static int php_password_make_salt(size_t length, char *ret) /* {{{ */
{
size_t raw_length;
char *buffer;
char *result;
if (length > (INT_MAX / 3)) {
php_error_docref(NULL, E_WARNING, "Length is too large to safely generate");
return FAILURE;
}
raw_length = length * 3 / 4 + 1;
buffer = (char *) safe_emalloc(raw_length, 1, 1);
if (FAILURE == php_random_bytes_silent(buffer, raw_length)) {
php_error_docref(NULL, E_WARNING, "Unable to generate salt");
efree(buffer);
return FAILURE;
}
result = safe_emalloc(length, 1, 1);
if (php_password_salt_to64(buffer, raw_length, length, result) == FAILURE) {
php_error_docref(NULL, E_WARNING, "Generated salt too short");
efree(buffer);
efree(result);
return FAILURE;
}
memcpy(ret, result, length);
efree(result);
efree(buffer);
ret[length] = 0;
return SUCCESS;
}
static zend_string* php_password_make_salt(size_t length) /* {{{ */
{
zend_string *ret, *buffer;
if (length > (INT_MAX / 3)) {
php_error_docref(NULL, E_WARNING, "Length is too large to safely generate");
return NULL;
}
buffer = zend_string_alloc(length * 3 / 4 + 1, 0);
if (FAILURE == php_random_bytes_silent(ZSTR_VAL(buffer), ZSTR_LEN(buffer))) {
php_error_docref(NULL, E_WARNING, "Unable to generate salt");
zend_string_release(buffer);
return NULL;
}
ret = zend_string_alloc(length, 0);
if (php_password_salt_to64(ZSTR_VAL(buffer), ZSTR_LEN(buffer), length, ZSTR_VAL(ret)) == FAILURE) {
php_error_docref(NULL, E_WARNING, "Generated salt too short");
zend_string_release(buffer);
zend_string_release(ret);
return NULL;
}
zend_string_release(buffer);
ZSTR_VAL(ret)[length] = 0;
return ret;
}
