Commit graph

34 commits

Author SHA1 Message Date
Daniel Kesselberg
fa10dfcc81
Add PKCS7_NOOLDMIMETYPE and OPENSSL_CMS_OLDMIMETYPE
PKCS7_NOOLDMIMETYPE to use Content-Type application/pkcs7-mime
OPENSSL_CMS_OLDMIMETYPE to use Content-Type application/x-pkcs7-mime

SMIME_write_PKCS7 and SMIME_write_CMS are using SMIME_write_ASN1_ex.
The Content-Type application/x-pkcs7-mime is generated with the flag SMIME_OLDMIME (0x400).[^1]

SMIME_write_PKCS7 set SMIME_OLDMIME by default.[^2]
SMIME_write_CMS does not.[^3]

I picked OPENSSL_CMS_OLDMIMETYPE over OPENSSL_CMS_NOOLDMIMETYPE because that's what the flag actually does.

[^1]: 9a2f78e14a/crypto/asn1/asn_mime.c (L248-L251)
[^2]: 9a2f78e14a/crypto/pkcs7/pk7_mime.c (L41-L43)
[^3]: 9a2f78e14a/crypto/cms/cms_io.c (L93)

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2023-05-06 11:12:31 +01:00
Jakub Zelenka
c8d8bf7c59
Merge branch 'PHP-8.1' into PHP-8.2 2022-11-25 14:07:41 +00:00
Jakub Zelenka
3e2184f795
Fix OpenSSL conflicting merge for compilation issue with old digests 2022-10-23 00:39:42 +01:00
Jakub Zelenka
35e2a25d83
Add openssl_cipher_key_length function
This function works in exactly the same way as openssl_cipher_iv_length
but for a key length. This is especially useful to make sure that the
right key length is provided to openssl_encrypt and openssl_decrypt.

In addtion the change also updates implementation of
openssl_cipher_iv_length and adds a test for it.
2022-08-28 12:27:16 +01:00
Máté Kocsis
b358834c72
Declare ext/openssl constants in stubs (#9046) 2022-07-20 15:40:10 +02:00
Tim Düsterhus
342e18f105
Support the actual #[\SensitiveParameter] attribute in stubs (#8836) 2022-07-12 12:43:44 +02:00
Tim Düsterhus
c311ab7ef7 Mark parameter in ext/openssl as sensitive 2022-06-13 11:09:12 +02:00
Christoph M. Becker
c821886777
Merge branch 'PHP-8.0' into PHP-8.1
* PHP-8.0:
  Fix openssl_csr_export() stub
2022-04-13 15:23:09 +02:00
Mikko Pesari
16bf8331e0
Fix openssl_csr_export() stub
Closes GH-8362.
2022-04-13 15:20:58 +02:00
Nikita Popov
7f0d3f5413 Fixed bug #81502
Allow $tag to be null. This is the value that openssl_encrypt()
sets it to for non-AEAD ciphers, so we should also accept this
as an input to openssl_decrypt().

Prior to PHP 8.1, null was accepted in weak mode due to the special
treatment of null arguments to internal functions.
2021-10-08 14:07:05 +02:00
Máté Kocsis
d9e5e63032
Add more specific array return type hints for various extensions - part 6 (#7474) 2021-10-07 14:29:29 +02:00
Nikita Popov
7b34db0659 Switch default PKCS7/CMS cipher to AES-128-CBC
Switch default cipher for openssl_pkcs7_encrypt() and
openssl_cms_encrypt() from RC2-40 to AES-128-CBC.

The RC2-40 cipher is considered insecure and is not loaded by
default in OpenSSL 3, which means that these functions will
always fail with default arguments.

As the used algorithm is embedded in the result (which makes this
different from the openssl_encrypt() case) changing the default
algorithm should be safe.

