Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:44200
Return-Path: <solar@openwall.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 80186 invoked from network); 7 Jun 2009 16:00:32 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 7 Jun 2009 16:00:32 -0000
Authentication-Results: pb1.pair.com smtp.mail=solar@openwall.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=solar@openwall.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain openwall.com designates 195.42.179.200 as permitted sender)
X-PHP-List-Original-Sender: solar@openwall.com
X-Host-Fingerprint: 195.42.179.200 mother.openwall.net  
Received: from [195.42.179.200] ([195.42.179.200:52576] helo=mother.openwall.net)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 8F/3B-20836-D14EB2A4 for <internals@lists.php.net>; Sun, 07 Jun 2009 12:00:31 -0400
Received: (qmail 19914 invoked from network); 7 Jun 2009 16:00:26 -0000
Received: from localhost (HELO pvt.openwall.com) (127.0.0.1)
  by localhost with SMTP; 7 Jun 2009 16:00:26 -0000
Received: by pvt.openwall.com (Postfix, from userid 503)
	id 1792C2FD12; Sun,  7 Jun 2009 20:00:19 +0400 (MSD)
Date: Sun, 7 Jun 2009 20:00:19 +0400
To: PHP Internals List <internals@lists.php.net>
Cc: Pierre Joye <pierre.php@gmail.com>
Message-ID: <20090607160019.GA30041@openwall.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.2.3i
Subject: ext/standard/crypt_blowfish.c
From: solar@openwall.com (Solar Designer)

Hi,

First of all, thank you for getting this functionality into PHP proper.

It appears that the file was very slightly out of date.  crypt_blowfish
1.0.2 additionally made this change:

-#elif defined(__alpha__) || defined(__hppa__)
+#elif defined(__x86_64__) || defined(__alpha__) || defined(__hppa__)

which improved performance on x86_64.  I recommend that you apply the
change to the copy in PHP as well.

The function php_crypt_gensalt_blowfish_rn() appears to be unused.
If so, I suggest #if 0'ing it for now.

Finally, I'd like to ask whoever made the following change about the
rationale behind it:

--- ../crypt_blowfish-1.0.2/crypt_blowfish.c	2006-05-22 23:52:41 +0000
+++ ext/standard/crypt_blowfish.c	2008-08-14 01:13:18 +0000
[...]
@@ -380,6 +387,7 @@
 #define BF_safe_atoi64(dst, src) \
 { \
 	tmp = (unsigned char)(src); \
+	if (tmp == '$') break; \
 	if ((unsigned int)(tmp -= 0x20) >= 0x60) return -1; \
 	tmp = BF_atoi64[tmp]; \
 	if (tmp > 63) return -1; \
@@ -407,6 +415,9 @@ static int BF_decode(BF_word *dst, __CON
 		*dptr++ = ((c3 & 0x03) << 6) | c4;
 	} while (dptr < end);
 
+	while (dptr < end)
+		*dptr++ = 0;
+
 	return 0;
 }

My understanding is that this "adds support" for salt strings shorter
than those bcrypt (the password hashing method we're talking about)
normally requires, but only as long as they're terminated with a dollar
sign.  Why is this needed, and is it?  Do we really want to encourage
sloppy programming?  I don't think this may support any extra existing
bcrypt-like hashes, which might have been generated by sloppy
implementations, because the encodings for newly computed hashes (during
authentication) would be full-length anyway.  Am I missing something?

Thanks again,

Alexander

P.S. For those who don't know yet, my "upstream" version of the code is
available here:

http://www.openwall.com/crypt/
http://cvsweb.openwall.com/crypt