php · kocsismate · Jan 21, 2020
diff --git a/ext/sodium/sodium_pwhash.c b/ext/sodium/sodium_pwhash.c
@@ -113,7 +113,7 @@ static zend_bool php_sodium_argon2_needs_rehash(const zend_string *hash, zend_ar
 
 static int php_sodium_argon2_get_info(zval *return_value, const zend_string *hash) {
 	const char* p = NULL;
-	zend_long v = 0, threads = 1;
+	zend_long v = 0, threads = PHP_SODIUM_PWHASH_THREADS;
 	zend_long memory_cost = PHP_SODIUM_PWHASH_MEMLIMIT;
 	zend_long time_cost = PHP_SODIUM_PWHASH_OPSLIMIT;
 
@@ -140,19 +140,27 @@ static int php_sodium_argon2_get_info(zval *return_value, const zend_string *has
 	return SUCCESS;
 }
 
+static void php_sodium_argon2_get_default_options(zval *return_value) {
+	add_assoc_long(return_value, "memory_cost", PHP_SODIUM_PWHASH_MEMLIMIT);
+	add_assoc_long(return_value, "time_cost", PHP_SODIUM_PWHASH_OPSLIMIT);
+	add_assoc_long(return_value, "threads", PHP_SODIUM_PWHASH_THREADS);
+}
+
 /* argon2i specific methods */
 
 static zend_string *php_sodium_argon2i_hash(const zend_string *password, zend_array *options) {
 	return php_sodium_argon2_hash(password, options, crypto_pwhash_ALG_ARGON2I13);
 }
 
 static const php_password_algo sodium_algo_argon2i = {
+	"argon2i",
 	"argon2i",
 	php_sodium_argon2i_hash,
 	php_sodium_argon2_verify,
 	php_sodium_argon2_needs_rehash,
 	php_sodium_argon2_get_info,
 	NULL,
+	php_sodium_argon2_get_default_options,
 };
 
 /* argon2id specific methods */
@@ -162,12 +170,14 @@ static zend_string *php_sodium_argon2id_hash(const zend_string *password, zend_a
 }
 
 static const php_password_algo sodium_algo_argon2id = {
+	"argon2id",
 	"argon2id",
 	php_sodium_argon2id_hash,
 	php_sodium_argon2_verify,
 	php_sodium_argon2_needs_rehash,
 	php_sodium_argon2_get_info,
 	NULL,
+	php_sodium_argon2_get_default_options,
 };
 
 PHP_MINIT_FUNCTION(sodium_password_hash) /* {{{ */ {
@@ -180,12 +190,12 @@ PHP_MINIT_FUNCTION(sodium_password_hash) /* {{{ */ {
 	}
 	zend_string_release(argon2i);
 
-	if (FAILURE == php_password_algo_register("argon2i", &sodium_algo_argon2i)) {
+	if (FAILURE == php_password_algo_register(&sodium_algo_argon2i)) {
 		return FAILURE;
 	}
 	REGISTER_STRING_CONSTANT("PASSWORD_ARGON2I", "argon2i", CONST_CS | CONST_PERSISTENT);
 
-	if (FAILURE == php_password_algo_register("argon2id", &sodium_algo_argon2id)) {
+	if (FAILURE == php_password_algo_register(&sodium_algo_argon2id)) {
 		return FAILURE;
 	}
 	REGISTER_STRING_CONSTANT("PASSWORD_ARGON2ID", "argon2id", CONST_CS | CONST_PERSISTENT);

@@ -315,6 +315,7 @@ static const zend_function_entry basic_functions[] = { /* {{{ */
 	PHP_FE(password_needs_rehash,											arginfo_password_needs_rehash)
 	PHP_FE(password_verify,													arginfo_password_verify)
 	PHP_FE(password_algos,													arginfo_password_algos)
+	PHP_FE(password_default_algo,											arginfo_password_default_algo)
 	PHP_FE(convert_uuencode,												arginfo_convert_uuencode)
 	PHP_FE(convert_uudecode,												arginfo_convert_uudecode)
 

