diff options
| author | Derick Rethans <derick@php.net> | 2007-12-01 17:20:45 +0000 |
|---|---|---|
| committer | Derick Rethans <derick@php.net> | 2007-12-01 17:20:45 +0000 |
| commit | fd73296bf2ece043d5b4b6e10016f0319cd67bf3 (patch) | |
| tree | b79a1ba491b567b6a4c0b881c7e17bce5be604e8 /ext | |
| parent | f5b1ee4b2b85e9cd363e1615bd267bc4cab3bdb8 (diff) | |
| download | php-git-fd73296bf2ece043d5b4b6e10016f0319cd67bf3.tar.gz | |
- MFH: Fixed bug #43143 (Warning about empty IV with MCRYPT_MODE_ECB).
Diffstat (limited to 'ext')
| -rw-r--r-- | ext/mcrypt/mcrypt.c | 5 | ||||
| -rw-r--r-- | ext/mcrypt/tests/bug43143.phpt | 22 |
2 files changed, 25 insertions, 2 deletions
diff --git a/ext/mcrypt/mcrypt.c b/ext/mcrypt/mcrypt.c index 8bde275d3e..114704f81c 100644 --- a/ext/mcrypt/mcrypt.c +++ b/ext/mcrypt/mcrypt.c @@ -993,7 +993,7 @@ static void php_mcrypt_do_crypt (char* cipher, zval **key, zval **data, char *mo { char *cipher_dir_string; char *module_dir_string; - int block_size, max_key_length, use_key_length, i, count, iv_size; + int block_size, max_key_length, use_key_length, i, count, iv_size, req_iv; unsigned long int data_size; int *key_length_sizes; char *key_s = NULL, *iv_s; @@ -1041,6 +1041,7 @@ static void php_mcrypt_do_crypt (char* cipher, zval **key, zval **data, char *mo /* Check IV */ iv_s = NULL; iv_size = mcrypt_enc_get_iv_size (td); + req_iv = mcrypt_enc_mode_has_iv(td); if (argc == 5) { if (iv_size != Z_STRLEN_PP(iv)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_IV_WRONG_SIZE); @@ -1049,7 +1050,7 @@ static void php_mcrypt_do_crypt (char* cipher, zval **key, zval **data, char *mo memcpy(iv_s, Z_STRVAL_PP(iv), iv_size); } } else if (argc == 4) { - if (iv_size != 0) { + if (req_iv == 1) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempt to use an empty IV, which is NOT recommend"); iv_s = emalloc(iv_size + 1); memset(iv_s, 0, iv_size + 1); diff --git a/ext/mcrypt/tests/bug43143.phpt b/ext/mcrypt/tests/bug43143.phpt new file mode 100644 index 0000000000..4c390439e0 --- /dev/null +++ b/ext/mcrypt/tests/bug43143.phpt @@ -0,0 +1,22 @@ +--TEST-- +Bug #43143 (Warning about empty IV with MCRYPT_MODE_ECB) +--SKIPIF-- +<?php if (!extension_loaded("mcrypt")) print "skip"; ?> +--FILE-- +<?php +echo "ECB\n"; +$input = 'to be encrypted'; +$mkey = hash('sha256', 'secret key', TRUE); +$data = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $mkey, $input, MCRYPT_MODE_ECB); +echo "CFB\n"; +$input = 'to be encrypted'; +$mkey = hash('sha256', 'secret key', TRUE); +$data = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $mkey, $input, MCRYPT_MODE_CFB); +echo "END\n"; +?> +--EXPECTF-- +ECB +CFB + +Warning: mcrypt_encrypt(): Attempt to use an empty IV, which is NOT recommend in %sbug43143.php on line 9 +END |