Revert "Revert "ext/sodium: pwhash: do not warn on low parameters""

This reverts commit a1845b7fdb. Revert "Revert "ext/sodium: throw exceptions instead of errors"" This reverts commit 31d221f9c7.
2024-12-15 04:45:03 +08:00 · 2017-11-29 13:19:18 +01:00 · 2017-11-29 13:19:18 +01:00 · fc8793499a
commit fc8793499a
parent 367c0b4c33
1 changed files with 38 additions and 23 deletions
--- a/ext/sodium/libsodium.c
+++ b/ext/sodium/libsodium.c
@ -233,6 +233,19 @@ ZEND_END_ARG_INFO()
 # undef crypto_secretstream_xchacha20poly1305_ABYTES
 #endif

+#ifndef crypto_pwhash_OPSLIMIT_MIN
+# define crypto_pwhash_OPSLIMIT_MIN crypto_pwhash_OPSLIMIT_INTERACTIVE
+#endif
+#ifndef crypto_pwhash_MEMLIMIT_MIN
+# define crypto_pwhash_MEMLIMIT_MIN crypto_pwhash_MEMLIMIT_INTERACTIVE
+#endif
+#ifndef crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN
+# define crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE
+#endif
+#ifndef crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN
+# define crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE
+#endif
+
 const zend_function_entry sodium_functions[] = {
 	PHP_FE(sodium_crypto_aead_aes256gcm_is_available, AI_None)
 #ifdef HAVE_AESGCM
@ -1839,12 +1852,14 @@ PHP_FUNCTION(sodium_crypto_pwhash)
 		zend_throw_exception(sodium_exception_ce, "salt should be SODIUM_CRYPTO_PWHASH_SALTBYTES bytes", 0);
 		return;
 	}
-	if (opslimit < crypto_pwhash_OPSLIMIT_INTERACTIVE) {
-		zend_error(E_WARNING,
-				   "number of operations for the password hashing function is low");
+	if (opslimit < crypto_pwhash_OPSLIMIT_MIN) {
+		zend_throw_exception(sodium_exception_ce,
+							 "number of operations for the password hashing function is too low", 0);
+		return;
 	}
-	if (memlimit < crypto_pwhash_MEMLIMIT_INTERACTIVE) {
-		zend_error(E_WARNING, "maximum memory for the password hashing function is low");
+	if (memlimit < crypto_pwhash_MEMLIMIT_MIN) {
+		zend_throw_exception(sodium_exception_ce,
+							 "maximum memory for the password hashing function is too low", 0);
 	}
 	hash = zend_string_alloc((size_t) hash_len, 0);
 	ret = -1;
@ -1902,13 +1917,13 @@ PHP_FUNCTION(sodium_crypto_pwhash_str)
 	if (passwd_len <= 0) {
 		zend_error(E_WARNING, "empty password");
 	}
-	if (opslimit < crypto_pwhash_OPSLIMIT_INTERACTIVE) {
-		zend_error(E_WARNING,
-				   "number of operations for the password hashing function is low");
+	if (opslimit < crypto_pwhash_OPSLIMIT_MIN) {
+		zend_throw_exception(sodium_exception_ce,
+							 "number of operations for the password hashing function is too low", 0);
 	}
-	if (memlimit < crypto_pwhash_MEMLIMIT_INTERACTIVE) {
-		zend_error(E_WARNING,
-				   "maximum memory for the password hashing function is low");
+	if (memlimit < crypto_pwhash_MEMLIMIT_MIN) {
+		zend_throw_exception(sodium_exception_ce,
+							 "maximum memory for the password hashing function is too low", 0);
 	}
 	hash_str = zend_string_alloc(crypto_pwhash_STRBYTES - 1, 0);
 	if (crypto_pwhash_str
@ -2016,13 +2031,13 @@ PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256)
 				   0);
 		return;
 	}
-	if (opslimit < crypto_pwhash_scryptsalsa208sha256_opslimit_interactive()) {
-		zend_error(E_WARNING,
-				   "number of operations for the scrypt function is low");
+	if (opslimit < crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE) {
+		zend_throw_exception(sodium_exception_ce,
+							 "number of operations for the scrypt function is too low", 0);
 	}
-	if (memlimit < crypto_pwhash_scryptsalsa208sha256_memlimit_interactive()) {
-		zend_error(E_WARNING,
-				   "maximum memory for the scrypt function is low");
+	if (memlimit < crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) {
+		zend_throw_exception(sodium_exception_ce,
+							 "maximum memory for the scrypt function is too low", 0);
 	}
 	hash = zend_string_alloc((size_t) hash_len, 0);
 	if (crypto_pwhash_scryptsalsa208sha256
@ -2063,13 +2078,13 @@ PHP_FUNCTION(sodium_crypto_pwhash_scryptsalsa208sha256_str)
 	if (passwd_len <= 0) {
 		zend_error(E_WARNING, "empty password");
 	}
-	if (opslimit < crypto_pwhash_scryptsalsa208sha256_opslimit_interactive()) {
-		zend_error(E_WARNING,
-				   "number of operations for the scrypt function is low");
+	if (opslimit < crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE) {
+		zend_throw_exception(sodium_exception_ce,
+							 "number of operations for the scrypt function is too low", 0);
 	}
-	if (memlimit < crypto_pwhash_scryptsalsa208sha256_memlimit_interactive()) {
-		zend_error(E_WARNING,
-				   "maximum memory for the scrypt function is low");
+	if (memlimit < crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) {
+		zend_throw_exception(sodium_exception_ce,
+							 "maximum memory for the scrypt function is too low", 0);
 	}
 	hash_str = zend_string_alloc
 		(crypto_pwhash_scryptsalsa208sha256_STRBYTES - 1, 0);