#50013 [NEW]: Support for AES-CBC in openssl_pkcs7_encrypt()

2009-10-27 Thread michael at stroeder dot com 
From: michael at stroeder dot com
Operating system: 
PHP version:  5.2.11
PHP Bug Type: Feature/Change Request
Bug description:  Support for AES-CBC in openssl_pkcs7_encrypt()

Description:

openssl_pkcs7_encrypt() cannot generate encrypted S/MIME messages using
symmetric cipher AES-CBC. This patch also sets the default cipher used
which might not be want one want.

--- ext/openssl/openssl.c.orig  2009-10-26 13:46:25.0 +0100
+++ ext/openssl/openssl.c   2009-10-26 16:32:56.0 +0100
@@ -88,8 +88,9 @@
PHP_OPENSSL_CIPHER_RC2_64,
PHP_OPENSSL_CIPHER_DES,
PHP_OPENSSL_CIPHER_3DES,
+   PHP_OPENSSL_CIPHER_AES_CBC,
 
-   PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_RC2_40
+   PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_AES_CBC
 };
 
 /* {{{ openssl_functions[]
@@ -730,6 +731,9 @@
REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_DES",
PHP_OPENSSL_CIPHER_DES, CONST_CS|CONST_PERSISTENT);
REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_3DES",
PHP_OPENSSL_CIPHER_3DES, CONST_CS|CONST_PERSISTENT);
 #endif
+#ifndef OPENSSL_NO_AES
+   REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_AES_CBC",
PHP_OPENSSL_CIPHER_AES_CBC, CONST_CS|CONST_PERSISTENT);
+#endif
 
/* Values for key types */
REGISTER_LONG_CONSTANT("OPENSSL_KEYTYPE_RSA", OPENSSL_KEYTYPE_RSA,
CONST_CS|CONST_PERSISTENT);
@@ -2998,6 +3002,12 @@
break;
 #endif
 
+#ifndef OPENSSL_NO_AES
+   case PHP_OPENSSL_CIPHER_AES_CBC:
+   cipher = EVP_aes_256_cbc();
+   break;
+#endif
+
default:
php_error_docref(NULL TSRMLS_CC, E_WARNING,
"Invalid cipher type `%ld'", cipherid);
goto clean_exit;



-- 
Edit bug report at http://bugs.php.net/?id=50013&edit=1
-- 
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=50013&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=50013&r=trysnapshot53
Try a snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=50013&r=trysnapshot60
Fixed in SVN:
http://bugs.php.net/fix.php?id=50013&r=fixed
Fixed in SVN and need be documented: 
http://bugs.php.net/fix.php?id=50013&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=50013&r=alreadyfixed
Need backtrace:  
http://bugs.php.net/fix.php?id=50013&r=needtrace
Need Reproduce Script:   
http://bugs.php.net/fix.php?id=50013&r=needscript
Try newer version:   
http://bugs.php.net/fix.php?id=50013&r=oldversion
Not developer issue: 
http://bugs.php.net/fix.php?id=50013&r=support
Expected behavior:   
http://bugs.php.net/fix.php?id=50013&r=notwrong
Not enough info: 
http://bugs.php.net/fix.php?id=50013&r=notenoughinfo
Submitted twice: 
http://bugs.php.net/fix.php?id=50013&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=50013&r=globals
PHP 4 support discontinued:  http://bugs.php.net/fix.php?id=50013&r=php4
Daylight Savings:http://bugs.php.net/fix.php?id=50013&r=dst
IIS Stability:   
http://bugs.php.net/fix.php?id=50013&r=isapi
Install GNU Sed: 
http://bugs.php.net/fix.php?id=50013&r=gnused
Floating point limitations:  
http://bugs.php.net/fix.php?id=50013&r=float
No Zend Extensions:  
http://bugs.php.net/fix.php?id=50013&r=nozend
MySQL Configuration Error:   
http://bugs.php.net/fix.php?id=50013&r=mysqlcfg

#50013 [Com]: Support for AES-CBC in openssl_pkcs7_encrypt()

