xref: /PHP-5.5/ext/mcrypt/mcrypt.c (revision 6c5211a0)
1 /*
2    +----------------------------------------------------------------------+
3    | PHP Version 5                                                        |
4    +----------------------------------------------------------------------+
5    | Copyright (c) 1997-2015 The PHP Group                                |
6    +----------------------------------------------------------------------+
7    | This source file is subject to version 3.01 of the PHP license,      |
8    | that is bundled with this package in the file LICENSE, and is        |
9    | available through the world-wide-web at the following url:           |
10    | http://www.php.net/license/3_01.txt                                  |
11    | If you did not receive a copy of the PHP license and are unable to   |
12    | obtain it through the world-wide-web, please send a note to          |
13    | license@php.net so we can mail you a copy immediately.               |
14    +----------------------------------------------------------------------+
15    | Authors: Sascha Schumann <sascha@schumann.cx>                        |
16    |          Derick Rethans <derick@derickrethans.nl>                    |
17    +----------------------------------------------------------------------+
18  */
19 /* $Id$ */
20 
21 #ifdef HAVE_CONFIG_H
22 #include "config.h"
23 #endif
24 
25 #include "php.h"
26 
27 #if HAVE_LIBMCRYPT
28 
29 #if PHP_WIN32
30 # include "win32/winutil.h"
31 #endif
32 
33 #include "php_mcrypt.h"
34 #include "fcntl.h"
35 
36 #define NON_FREE
37 #define MCRYPT2
38 #include "mcrypt.h"
39 #include "php_ini.h"
40 #include "php_globals.h"
41 #include "ext/standard/info.h"
42 #include "ext/standard/php_rand.h"
43 #include "php_mcrypt_filter.h"
44 
45 static int le_mcrypt;
46 
47 typedef struct _php_mcrypt {
48 	MCRYPT td;
49 	zend_bool init;
50 } php_mcrypt;
51 
52 /* {{{ arginfo */
53 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_open, 0, 0, 4)
54 	ZEND_ARG_INFO(0, cipher)
55 	ZEND_ARG_INFO(0, cipher_directory)
56 	ZEND_ARG_INFO(0, mode)
57 	ZEND_ARG_INFO(0, mode_directory)
58 ZEND_END_ARG_INFO()
59 
60 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_generic_init, 0, 0, 3)
61 	ZEND_ARG_INFO(0, td)
62 	ZEND_ARG_INFO(0, key)
63 	ZEND_ARG_INFO(0, iv)
64 ZEND_END_ARG_INFO()
65 
66 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_generic, 0, 0, 2)
67 	ZEND_ARG_INFO(0, td)
68 	ZEND_ARG_INFO(0, data)
69 ZEND_END_ARG_INFO()
70 
71 ZEND_BEGIN_ARG_INFO_EX(arginfo_mdecrypt_generic, 0, 0, 2)
72 	ZEND_ARG_INFO(0, td)
73 	ZEND_ARG_INFO(0, data)
74 ZEND_END_ARG_INFO()
75 
76 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_supported_key_sizes, 0, 0, 1)
77 	ZEND_ARG_INFO(0, td)
78 ZEND_END_ARG_INFO()
79 
80 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_self_test, 0, 0, 1)
81 	ZEND_ARG_INFO(0, td)
82 ZEND_END_ARG_INFO()
83 
84 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_close, 0, 0, 1)
85 	ZEND_ARG_INFO(0, td)
86 ZEND_END_ARG_INFO()
87 
88 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_generic_deinit, 0, 0, 1)
89 	ZEND_ARG_INFO(0, td)
90 ZEND_END_ARG_INFO()
91 
92 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_is_block_algorithm_mode, 0, 0, 1)
93 	ZEND_ARG_INFO(0, td)
94 ZEND_END_ARG_INFO()
95 
96 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_is_block_algorithm, 0, 0, 1)
97 	ZEND_ARG_INFO(0, td)
98 ZEND_END_ARG_INFO()
99 
100 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_is_block_mode, 0, 0, 1)
101 	ZEND_ARG_INFO(0, td)
102 ZEND_END_ARG_INFO()
103 
104 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_block_size, 0, 0, 1)
105 	ZEND_ARG_INFO(0, td)
106 ZEND_END_ARG_INFO()
107 
108 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_key_size, 0, 0, 1)
109 	ZEND_ARG_INFO(0, td)
110 ZEND_END_ARG_INFO()
111 
112 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_iv_size, 0, 0, 1)
113 	ZEND_ARG_INFO(0, td)
114 ZEND_END_ARG_INFO()
115 
116 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_algorithms_name, 0, 0, 1)
117 	ZEND_ARG_INFO(0, td)
118 ZEND_END_ARG_INFO()
119 
