Commit graph

928 commits

Author SHA1 Message Date
Stanislav Malyshev
fe789b3f7c Fix bug #73276 - crash in openssl_random_pseudo_bytes function
(cherry picked from commit 85a22a0af0)
(cherry picked from commit 7dc8b5e7ae)
2016-10-14 01:42:19 +02:00
Stanislav Malyshev
ff75665663 Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0:
  Fix outlen for openssl function
  Syncronize with 5.6 - __toString should return ""
  Fix potential overflows in php_pcre_replace_impl
2016-10-12 23:26:15 -07:00
Stanislav Malyshev
cd8c9b0614 Fix outlen for openssl function
Even though datalen can't be over int, outlen can.
2016-10-12 23:19:07 -07:00
Anatol Belski
d103a41679 Merge branch 'PHP-7.0' into PHP-7.1
* PHP-7.0:
  followup with #73276 merge
  fix test
  Fix bug #73276 - crash in openssl_random_pseudo_bytes function
  Fix bug #73293 - NULL pointer dereference in SimpleXMLElement::asXML()
  Fix for #73240 - Write out of bounds at number_format
  avoid strlen
  Bug #73218: add mitigation for ICU int overflow
  Add more locale length checks, due to ICU bugs.
  Fix bug #73150: missing NULL check in dom_document_save_html
  Clear FG(user_stream_current_filename) when bailing out
  set versions and release date
  sync NEWS
  Revert "Fixed bug #73067 (__debugInfo crashes when throwing an exception)"
  Fix for #73240 - Write out of bounds at number_format
  Fix bug #73257 and bug #73258 - SplObjectStorage unserialize allows use of non-object as key
  set versions
  Fix bug #73091 - Unserializing DateInterval object may lead to __toString invocation
2016-10-12 16:06:11 +02:00
Anatol Belski
b135ba3fa9 followup with #73276 merge 2016-10-12 16:03:35 +02:00
Stanislav Malyshev
7dc8b5e7ae Fix bug #73276 - crash in openssl_random_pseudo_bytes function
(cherry picked from commit 85a22a0af0)
2016-10-12 15:55:42 +02:00
Jakub Zelenka
f13fd9e72a Merge branch 'PHP-7.1' 2016-08-14 20:44:08 +01:00
Jakub Zelenka
427c8c809d Set DSA or DH key only if pub key supplied 2016-08-14 20:42:56 +01:00
Jakub Zelenka
fba632e6d0 Merge branch 'PHP-7.1' 2016-08-14 19:37:29 +01:00
Jakub Zelenka
c3c90abb17 Return false if tag is not supplied or cannot be retrieved in AEAD
It doesn't make sense to return just encoded string as it cannot be
used anyway (decryption without a tag will not work).
2016-08-14 19:34:03 +01:00
Jakub Zelenka
9ed2a70757 Merge branch 'PHP-7.1' 2016-08-03 20:07:57 +01:00
Jakub Zelenka
6822af2e73 Do not add already added object to the internal OpenSSL table
This fixes OpenSSL 1.1 where adding object with OID that has been
already added causes an error - preventing of duplication.
2016-08-03 20:01:41 +01:00
Mark Jones
e63ceacfca Remove unused DEFAULT_KEY_LENGTH define 2016-07-23 16:04:55 +02:00
Lauri Kenttä
f775199ac7 Require strict base64 in openssl_decode
Using invalid data in a security-related context makes no sense,
and there's even a test which depends on invalid base64 data failing,
even though it currently fails for the wrong reasons by sheer luck.
2016-07-22 18:03:55 +02:00
Jakub Zelenka
98ac90b7e2 Add missing X509_get_signature_nid for 1.0.1 2016-07-19 20:13:13 +01:00
Jakub Zelenka
ea35d309b9 Update authors of openssl.c 2016-07-17 20:48:20 +01:00
Jakub Zelenka
6c497ad2d2 Use opaque EVP_PKEY for new EC logic in openssl_pkey_new 2016-07-17 20:44:33 +01:00
Jakub Zelenka
2ecce94756 Use opaque RSA, DSA and DH 2016-07-17 20:24:34 +01:00
Jakub Zelenka
329f74a11d Add missing creating of md_ctx in openssl_digest 2016-07-17 20:01:37 +01:00
Jakub Zelenka
e5780c8cd0 Add missing break in php_openssl_is_private_key 2016-07-17 17:46:14 +01:00
Jakub Zelenka
0afa0b1f83 The DSS1 is not available in OpenSSL 1.1 2016-07-17 17:46:13 +01:00
Jakub Zelenka
d73735a750 Move and use opaque pkey in openssl_dh_compute_key 2016-07-17 17:43:34 +01:00
Jakub Zelenka
1a4e910e8d Use opaque pkey in openssl_pkey_get_details 2016-07-17 17:43:34 +01:00
Jakub Zelenka
f08660bb58 Use EVP_PKEY_base_id where possible 2016-07-17 17:33:42 +01:00
Jakub Zelenka
f1de72293e Use opaque EVP_PKEY in php_openssl_is_private_key 2016-07-17 17:33:42 +01:00
Jakub Zelenka
0598a8da2b Do not use X509 props directly in openssl_x509_parse 2016-07-17 17:33:42 +01:00
Jakub Zelenka
e138b51dad Do not use X509_EXTENSION data directly as it is opaque 2016-07-17 17:33:42 +01:00
Jakub Zelenka
84a291d4da Wrap pkey id and rsa getters 2016-07-17 17:33:42 +01:00
Jakub Zelenka
fd9142a647 Use opaque md ctx in openssl_sign and openssl_verify 2016-07-17 17:33:42 +01:00
Jakub Zelenka
b8164673eb Use opaque cipher ctx in openssl_seal and openssl_open 2016-07-17 17:33:42 +01:00
Jakub Zelenka
3a8531e767 Use opaque EVP_MD_CTX in openssl_digest 2016-07-17 17:33:41 +01:00
Jakub Zelenka
5f569cc03e Bump minimal OpenSSL version to 1.0.1 2016-07-17 17:21:07 +01:00
Remi Collet
642aee1deb Cleanup all SSLv2 code, whatever OpenSSL version is 2016-07-17 16:41:47 +01:00
Dmitry Stogov
0cfb47651c Fixed compilation warnings 2016-06-28 11:37:51 +03:00
Jakub Zelenka
e8a09ddc07 Improve openssl ecc keypair support implementation 2016-06-26 16:55:51 +01:00
Dominic Luechinger
9688138d38 Adds initial support to generate and work with ECC public key pair
New features:
- openssl_get_curve_names => list ECC curve names
- generate a ECC public key pair
- generate an CSR with an ECC key
- export x,y,d params of ECC public/private key

