{
MCRYPT td;
char *cipher_dir_string, *module_dir_string, *key_copy, *iv_copy;
- int i, status = SUCCESS, count, *key_sizes, key_size, iv_size, block_size;
+ int i, status = SUCCESS, count, *key_sizes, key_size, iv_size, block_size, iv_req;
MCRYPT_GET_INI
mcrypt_free(key_sizes);
iv_size = mcrypt_enc_get_iv_size(td);
+ iv_req = mcrypt_enc_mode_has_iv(td);
if (iv_len) {
if (iv_len == iv_size) {
iv_copy = estrndup(iv_str, iv_len);
memcpy(iv_copy, iv_str, MIN(iv_len, iv_size));
}
} else {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempt to use an empty IV, which is NOT recommended");
+ if (iv_req) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempt to use an empty IV, which is NOT recommended");
+ }
iv_copy = ecalloc(1, iv_size);
}
--- /dev/null
+--TEST--
+Bug #43143 (Warning about empty IV with MCRYPT_MODE_ECB)
+--SKIPIF--
+<?php if (!extension_loaded("mcrypt")) print "skip"; ?>
+--FILE--
+<?php
+echo "ECB\n";
+$input = 'to be encrypted';
+$mkey = hash('sha256', 'secret key', TRUE);
+$data = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $mkey, $input, MCRYPT_MODE_ECB);
+echo "CFB\n";
+$input = 'to be encrypted';
+$mkey = hash('sha256', 'secret key', TRUE);
+$data = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $mkey, $input, MCRYPT_MODE_CFB);
+echo "END\n";
+?>
+--EXPECTF--
+ECB
+CFB
+
+Warning: mcrypt_encrypt(): Attempt to use an empty IV, which is NOT recommended in %sbug43143.php on line 9
+END
projects / php / commitdiff