Commit:    aadf59dfa4be09147671de33786dc157716705df
Author:    Scott MacVicar <>         Mon, 11 Jun 2012 00:16:30 
Parents:   b481ebae5503c54f31d73ef0e2243f5ef9025d0d
Branches:  master


Add PBKDF2 support via openssl()

No easy way to put these in the hash extension since we don't really support 
parameters to certain algorithms. Implemented in openssl for now since it has 
it already
and is pretty stable.

Only SHA1 is confirmed to work as an algorithm but openssl has a parameter so 
it can be
changed in the future.

Will backport to 5.4 potentially with Stas' approval.

Test Plan:
Ran newly added tests which came from RFC 6070

Changed paths:
  M  ext/openssl/openssl.c

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 938e0e1..f7db37b 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -3328,7 +3328,6 @@ PHP_FUNCTION(openssl_pkey_get_details)
 /* }}} */
 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
 /* {{{ proto string openssl_pbkdf2(string password, string salt, long 
key_length, long iterations [, string digest_method = "sha1"])
    Generates a PKCS5 v2 PBKDF2 string, defaults to sha1 */

PHP CVS Mailing List (
To unsubscribe, visit:

Reply via email to