2009-10-28 Thread michael at stroeder dot com 
 ID:  50013
 Comment by:  michael at stroeder dot com
 Reported By: michael at stroeder dot com
 Status:  Open
 Bug Type:Feature/Change Request
 PHP Version: 5.2.11
 New Comment:

Another patch for php-5.3.0

--- openssl.c.orig  2009-04-20 11:44:29.0 +0200
+++ openssl.c   2009-10-27 14:00:42.0 +0100
@@ -83,8 +83,9 @@
PHP_OPENSSL_CIPHER_RC2_64,
PHP_OPENSSL_CIPHER_DES,
PHP_OPENSSL_CIPHER_3DES,
+   PHP_OPENSSL_CIPHER_AES_CBC,
 
-   PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_RC2_40
+   PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_AES_CBC
 };
 
 PHP_FUNCTION(openssl_get_md_methods);
@@ -940,6 +941,13 @@
return EVP_des_ede3_cbc();
break;
 #endif
+
+#ifndef OPENSSL_NO_AES
+   case PHP_OPENSSL_CIPHER_AES_CBC:
+   return EVP_aes_256_cbc();
+   break;
+#endif
+
default:
return NULL;
break;
@@ -1017,6 +1025,9 @@
REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_DES",
PHP_OPENSSL_CIPHER_DES, CONST_CS|CONST_PERSISTENT);
REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_3DES",
PHP_OPENSSL_CIPHER_3DES, CONST_CS|CONST_PERSISTENT);
 #endif
+#ifndef OPENSSL_NO_AES
+   REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_AES_CBC",
PHP_OPENSSL_CIPHER_AES_CBC, CONST_CS|CONST_PERSISTENT);
+#endif
 
/* Values for key types */
REGISTER_LONG_CONSTANT("OPENSSL_KEYTYPE_RSA",
OPENSSL_KEYTYPE_RSA, CONST_CS|CONST_PERSISTENT);


Previous Comments:
--------

[2009-10-27 10:21:49] michael at stroeder dot com

Description:

openssl_pkcs7_encrypt() cannot generate encrypted S/MIME messages using
symmetric cipher AES-CBC. This patch also sets the default cipher used
which might not be want one want.

--- ext/openssl/openssl.c.orig  2009-10-26 13:46:25.0 +0100
+++ ext/openssl/openssl.c   2009-10-26 16:32:56.0 +0100
@@ -88,8 +88,9 @@
PHP_OPENSSL_CIPHER_RC2_64,
PHP_OPENSSL_CIPHER_DES,
PHP_OPENSSL_CIPHER_3DES,
+   PHP_OPENSSL_CIPHER_AES_CBC,
 
-   PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_RC2_40
+   PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_AES_CBC
 };
 
 /* {{{ openssl_functions[]
@@ -730,6 +731,9 @@
REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_DES",
PHP_OPENSSL_CIPHER_DES, CONST_CS|CONST_PERSISTENT);
REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_3DES",
PHP_OPENSSL_CIPHER_3DES, CONST_CS|CONST_PERSISTENT);
 #endif
+#ifndef OPENSSL_NO_AES
+   REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_AES_CBC",
PHP_OPENSSL_CIPHER_AES_CBC, CONST_CS|CONST_PERSISTENT);
+#endif
 
/* Values for key types */
REGISTER_LONG_CONSTANT("OPENSSL_KEYTYPE_RSA",
OPENSSL_KEYTYPE_RSA, CONST_CS|CONST_PERSISTENT);
@@ -2998,6 +3002,12 @@
break;
 #endif
 
+#ifndef OPENSSL_NO_AES
+   case PHP_OPENSSL_CIPHER_AES_CBC:
+   cipher = EVP_aes_256_cbc();
+   break;
+#endif
+
default:
php_error_docref(NULL TSRMLS_CC, E_WARNING,
"Invalid cipher type `%ld'", cipherid);
goto clean_exit;







-- 
Edit this bug report at http://bugs.php.net/?id=50013&edit=1

#50013 [Opn]: Support for AES-CBC in openssl_pkcs7_encrypt()

2009-10-28 Thread michael at stroeder dot com 
 ID:  50013
 User updated by: michael at stroeder dot com
 Reported By: michael at stroeder dot com
 Status:  Open
 Bug Type:Feature/Change Request
-PHP Version: 5.2.11
+PHP Version: 5.2.11 and 5.3.0
 New Comment:

Report applies to any PHP version.


