From: Nikita Popov Date: Tue, 11 Mar 2014 12:42:16 +0000 (+0100) Subject: Use /dev/urandom as the default mcrypt_create_iv() source X-Git-Tag: PRE_PHPNG_MERGE~493^2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=fd5fbba98cdc800c9f25b6213ed72bd24792ecde;p=php Use /dev/urandom as the default mcrypt_create_iv() source Also fixes the ARGINFO for mcrypt_create_iv() and adds missing UPGRADING entries. --- diff --git a/NEWS b/NEWS index 915120c999..7b664cf292 100644 --- a/NEWS +++ b/NEWS @@ -23,7 +23,7 @@ PHP NEWS CVE-2013-7327). (Tomas Hoger, Remi). - Hash: - . Fixed buf #66698 (Missing FNV1a32 and FNV1a64 hash functions). + . Fixed bug #66698 (Missing FNV1a32 and FNV1a64 hash functions). (Michael M Slusarz). - Mail: @@ -33,6 +33,7 @@ PHP NEWS . No longer allow invalid key sizes, invalid IV sizes or missing required IV in mcrypt_encrypt, mcrypt_decrypt and the deprecated mode functions. (Nikita) + . Use /dev/urandom as the default source for mcrypt_create_iv(). (Nikita) - MySQLi: . Fixed bug #66762 (Segfault in mysqli_stmt::bind_result() when link closed) diff --git a/UPGRADING b/UPGRADING index 40d30fd72b..4c05ee4391 100755 --- a/UPGRADING +++ b/UPGRADING @@ -41,6 +41,11 @@ PHP 5.6 UPGRADE NOTES context options, so most users should be unaffected by this transparent security enhancement. (https://wiki.php.net/rfc/tls-peer-verification) +- Mcrypt: + The mcrypt_encrypt(), mcrypt_decrypt() and mcrypt_{MODE}() functions no + longer accept keys or IVs with incorrect sizes. Furthermore an IV is now + required if the used block cipher mode requires it. + ======================================== 2. New Features ======================================== @@ -159,6 +164,10 @@ PHP 5.6 UPGRADE NOTES crypt() will now raise an E_NOTICE error if the salt parameter is omitted. See: https://wiki.php.net/rfc/crypt_function_salt +- Mcrypt: + The $source parameter of mcrypt_create_iv() now defaults to + MCRYPT_DEV_URANDOM instead of MCRYPT_DEV_RANDOM. + - XMLReader: XMLReader::getAttributeNs and XMLReader::getAttributeNo now return NULL if the attribute could not be found, just like XMLReader::getAttribute. diff --git a/ext/mcrypt/mcrypt.c b/ext/mcrypt/mcrypt.c index 70a458d976..5fc632b050 100644 --- a/ext/mcrypt/mcrypt.c +++ b/ext/mcrypt/mcrypt.c @@ -232,7 +232,7 @@ ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_ofb, 0, 0, 5) ZEND_ARG_INFO(0, iv) ZEND_END_ARG_INFO() -ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_create_iv, 0, 0, 2) +ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_create_iv, 0, 0, 1) ZEND_ARG_INFO(0, size) ZEND_ARG_INFO(0, source) ZEND_END_ARG_INFO() @@ -313,6 +313,12 @@ ZEND_GET_MODULE(mcrypt) #define MCRYPT_ENCRYPT 0 #define MCRYPT_DECRYPT 1 +typedef enum { + RANDOM = 0, + URANDOM, + RAND +} iv_source; + #define MCRYPT_GET_INI \ cipher_dir_string = MCG(algorithms_dir); \ module_dir_string = MCG(modes_dir); @@ -384,9 +390,9 @@ static PHP_MINIT_FUNCTION(mcrypt) /* {{{ */ REGISTER_LONG_CONSTANT("MCRYPT_DECRYPT", 1, CONST_PERSISTENT); /* sources for mcrypt_create_iv */ - REGISTER_LONG_CONSTANT("MCRYPT_DEV_RANDOM", 0, CONST_PERSISTENT); - REGISTER_LONG_CONSTANT("MCRYPT_DEV_URANDOM", 1, CONST_PERSISTENT); - REGISTER_LONG_CONSTANT("MCRYPT_RAND", 2, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("MCRYPT_DEV_RANDOM", RANDOM, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("MCRYPT_DEV_URANDOM", URANDOM, CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("MCRYPT_RAND", RAND, CONST_PERSISTENT); /* ciphers */ MCRYPT_ENTRY2_2_4(3DES, "tripledes"); @@ -495,12 +501,6 @@ PHP_MINFO_FUNCTION(mcrypt) /* {{{ */ } /* }}} */ -typedef enum { - RANDOM = 0, - URANDOM, - RAND -} iv_source; - /* {{{ proto resource mcrypt_module_open(string cipher, string cipher_directory, string mode, string mode_directory) Opens the module of the algorithm and the mode to be used */ PHP_FUNCTION(mcrypt_module_open) @@ -1393,7 +1393,7 @@ PHP_FUNCTION(mcrypt_ofb) PHP_FUNCTION(mcrypt_create_iv) { char *iv; - long source = RANDOM; + long source = URANDOM; long size; int n = 0;