From 1642f2e5e08b0b388983bd19e6b5f97c9d8c705a Mon Sep 17 00:00:00 2001 From: Eddie Kohler Date: Sun, 21 Jun 2020 19:54:39 -0400 Subject: [PATCH] Correct implementation of joaat hash. Before this commit, the result produced by a joaat hash depended on how the input data was chunked. A hash produced by multiple `hash_update` operations was incorrect. For example, this code, which should produce three identical lines: var_dump(hash("joaat", "abcd")); $hash = hash_init("joaat"); hash_update($hash, "ab"); hash_update($hash, "cd"); var_dump(hash_final($hash)); $hash = hash_init("joaat"); hash_update($hash, "abc"); hash_update($hash, "d"); var_dump(hash_final($hash)); instead produced: string(8) "cd8b6206" string(8) "e590d137" string(8) "2d59d087" This is because the finalization step, involving shift operations and adds, was applied on every chunk, rather than once at the end as is required by the hash definition. After this commit, the code above produces: string(8) "cd8b6206" string(8) "cd8b6206" string(8) "cd8b6206" as expected. Some tests encoded the wrong behavior and were corrected. --- ext/hash/hash_joaat.c | 15 ++++++++------- ext/hash/tests/hash-clone.phpt | 2 +- ext/hash/tests/hash_copy_001.phpt | 2 +- 3 files changed, 10 insertions(+), 9 deletions(-) diff --git a/ext/hash/hash_joaat.c b/ext/hash/hash_joaat.c index d6311e81dec6c..10c3ca2748f5d 100644 --- a/ext/hash/hash_joaat.c +++ b/ext/hash/hash_joaat.c @@ -44,17 +44,22 @@ PHP_HASH_API void PHP_JOAATUpdate(PHP_JOAAT_CTX *context, const unsigned char *i PHP_HASH_API void PHP_JOAATFinal(unsigned char digest[4], PHP_JOAAT_CTX * context) { + uint32_t hval = context->state; + hval += (hval << 3); + hval ^= (hval >> 11); + hval += (hval << 15); + #ifdef WORDS_BIGENDIAN - memcpy(digest, &context->state, 4); + memcpy(digest, &hval, 4); #else int i = 0; - unsigned char *c = (unsigned char *) &context->state; + unsigned char *c = (unsigned char *) &hval; for (i = 0; i < 4; i++) { digest[i] = c[3 - i]; } #endif - context->state = 0; + context->state = 0; } /* @@ -79,9 +84,5 @@ joaat_buf(void *buf, size_t len, uint32_t hval) hval ^= (hval >> 6); } - hval += (hval << 3); - hval ^= (hval >> 11); - hval += (hval << 15); - return hval; } diff --git a/ext/hash/tests/hash-clone.phpt b/ext/hash/tests/hash-clone.phpt index 0ef0df4449963..57567c0bc5014 100644 --- a/ext/hash/tests/hash-clone.phpt +++ b/ext/hash/tests/hash-clone.phpt @@ -301,7 +301,7 @@ string(16) "bebc746a33b6ab62" string(16) "893899e4415a920f" string(5) "joaat" string(8) "aaebf370" -string(8) "513479b4" +string(8) "836fb0e5" string(10) "haval128,3" string(32) "86362472c8895e68e223ef8b3711d8d9" string(32) "ebeeeb05c18af1e53d2d127b561d5e0d" diff --git a/ext/hash/tests/hash_copy_001.phpt b/ext/hash/tests/hash_copy_001.phpt index 27993b61b054a..271326178d523 100644 --- a/ext/hash/tests/hash_copy_001.phpt +++ b/ext/hash/tests/hash_copy_001.phpt @@ -301,7 +301,7 @@ string(16) "bebc746a33b6ab62" string(16) "893899e4415a920f" string(5) "joaat" string(8) "aaebf370" -string(8) "513479b4" +string(8) "836fb0e5" string(10) "haval128,3" string(32) "86362472c8895e68e223ef8b3711d8d9" string(32) "ebeeeb05c18af1e53d2d127b561d5e0d"