Closes GH-7357.
2021-08-16 12:31:48 +02:00
Joe Watkins
570d9b63e9
Not serializable flag permeation 2021-07-20 12:28:35 +02:00
Máté Kocsis
fc0d8983d3
Fix some smaller formatting inconsistencies in stubs 2021-07-20 00:52:26 +02:00
Nikita Popov
c15dc63ad2 Merge branch 'PHP-8.0'
* PHP-8.0:
  openssl_pkcs7_read: input is data not filename
2021-05-05 09:50:11 +02:00
Vincent JARDIN
bb0107b63d openssl_pkcs7_read: input is data not filename
The argument should be an input string and not a filename.

Fix: https://github.com/php/doc-en/pull/559
Suggested-by: George Peter Banyard <girgias@php.net>

Closes GH-6942.
2021-05-05 09:49:53 +02:00
Máté Kocsis
af56982a5e
Generate class entries from stubs for oci8, odbc, openssl, pcntl, pdo, pgsql
Closes GH-6691
2021-02-14 23:19:21 +01:00
Máté Kocsis
9d9bcc2b7c
Improve parameter names in ext/hash and ext/openssl
Closes GH-6156
2020-09-24 22:15:30 +02:00
Máté Kocsis
fa5a25b8bb
Adjust ext/openssl parameter names
Closes GH-6121
2020-09-15 14:27:54 +02:00
Máté Kocsis
e8e4ddce77
Improve parameter handling in ext/openssl
Closes GH-6025
2020-09-12 22:08:41 +02:00
Nikita Popov
3e14942756 Require $method parameter in openssl_seal/openssl_open
RC4 is considered insecure, and it's not possible to change the
default of these functions. As such, require the method to be
passed explicitly.

Closes GH-6093.
2020-09-08 14:21:01 +02:00
Nikita Popov
ca20f36b2a Fix types in openssl stub
These two $recipcert parameters don't use proper union types
right now. They are a bit tricky due to the $recipkey -> $recipcert
fallback.
2020-08-14 15:19:18 +02:00
Máté Kocsis
bdacd2ae8f
Add a few missing types to stubs 2020-08-01 23:55:08 +02:00
Máté Kocsis
9f44eca6b6
Convert resources to objects in ext/openssl
Closes GH-5860

Co-authored-by: Nikita Popov <nikita.ppv@gmail.com>
2020-08-01 22:47:20 +02:00
Eliot Lear
8583b8a9bf Add support for Cryptographic Message Syntax (CMS)
It add CMS (RFC 5652) support, which is an update to PKCS7.  The functions
are analogous BUT NOT IDENTICAL to openssl_pkcs7*.  In particular, support for
different encodings (PEM, DER, SMIME) is now available.
2020-06-07 16:58:34 +01:00
Máté Kocsis
21cfa03f17
Generate function entries for another batch of extensions
Closes GH-5352
2020-04-05 21:15:30 +02:00
Máté Kocsis
a43bc33fb2
Annotate function aliases in stubs 2020-04-04 13:03:16 +02:00
Máté Kocsis
736b22dc0b
Add stubs for aliases
Closes GH-5187
2020-02-18 21:10:36 +01:00
Christoph M. Becker
7d0102dfa7 Revert "Replace @param annotations with type declarations"
This reverts commit c31029f335.
2020-02-17 08:55:18 +01:00
Christoph M. Becker
c31029f335 Replace @param annotations with type declarations 2020-02-16 23:43:38 +01:00
Máté Kocsis
27e83d0fb8
Add union return types for function stubs 2019-11-11 14:54:55 +01:00
Christoph M. Becker
5dd5f1bc4a Finish OpenSSL arginfo stubs 2019-11-01 15:21:28 +01:00
Rimvydas Zilinskas
e4593c51ff Add more openssl stubs
Co-authored-by: Christoph M. Becker <cmbecker69@gmx.de>
2019-10-30 11:20:48 +01:00
Rimvydas Zilinskas
31d7f9763b Add partial openssl stubs
Closes GH-4509.
2019-08-10 22:19:16 +02:00