diff options
author | Derick Rethans <derick@php.net> | 2007-12-01 17:19:46 +0000 |
---|---|---|
committer | Derick Rethans <derick@php.net> | 2007-12-01 17:19:46 +0000 |
commit | 2bb0b237c7b57dd69981047afab6f3c07aa9419f (patch) | |
tree | 1c1f9bf7d0d4f239c93f8629e481a3068e5aa5fc | |
parent | 9f50175611a1772df53143b84b501d9782ed23df (diff) | |
download | php-git-2bb0b237c7b57dd69981047afab6f3c07aa9419f.tar.gz |
- Fixed bug #43143 (Warning about empty IV with MCRYPT_MODE_ECB).
-rw-r--r-- | ext/mcrypt/mcrypt.c | 7 | ||||
-rw-r--r-- | ext/mcrypt/tests/bug43143.phpt | 22 |
2 files changed, 27 insertions, 2 deletions
diff --git a/ext/mcrypt/mcrypt.c b/ext/mcrypt/mcrypt.c index 0b5b89acd4..0c042c75b3 100644 --- a/ext/mcrypt/mcrypt.c +++ b/ext/mcrypt/mcrypt.c @@ -1030,7 +1030,7 @@ int php_mcrypt_func(php_mcrypt_op op, char *cipher, char *mode, char *key_str, i { MCRYPT td; char *cipher_dir_string, *module_dir_string, *key_copy, *iv_copy; - int i, status = SUCCESS, count, *key_sizes, key_size, iv_size, block_size; + int i, status = SUCCESS, count, *key_sizes, key_size, iv_size, block_size, iv_req; MCRYPT_GET_INI @@ -1068,6 +1068,7 @@ int php_mcrypt_func(php_mcrypt_op op, char *cipher, char *mode, char *key_str, i mcrypt_free(key_sizes); iv_size = mcrypt_enc_get_iv_size(td); + iv_req = mcrypt_enc_mode_has_iv(td); if (iv_len) { if (iv_len == iv_size) { iv_copy = estrndup(iv_str, iv_len); @@ -1077,7 +1078,9 @@ int php_mcrypt_func(php_mcrypt_op op, char *cipher, char *mode, char *key_str, i memcpy(iv_copy, iv_str, MIN(iv_len, iv_size)); } } else { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempt to use an empty IV, which is NOT recommended"); + if (iv_req) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempt to use an empty IV, which is NOT recommended"); + } iv_copy = ecalloc(1, iv_size); } diff --git a/ext/mcrypt/tests/bug43143.phpt b/ext/mcrypt/tests/bug43143.phpt new file mode 100644 index 0000000000..90dd9fc488 --- /dev/null +++ b/ext/mcrypt/tests/bug43143.phpt @@ -0,0 +1,22 @@ +--TEST-- +Bug #43143 (Warning about empty IV with MCRYPT_MODE_ECB) +--SKIPIF-- +<?php if (!extension_loaded("mcrypt")) print "skip"; ?> +--FILE-- +<?php +echo "ECB\n"; +$input = 'to be encrypted'; +$mkey = hash('sha256', 'secret key', TRUE); +$data = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $mkey, $input, MCRYPT_MODE_ECB); +echo "CFB\n"; +$input = 'to be encrypted'; +$mkey = hash('sha256', 'secret key', TRUE); +$data = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $mkey, $input, MCRYPT_MODE_CFB); +echo "END\n"; +?> +--EXPECTF-- +ECB +CFB + +Warning: mcrypt_encrypt(): Attempt to use an empty IV, which is NOT recommended in %sbug43143.php on line 9 +END |