@@ -1131,6 +1131,8 @@ function password_verify(string $password, string $hash): bool {}
 
 function password_algos(): array {}
 
+function password_default_algo(): array {}
+
 /* proc_open.c */
 
 #ifdef PHP_CAN_SUPPORT_PROC_OPEN

@@ -1760,6 +1760,8 @@ ZEND_END_ARG_INFO()
 
 #define arginfo_password_algos arginfo_ob_list_handlers
 
+#define arginfo_password_default_algo arginfo_ob_list_handlers
+
 #if defined(PHP_CAN_SUPPORT_PROC_OPEN)
 ZEND_BEGIN_ARG_INFO_EX(arginfo_proc_open, 0, 0, 3)
 	ZEND_ARG_INFO(0, cmd)

@@ -37,10 +37,10 @@
 
 static zend_array php_password_algos;
 
-int php_password_algo_register(const char *ident, const php_password_algo *algo) {
+int php_password_algo_register(const php_password_algo *algo) {
 	zval zalgo;
 	ZVAL_PTR(&zalgo, (php_password_algo*)algo);
-	if (zend_hash_str_add(&php_password_algos, ident, strlen(ident), &zalgo)) {
+	if (zend_hash_str_add(&php_password_algos, algo->id, strlen(algo->id), &zalgo)) {
 		return SUCCESS;
 	}
 	return FAILURE;
@@ -225,13 +225,19 @@ static zend_string* php_password_bcrypt_hash(const zend_string *password, zend_a
 	return result;
 }
 
+static void php_password_bcrypt_get_default_options(zval *return_value) {
+	add_assoc_long(return_value, "cost", PHP_PASSWORD_BCRYPT_COST);
+}
+
 const php_password_algo php_password_algo_bcrypt = {
+	"2y",
 	"bcrypt",
 	php_password_bcrypt_hash,
 	php_password_bcrypt_verify,
 	php_password_bcrypt_needs_rehash,
 	php_password_bcrypt_get_info,
 	php_password_bcrypt_valid,
+	php_password_bcrypt_get_default_options,
 };
 
 
@@ -276,6 +282,12 @@ static int php_password_argon2_get_info(zval *return_value, const zend_string *h
 	return SUCCESS;
 }
 
+static void php_password_argon2_get_default_options(zval *return_value) {
+	add_assoc_long(return_value, "memory_cost", PHP_PASSWORD_ARGON2_MEMORY_COST);
+	add_assoc_long(return_value, "time_cost", PHP_PASSWORD_ARGON2_TIME_COST);
+	add_assoc_long(return_value, "threads", PHP_PASSWORD_ARGON2_THREADS);
+}
+
 static zend_bool php_password_argon2_needs_rehash(const zend_string *hash, zend_array *options) {
 	zend_long v = 0;
 	zend_long new_memory_cost = PHP_PASSWORD_ARGON2_MEMORY_COST, memory_cost = 0;
@@ -393,12 +405,14 @@ static zend_string *php_password_argon2i_hash(const zend_string *password, zend_
 }
 
 const php_password_algo php_password_algo_argon2i = {
+	"argon2i",
 	"argon2i",
 	php_password_argon2i_hash,
 	php_password_argon2i_verify,
 	php_password_argon2_needs_rehash,
 	php_password_argon2_get_info,
 	NULL,
+	php_password_argon2_get_default_options,
 };
 
 /* argon2id specific methods */
@@ -412,12 +426,14 @@ static zend_string *php_password_argon2id_hash(const zend_string *password, zend
 }
 
 const php_password_algo php_password_algo_argon2id = {
+	"argon2id",
 	"argon2id",
 	php_password_argon2id_hash,
 	php_password_argon2id_verify,
 	php_password_argon2_needs_rehash,
 	php_password_argon2_get_info,
 	NULL,
+	php_password_argon2_get_default_options,
 };
 #endif
 
@@ -426,18 +442,18 @@ PHP_MINIT_FUNCTION(password) /* {{{ */
 	zend_hash_init(&php_password_algos, 4, NULL, ZVAL_PTR_DTOR, 1);
 	REGISTER_NULL_CONSTANT("PASSWORD_DEFAULT", CONST_CS | CONST_PERSISTENT);
 
