[PHP-CVS] svn: /php/php-src/ branches/PHP_5_3/ext/openssl/openssl.c trunk/ext/openssl/openssl.c

[Ilia Alshanetsky]

iliaa                                    Thu, 07 Oct 2010 12:32:00 +0000

Revision: http://svn.php.net/viewvc?view=revision&revision=304179

Log:
Fixed extrenous warning inside openssl_encrypt() for cases where iv not 
provided, but algo does not require an iv

Changed paths:
    U   php/php-src/branches/PHP_5_3/ext/openssl/openssl.c
    U   php/php-src/trunk/ext/openssl/openssl.c

Modified: php/php-src/branches/PHP_5_3/ext/openssl/openssl.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/openssl/openssl.c  2010-10-07 12:03:17 UTC 
(rev 304178)
+++ php/php-src/branches/PHP_5_3/ext/openssl/openssl.c  2010-10-07 12:32:00 UTC 
(rev 304179)
@@ -4638,7 +4638,7 @@
 {
        zend_bool raw_output = 0;
        char *data, *method, *password, *iv = "";
-       int data_len, method_len, password_len, iv_len = 0;
+       int data_len, method_len, password_len, iv_len = 0, max_iv_len;
        const EVP_CIPHER *cipher_type;
        EVP_CIPHER_CTX cipher_ctx;
        int i, outlen, keylen;
@@ -4663,10 +4663,11 @@
                key = (unsigned char*)password;
        }

-       if (iv_len <= 0) {
+       max_iv_len = EVP_CIPHER_iv_length(cipher_type);
+       if (iv_len <= 0 && max_iv_len > 0) {
                php_error_docref(NULL TSRMLS_CC, E_WARNING, "Using an empty 
Initialization Vector (iv) is potentially insecure and not recommended");
        }
-       free_iv = php_openssl_validate_iv(&iv, &iv_len, 
EVP_CIPHER_iv_length(cipher_type) TSRMLS_CC);
+       free_iv = php_openssl_validate_iv(&iv, &iv_len, max_iv_len TSRMLS_CC);

        outlen = data_len + EVP_CIPHER_block_size(cipher_type);
        outbuf = emalloc(outlen + 1);

Modified: php/php-src/trunk/ext/openssl/openssl.c
===================================================================
--- php/php-src/trunk/ext/openssl/openssl.c     2010-10-07 12:03:17 UTC (rev 
304178)
+++ php/php-src/trunk/ext/openssl/openssl.c     2010-10-07 12:32:00 UTC (rev 
304179)
@@ -4683,7 +4683,7 @@
 {
        zend_bool raw_output = 0;
        char *data, *method, *password, *iv = "";
-       int data_len, method_len, password_len, iv_len = 0;
+       int data_len, method_len, password_len, iv_len = 0, max_iv_len;
        const EVP_CIPHER *cipher_type;
        EVP_CIPHER_CTX cipher_ctx;
        int i, outlen, keylen;
@@ -4708,10 +4708,11 @@
                key = (unsigned char*)password;
        }

-       if (iv_len <= 0) {
+       max_iv_len = EVP_CIPHER_iv_length(cipher_type);
+       if (iv_len <= 0 && max_iv_len > 0) {
                php_error_docref(NULL TSRMLS_CC, E_WARNING, "Using an empty 
Initialization Vector (iv) is potentially insecure and not recommended");
        }
-       free_iv = php_openssl_validate_iv(&iv, &iv_len, 
EVP_CIPHER_iv_length(cipher_type) TSRMLS_CC);
+       free_iv = php_openssl_validate_iv(&iv, &iv_len, max_iv_len TSRMLS_CC);

        outlen = data_len + EVP_CIPHER_block_size(cipher_type);
        outbuf = emalloc(outlen + 1);


-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php