHA512_CTX)
+	sizeof(PHP_SHA512_CTX),
+	1
 };
 
 /*
diff --git a/ext/hash/hash_sha3.c b/ext/hash/hash_sha3.c
@@ -218,7 +218,8 @@ const php_hash_ops php_hash_sha3_##bits##_ops = { \
 	php_hash_copy, \
 	bits >> 3, \
 	(1600 - (2 * bits)) >> 3, \
-	sizeof(PHP_SHA3_##bits##_CTX) \
+	sizeof(PHP_SHA3_##bits##_CTX), \
+	1 \
 }
 
 DECLARE_SHA3_OPS(224);
diff --git a/ext/hash/hash_snefru.c b/ext/hash/hash_snefru.c
@@ -200,7 +200,8 @@ const php_hash_ops php_hash_snefru_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	32,
 	32,
-	sizeof(PHP_SNEFRU_CTX)
+	sizeof(PHP_SNEFRU_CTX),
+	1
 };
 
 /*
diff --git a/ext/hash/hash_tiger.c b/ext/hash/hash_tiger.c
@@ -251,7 +251,8 @@ PHP_HASH_API void PHP_TIGER192Final(unsigned char digest[24], PHP_TIGER_CTX *con
 		(php_hash_copy_func_t) php_hash_copy, \
 		b/8, \
 		64, \
-		sizeof(PHP_TIGER_CTX) \
+		sizeof(PHP_TIGER_CTX), \
+		1 \
 	}
 
 PHP_HASH_TIGER_OPS(3, 128);
diff --git a/ext/hash/hash_whirlpool.c b/ext/hash/hash_whirlpool.c
@@ -440,7 +440,8 @@ const php_hash_ops php_hash_whirlpool_ops = {
 	(php_hash_copy_func_t) php_hash_copy,
 	64,
 	64,
-	sizeof(PHP_WHIRLPOOL_CTX)
+	sizeof(PHP_WHIRLPOOL_CTX),
+	1
 };
 
 /*
diff --git a/ext/hash/php_hash.h b/ext/hash/php_hash.h
@@ -46,6 +46,7 @@ typedef struct _php_hash_ops {
 	int digest_size;
 	int block_size;
 	int context_size;
+	unsigned is_crypto: 1;
 } php_hash_ops;
 
 typedef struct _php_hash_data {
diff --git a/ext/hash/tests/hash_hmac_basic.phpt b/ext/hash/tests/hash_hmac_basic.phpt
diff --git a/ext/hash/tests/hash_hmac_error.phpt b/ext/hash/tests/hash_hmac_error.phpt
diff --git a/ext/hash/tests/hash_hmac_file_basic.phpt b/ext/hash/tests/hash_hmac_file_basic.phpt
diff --git a/ext/hash/tests/hash_hmac_file_error.phpt b/ext/hash/tests/hash_hmac_file_error.phpt
diff --git a/ext/hash/tests/hash_pbkdf2_error.phpt b/ext/hash/tests/hash_pbkdf2_error.phpt

Original file line number	Diff line number	Diff line change
`@@ -218,7 +218,8 @@ const php_hash_ops php_hash_sha3_##bits##_ops = { \`
`218`	`218`	`php_hash_copy, \`
`219`	`219`	`bits >> 3, \`
`220`	`220`	`(1600 - (2 * bits)) >> 3, \`
`221`		`- sizeof(PHP_SHA3_##bits##_CTX) \`
	`221`	`+ sizeof(PHP_SHA3_##bits##_CTX), \`
	`222`	`+ 1 \`
`222`	`223`	`}`
`223`	`224`
`224`	`225`	`DECLARE_SHA3_OPS(224);`
Original file line number	Diff line number	Diff line change
`@@ -251,7 +251,8 @@ PHP_HASH_API void PHP_TIGER192Final(unsigned char digest[24], PHP_TIGER_CTX *con`
`251`	`251`	`(php_hash_copy_func_t) php_hash_copy, \`
`252`	`252`	`b/8, \`
`253`	`253`	`64, \`
`254`		`- sizeof(PHP_TIGER_CTX) \`
	`254`	`+ sizeof(PHP_TIGER_CTX), \`
	`255`	`+ 1 \`
`255`	`256`	`}`
`256`	`257`
`257`	`258`	`PHP_HASH_TIGER_OPS(3, 128);`