diff options
| author | Jakub Zelenka <bukka@php.net> | 2019-06-02 19:13:18 +0100 |
|---|---|---|
| committer | Jakub Zelenka <bukka@php.net> | 2019-06-02 19:13:18 +0100 |
| commit | 8f69ca8dcd926aab855a36019e7a325e74239a0b (patch) | |
| tree | bd3dc8328fb272e5d3b717d0e19eff7df2720eb0 | |
| parent | 793fd6bce9da7feab56ab96da9c5bb055aa0ca60 (diff) | |
| parent | 2e025794745e09f7d0c72822ad0238bf6d67b2e8 (diff) | |
| download | php-git-8f69ca8dcd926aab855a36019e7a325e74239a0b.tar.gz | |
Merge branch 'PHP-7.2' into PHP-7.3
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | ext/openssl/openssl.c | 5 | ||||
| -rw-r--r-- | ext/openssl/tests/openssl_encrypt_ccm.phpt | 12 |
3 files changed, 17 insertions, 4 deletions
@@ -22,6 +22,10 @@ PHP NEWS . Fixed bug #78015 (Incorrect evaluation of expressions involving partials arrays in SCCP). (Nikita) +- OpenSSL: + . Fixed bug #78079 (openssl_encrypt_ccm.phpt fails with OpenSSL 1.1.1c). + (Jakub Zelenka) + - Sockets: . Fixed bug #78038 (Socket_select fails when resource array contains references). (Nikita) diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 13c997741f..08cb01fba1 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -6496,7 +6496,10 @@ static int php_openssl_cipher_init(const EVP_CIPHER *cipher_type, return FAILURE; } if (mode->is_single_run_aead && enc) { - EVP_CIPHER_CTX_ctrl(cipher_ctx, mode->aead_set_tag_flag, tag_len, NULL); + if (!EVP_CIPHER_CTX_ctrl(cipher_ctx, mode->aead_set_tag_flag, tag_len, NULL)) { + php_error_docref(NULL, E_WARNING, "Setting tag length for AEAD cipher failed"); + return FAILURE; + } } else if (!enc && tag && tag_len > 0) { if (!mode->is_aead) { php_error_docref(NULL, E_WARNING, "The tag cannot be used because the cipher method does not support AEAD"); diff --git a/ext/openssl/tests/openssl_encrypt_ccm.phpt b/ext/openssl/tests/openssl_encrypt_ccm.phpt index c8610bc96b..fb5dbbc849 100644 --- a/ext/openssl/tests/openssl_encrypt_ccm.phpt +++ b/ext/openssl/tests/openssl_encrypt_ccm.phpt @@ -24,9 +24,12 @@ foreach ($tests as $idx => $test) { // Empty IV error var_dump(openssl_encrypt('data', $method, 'password', 0, NULL, $tag, '')); -// Test setting different IV length and unlimeted tag -var_dump(openssl_encrypt('data', $method, 'password', 0, str_repeat('x', 10), $tag, '', 1024)); +// Test setting different IV length and tag length +var_dump(openssl_encrypt('data', $method, 'password', 0, str_repeat('x', 10), $tag, '', 14)); var_dump(strlen($tag)); + +// Test setting invalid tag length +var_dump(openssl_encrypt('data', $method, 'password', 0, str_repeat('x', 16), $tag, '', 1024)); ?> --EXPECTF-- TEST 0 @@ -36,4 +39,7 @@ bool(true) Warning: openssl_encrypt(): Setting of IV length for AEAD mode failed in %s on line %d bool(false) string(8) "p/lvgA==" -int(1024) +int(14) + +Warning: openssl_encrypt(): Setting of IV length for AEAD mode failed in %s on line %d +bool(false) |