Sunday, September 7, 2008

[PHP-CVS] cvs: php-src(PHP_5_3) /ext/mcrypt mcrypt.c /ext/mcrypt/tests bug46010.phpt

felipe Sun Sep 7 22:57:37 2008 UTC

Added files: (Branch: PHP_5_3)
/php-src/ext/mcrypt/tests bug46010.phpt

Modified files:
/php-src/ext/mcrypt mcrypt.c
Log:
- MFH: Fixed bug #46010 (warnings incorrectly generated for iv in ecb mode)


http://cvs.php.net/viewvc.cgi/php-src/ext/mcrypt/mcrypt.c?r1=1.91.2.3.2.11.2.11&r2=1.91.2.3.2.11.2.12&diff_format=u
Index: php-src/ext/mcrypt/mcrypt.c
diff -u php-src/ext/mcrypt/mcrypt.c:1.91.2.3.2.11.2.11 php-src/ext/mcrypt/mcrypt.c:1.91.2.3.2.11.2.12
--- php-src/ext/mcrypt/mcrypt.c:1.91.2.3.2.11.2.11 Sun Aug 10 05:38:07 2008
+++ php-src/ext/mcrypt/mcrypt.c Sun Sep 7 22:57:37 2008
@@ -16,7 +16,7 @@
| Derick Rethans <derick@derickrethans.nl> |
+----------------------------------------------------------------------+
*/
-/* $Id: mcrypt.c,v 1.91.2.3.2.11.2.11 2008/08/10 05:38:07 felipe Exp $ */
+/* $Id: mcrypt.c,v 1.91.2.3.2.11.2.12 2008/09/07 22:57:37 felipe Exp $ */

#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -1196,7 +1196,7 @@
{
char *cipher_dir_string;
char *module_dir_string;
- int block_size, max_key_length, use_key_length, i, count, iv_size, req_iv;
+ int block_size, max_key_length, use_key_length, i, count, iv_size;
unsigned long int data_size;
int *key_length_sizes;
char *key_s = NULL, *iv_s;
@@ -1244,16 +1244,17 @@
/* Check IV */
iv_s = NULL;
iv_size = mcrypt_enc_get_iv_size (td);
- req_iv = mcrypt_enc_mode_has_iv(td);
- if (argc == 5) {
- if (iv_size != iv_len) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_IV_WRONG_SIZE);
- } else {
- iv_s = emalloc(iv_size + 1);
- memcpy(iv_s, iv, iv_size);
- }
- } else if (argc == 4) {
- if (req_iv == 1) {
+
+ /* IV is required */
+ if (mcrypt_enc_mode_has_iv(td) == 1) {
+ if (argc == 5) {
+ if (iv_size != iv_len) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_IV_WRONG_SIZE);
+ } else {
+ iv_s = emalloc(iv_size + 1);
+ memcpy(iv_s, iv, iv_size);
+ }
+ } else if (argc == 4) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempt to use an empty IV, which is NOT recommend");
iv_s = emalloc(iv_size + 1);
memset(iv_s, 0, iv_size + 1);

http://cvs.php.net/viewvc.cgi/php-src/ext/mcrypt/tests/bug46010.phpt?view=markup&rev=1.1
Index: php-src/ext/mcrypt/tests/bug46010.phpt
+++ php-src/ext/mcrypt/tests/bug46010.phpt
--TEST---
Bug #46010 (warnings incorrectly generated for iv in ecb mode)
--FILE--
<?php

var_dump(bin2hex(mcrypt_encrypt(MCRYPT_TRIPLEDES, "key", "data", MCRYPT_MODE_ECB)));
var_dump(bin2hex(mcrypt_encrypt(MCRYPT_TRIPLEDES, "key", "data", MCRYPT_MODE_ECB, "a")));
var_dump(bin2hex(mcrypt_encrypt(MCRYPT_TRIPLEDES, "key", "data", MCRYPT_MODE_ECB, "12345678")));

?>
--EXPECTF--
string(16) "372eeb4a524b8d31"
string(16) "372eeb4a524b8d31"
string(16) "372eeb4a524b8d31"

--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)