Edit report at http://bugs.php.net/bug.php?id=50013&edit=1
ID: 50013
Updated by: paj...@php.net
Reported by: michael at stroeder dot com
Summary: Support for AES-CBC in openssl_pkcs7_encrypt()
-Status: Assigned
+Status: Bogus
Type: Feature/Change Request
-Package: Feature/Change Request
+Package: *General Issues
PHP Version: 5.2.11 and 5.3.0
Assigned To: pajoye
New Comment:
See #48632
Previous Comments:
------------------------------------------------------------------------
[2009-10-28 09:37:22] paj...@php.net
I will apply it to 5.3+.
------------------------------------------------------------------------
[2009-10-28 09:08:39] michael at stroeder dot com
Report applies to any PHP version.
------------------------------------------------------------------------
[2009-10-28 09:06:12] michael at stroeder dot com
Another patch for php-5.3.0
--- openssl.c.orig 2009-04-20 11:44:29.000000000 +0200
+++ openssl.c 2009-10-27 14:00:42.000000000 +0100
@@ -83,8 +83,9 @@
PHP_OPENSSL_CIPHER_RC2_64,
PHP_OPENSSL_CIPHER_DES,
PHP_OPENSSL_CIPHER_3DES,
+ PHP_OPENSSL_CIPHER_AES_CBC,
- PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_RC2_40
+ PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_AES_CBC
};
PHP_FUNCTION(openssl_get_md_methods);
@@ -940,6 +941,13 @@
return EVP_des_ede3_cbc();
break;
#endif
+
+#ifndef OPENSSL_NO_AES
+ case PHP_OPENSSL_CIPHER_AES_CBC:
+ return EVP_aes_256_cbc();
+ break;
+#endif
+
default:
return NULL;
break;
@@ -1017,6 +1025,9 @@
REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_DES",
PHP_OPENSSL_CIPHER_DES, CONST_CS|CONST_PERSISTENT);
REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_3DES",
PHP_OPENSSL_CIPHER_3DES, CONST_CS|CONST_PERSISTENT);
#endif
+#ifndef OPENSSL_NO_AES
+ REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_AES_CBC",
PHP_OPENSSL_CIPHER_AES_CBC, CONST_CS|CONST_PERSISTENT);
+#endif
/* Values for key types */
REGISTER_LONG_CONSTANT("OPENSSL_KEYTYPE_RSA",
OPENSSL_KEYTYPE_RSA, CONST_CS|CONST_PERSISTENT);
------------------------------------------------------------------------
[2009-10-27 10:21:49] michael at stroeder dot com
Description:
------------
openssl_pkcs7_encrypt() cannot generate encrypted S/MIME messages using
symmetric cipher AES-CBC. This patch also sets the default cipher used
which might not be want one want.
--- ext/openssl/openssl.c.orig 2009-10-26 13:46:25.000000000 +0100
+++ ext/openssl/openssl.c 2009-10-26 16:32:56.000000000 +0100
@@ -88,8 +88,9 @@
PHP_OPENSSL_CIPHER_RC2_64,
PHP_OPENSSL_CIPHER_DES,
PHP_OPENSSL_CIPHER_3DES,
+ PHP_OPENSSL_CIPHER_AES_CBC,
- PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_RC2_40
+ PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_AES_CBC
};
/* {{{ openssl_functions[]
@@ -730,6 +731,9 @@
REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_DES",
PHP_OPENSSL_CIPHER_DES, CONST_CS|CONST_PERSISTENT);
REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_3DES",
PHP_OPENSSL_CIPHER_3DES, CONST_CS|CONST_PERSISTENT);
#endif
+#ifndef OPENSSL_NO_AES
+ REGISTER_LONG_CONSTANT("OPENSSL_CIPHER_AES_CBC",
PHP_OPENSSL_CIPHER_AES_CBC, CONST_CS|CONST_PERSISTENT);
+#endif
/* Values for key types */
REGISTER_LONG_CONSTANT("OPENSSL_KEYTYPE_RSA",
OPENSSL_KEYTYPE_RSA, CONST_CS|CONST_PERSISTENT);
@@ -2998,6 +3002,12 @@
break;
#endif
+#ifndef OPENSSL_NO_AES
+ case PHP_OPENSSL_CIPHER_AES_CBC:
+ cipher = EVP_aes_256_cbc();
+ break;
+#endif
+
default:
php_error_docref(NULL TSRMLS_CC, E_WARNING,
"Invalid cipher type `%ld'", cipherid);
goto clean_exit;
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/bug.php?id=50013&edit=1