Previous Comments:


[2009-10-28 09:06:12] michael at stroeder dot com

Another patch for php-5.3.0

--- openssl.c.orig  2009-04-20 11:44:29.0 +0200
+++ openssl.c   2009-10-27 14:00:42.0 +0100
@@ -83,8 +83,9 @@
PHP_OPENSSL_CIPHER_RC2_64,
PHP_OPENSSL_CIPHER_DES,
PHP_OPENSSL_CIPHER_3DES,
+   PHP_OPENSSL_CIPHER_AES_CBC,
 
-   PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_RC2_40
+   PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_AES_CBC
 };
 
 PHP_FUNCTION(openssl_get_md_methods);
@@ -940,6 +941,13 @@
return EVP_des_ede3_cbc();
break;
 #endif
+
+#ifndef OPENSSL_NO_AES
+   case PHP_OPENSSL_CIPHER_AES_CBC:
+   return EVP_aes_256_cbc();
+   break;
+#endif
+
default:
return NULL;
break;
@@ -1017,6 +1025,9 @@
REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_DES",
PHP_OPENSSL_CIPHER_DES, CONST_CS|CONST_PERSISTENT);
REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_3DES",
PHP_OPENSSL_CIPHER_3DES, CONST_CS|CONST_PERSISTENT);
 #endif
+#ifndef OPENSSL_NO_AES
+   REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_AES_CBC",
PHP_OPENSSL_CIPHER_AES_CBC, CONST_CS|CONST_PERSISTENT);
+#endif
 
/* Values for key types */
REGISTER_LONG_CONSTANT("OPENSSL_KEYTYPE_RSA",
OPENSSL_KEYTYPE_RSA, CONST_CS|CONST_PERSISTENT);

--------

[2009-10-27 10:21:49] michael at stroeder dot com

Description:

openssl_pkcs7_encrypt() cannot generate encrypted S/MIME messages using
symmetric cipher AES-CBC. This patch also sets the default cipher used
which might not be want one want.

--- ext/openssl/openssl.c.orig  2009-10-26 13:46:25.0 +0100
+++ ext/openssl/openssl.c   2009-10-26 16:32:56.0 +0100
@@ -88,8 +88,9 @@
PHP_OPENSSL_CIPHER_RC2_64,
PHP_OPENSSL_CIPHER_DES,
PHP_OPENSSL_CIPHER_3DES,
+   PHP_OPENSSL_CIPHER_AES_CBC,
 
-   PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_RC2_40
+   PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_AES_CBC
 };
 
 /* {{{ openssl_functions[]
@@ -730,6 +731,9 @@
REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_DES",
PHP_OPENSSL_CIPHER_DES, CONST_CS|CONST_PERSISTENT);
REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_3DES",
PHP_OPENSSL_CIPHER_3DES, CONST_CS|CONST_PERSISTENT);
 #endif
+#ifndef OPENSSL_NO_AES
+   REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_AES_CBC",
PHP_OPENSSL_CIPHER_AES_CBC, CONST_CS|CONST_PERSISTENT);
+#endif
 
/* Values for key types */
REGISTER_LONG_CONSTANT("OPENSSL_KEYTYPE_RSA",
OPENSSL_KEYTYPE_RSA, CONST_CS|CONST_PERSISTENT);
@@ -2998,6 +3002,12 @@
break;
 #endif
 
+#ifndef OPENSSL_NO_AES
+   case PHP_OPENSSL_CIPHER_AES_CBC:
+   cipher = EVP_aes_256_cbc();
+   break;
+#endif
+
default:
php_error_docref(NULL TSRMLS_CC, E_WARNING,
"Invalid cipher type `%ld'", cipherid);
goto clean_exit;







-- 
Edit this bug report at http://bugs.php.net/?id=50013&edit=1