-	if (FAILURE == php_password_algo_register("2y", &php_password_algo_bcrypt)) {
+	if (FAILURE == php_password_algo_register(&php_password_algo_bcrypt)) {
 		return FAILURE;
 	}
 	REGISTER_STRING_CONSTANT("PASSWORD_BCRYPT", "2y", CONST_CS | CONST_PERSISTENT);
 
 #if HAVE_ARGON2LIB
-	if (FAILURE == php_password_algo_register("argon2i", &php_password_algo_argon2i)) {
+	if (FAILURE == php_password_algo_register(&php_password_algo_argon2i)) {
 		return FAILURE;
 	}
 	REGISTER_STRING_CONSTANT("PASSWORD_ARGON2I", "argon2i", CONST_CS | CONST_PERSISTENT);
 
-	if (FAILURE == php_password_algo_register("argon2id", &php_password_algo_argon2id)) {
+	if (FAILURE == php_password_algo_register(&php_password_algo_argon2id)) {
 		return FAILURE;
 	}
 	REGISTER_STRING_CONSTANT("PASSWORD_ARGON2ID", "argon2id", CONST_CS | CONST_PERSISTENT);
@@ -698,3 +714,22 @@ PHP_FUNCTION(password_algos) {
 	} ZEND_HASH_FOREACH_END();
 }
 /* }}} */
+
+/* {{{ proto array password_default_algo() */
+PHP_FUNCTION(password_default_algo) {
+	const php_password_algo *algo;
+	zval options;
+
+	ZEND_PARSE_PARAMETERS_NONE();
+
+	array_init(return_value);
+	array_init(&options);
+
+	algo = php_password_algo_default();
+	algo->get_default_options(&options);
+
+	add_assoc_string(return_value, "algo", algo->id);
+	add_assoc_string(return_value, "algoName", algo->name);
+	add_assoc_zval(return_value, "options", &options);
+}
+/* }}} */
@@ -23,6 +23,7 @@ PHP_FUNCTION(password_verify);
 PHP_FUNCTION(password_needs_rehash);
 PHP_FUNCTION(password_get_info);
 PHP_FUNCTION(password_algos);
+PHP_FUNCTION(password_default_algo);
 
 PHP_MINIT_FUNCTION(password);
 PHP_MSHUTDOWN_FUNCTION(password);
@@ -41,12 +42,14 @@ PHP_MSHUTDOWN_FUNCTION(password);
 #endif
 
 typedef struct _php_password_algo {
+	const char *id;
 	const char *name;
 	zend_string *(*hash)(const zend_string *password, zend_array *options);
 	zend_bool (*verify)(const zend_string *password, const zend_string *hash);
 	zend_bool (*needs_rehash)(const zend_string *password, zend_array *options);
 	int (*get_info)(zval *return_value, const zend_string *hash);
 	zend_bool (*valid)(const zend_string *hash);
+	void (*get_default_options)(zval *return_value);
 } php_password_algo;
 
 extern const php_password_algo php_password_algo_bcrypt;
@@ -55,7 +58,7 @@ extern const php_password_algo php_password_algo_argon2i;
 extern const php_password_algo php_password_algo_argon2id;
 #endif
 
-PHPAPI int php_password_algo_register(const char*, const php_password_algo*);
+PHPAPI int php_password_algo_register(const php_password_algo*);
 PHPAPI void php_password_algo_unregister(const char*);
 PHPAPI const php_password_algo* php_password_algo_default();
 PHPAPI zend_string *php_password_algo_extract_ident(const zend_string*);

@@ -0,0 +1,18 @@
+--TEST--
+Test password_default_algo()
+--FILE--
+<?php
+// Test Bcrypt
+var_dump(password_default_algo());
+--EXPECT--
+array(3) {
+  ["algo"]=>
+  string(2) "2y"
+  ["algoName"]=>
+  string(6) "bcrypt"
+  ["options"]=>
+  array(1) {
+    ["cost"]=>
+    int(10)
+  }
+}