Thanks to @bukka for the review and feedback
2016-06-26 16:15:25 +01:00
Dmitry Stogov
323b2733f6 Fixed compilation warnings 2016-06-22 00:40:50 +03:00
Dmitry Stogov
1616038698 Added ZEND_ATTRIBUTE_FORMAT to some middind functions.
"%p" replaced by ZEND_LONG_FMT to avoid compilation warnings.
Fixed most incorrect use cases of format specifiers.
2016-06-21 16:00:37 +03:00
Jakub Zelenka
e63a8540a6 Merge branch 'openssl_error_store' into openssl_aead 2016-06-19 17:05:48 +01:00
Jakub Zelenka
b44cf1a854 Merge branch 'PHP-7.0' into openssl_error_store 2016-06-12 18:56:55 +01:00
Jakub Zelenka
a2f4c32eb1 Merge branch 'PHP-5.6' into PHP-7.0 2016-06-12 18:39:32 +01:00
Jakub Zelenka
0e2447cd11 Fix bug #71915 (openssl_random_pseudo_bytes is not fork-safe)
Add time to the entropy before using RAND_bytes
2016-06-12 18:14:21 +01:00
Jakub Zelenka
54310d95f9 Fix bug #72336 (openssl_pkey_new does not fail for invalid DSA params) 2016-06-12 18:14:21 +01:00
Jakub Zelenka
84dce33b04 Merge branch 'PHP-5.6' into PHP-7.0 2016-06-08 18:36:36 +01:00
Jakub Zelenka
05033c9ebd Fix bug #72140 (segfault after calling ERR_free_strings()) 2016-06-08 18:21:39 +01:00
Anatol Belski
5afba67bfe Re-fix #72165
Reverted previous wrong patch, throw warning for numeric keys.
Numeric field names are not supported, see "distinguished name"
section here https://www.openssl.org/docs/manmaster/apps/req.html
2016-05-06 09:30:41 +02:00
Anatol Belski
dd5479ea4c Revert "Fixed bug #72165 Null pointer dereference - openssl_csr_new"
This reverts commit 7277c85765.
2016-05-06 09:19:04 +02:00
Anatol Belski
7277c85765 Fixed bug #72165 Null pointer dereference - openssl_csr_new 2016-05-06 09:01:27 +02:00
Jakub Zelenka
6ac8bc4ecb Merge branch 'openssl_error_store' of github.com:bukka/php-src into openssl_error_store 2016-04-03 19:56:15 +01:00
Jakub Zelenka
df85331220 Correctly store OpenSSL erorrs for encrypt_key 2016-04-03 19:54:39 +01:00