120 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_modes_name, 0, 0, 1)
121 	ZEND_ARG_INFO(0, td)
122 ZEND_END_ARG_INFO()
123 
124 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_self_test, 0, 0, 1)
125 	ZEND_ARG_INFO(0, algorithm)
126 	ZEND_ARG_INFO(0, lib_dir)
127 ZEND_END_ARG_INFO()
128 
129 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_is_block_algorithm_mode, 0, 0, 1)
130 	ZEND_ARG_INFO(0, mode)
131 	ZEND_ARG_INFO(0, lib_dir)
132 ZEND_END_ARG_INFO()
133 
134 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_is_block_algorithm, 0, 0, 1)
135 	ZEND_ARG_INFO(0, algorithm)
136 	ZEND_ARG_INFO(0, lib_dir)
137 ZEND_END_ARG_INFO()
138 
139 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_is_block_mode, 0, 0, 1)
140 	ZEND_ARG_INFO(0, mode)
141 	ZEND_ARG_INFO(0, lib_dir)
142 ZEND_END_ARG_INFO()
143 
144 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_get_algo_block_size, 0, 0, 1)
145 	ZEND_ARG_INFO(0, algorithm)
146 	ZEND_ARG_INFO(0, lib_dir)
147 ZEND_END_ARG_INFO()
148 
149 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_get_algo_key_size, 0, 0, 1)
150 	ZEND_ARG_INFO(0, algorithm)
151 	ZEND_ARG_INFO(0, lib_dir)
152 ZEND_END_ARG_INFO()
153 
154 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_get_supported_key_sizes, 0, 0, 1)
155 	ZEND_ARG_INFO(0, algorithm)
156 	ZEND_ARG_INFO(0, lib_dir)
157 ZEND_END_ARG_INFO()
158 
159 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_list_algorithms, 0, 0, 0)
160 	ZEND_ARG_INFO(0, lib_dir)
161 ZEND_END_ARG_INFO()
162 
163 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_list_modes, 0, 0, 0)
164 	ZEND_ARG_INFO(0, lib_dir)
165 ZEND_END_ARG_INFO()
166 
167 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_get_key_size, 0, 0, 2)
168 	ZEND_ARG_INFO(0, cipher)
169 	ZEND_ARG_INFO(0, module)
170 ZEND_END_ARG_INFO()
171 
172 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_get_block_size, 0, 0, 2)
173 	ZEND_ARG_INFO(0, cipher)
174 	ZEND_ARG_INFO(0, module)
175 ZEND_END_ARG_INFO()
176 
177 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_get_iv_size, 0, 0, 2)
178 	ZEND_ARG_INFO(0, cipher)
179 	ZEND_ARG_INFO(0, module)
180 ZEND_END_ARG_INFO()
181 
182 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_get_cipher_name, 0, 0, 1)
183 	ZEND_ARG_INFO(0, cipher)
184 ZEND_END_ARG_INFO()
185 
186 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_encrypt, 0, 0, 5)
187 	ZEND_ARG_INFO(0, cipher)
188 	ZEND_ARG_INFO(0, key)
189 	ZEND_ARG_INFO(0, data)
190 	ZEND_ARG_INFO(0, mode)
191 	ZEND_ARG_INFO(0, iv)
192 ZEND_END_ARG_INFO()
193 
194 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_decrypt, 0, 0, 5)
195 	ZEND_ARG_INFO(0, cipher)
196 	ZEND_ARG_INFO(0, key)
197 	ZEND_ARG_INFO(0, data)
198 	ZEND_ARG_INFO(0, mode)
199 	ZEND_ARG_INFO(0, iv)
200 ZEND_END_ARG_INFO()
201 
202 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_ecb, 0, 0, 5)
203 	ZEND_ARG_INFO(0, cipher)
204 	ZEND_ARG_INFO(0, key)
205 	ZEND_ARG_INFO(0, data)
206 	ZEND_ARG_INFO(0, mode)
207 	ZEND_ARG_INFO(0, iv)
208 ZEND_END_ARG_INFO()
209 
210 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_cbc, 0, 0, 5)
211 	ZEND_ARG_INFO(0, cipher)
212 	ZEND_ARG_INFO(0, key)
213 	ZEND_ARG_INFO(0, data)
214 	ZEND_ARG_INFO(0, mode)
215 	ZEND_ARG_INFO(0, iv)
216 ZEND_END_ARG_INFO()
217 
218 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_cfb, 0, 0, 5)
219 	ZEND_ARG_INFO(0, cipher)
220 	ZEND_ARG_INFO(0, key)
221 	ZEND_ARG_INFO(0, data)
222 	ZEND_ARG_INFO(0, mode)
223 	ZEND_ARG_INFO(0, iv)
224 ZEND_END_ARG_INFO()
225 
226 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_ofb, 0, 0, 5)
227 	ZEND_ARG_INFO(0, cipher)
228 	ZEND_ARG_INFO(0, key)
229 	ZEND_ARG_INFO(0, data)
230 	ZEND_ARG_INFO(0, mode)
231 	ZEND_ARG_INFO(0, iv)
232 ZEND_END_ARG_INFO()
233 
234 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_create_iv, 0, 0, 2)
235 	ZEND_ARG_INFO(0, size)
236 	ZEND_ARG_INFO(0, source)
237 ZEND_END_ARG_INFO()
238 /* }}} */
239 
240 const zend_function_entry mcrypt_functions[] = { /* {{{ */
241 	PHP_DEP_FE(mcrypt_ecb, 				arginfo_mcrypt_ecb)
242 	PHP_DEP_FE(mcrypt_cbc, 				arginfo_mcrypt_cbc)
243 	PHP_DEP_FE(mcrypt_cfb, 				arginfo_mcrypt_cfb)
244 	PHP_DEP_FE(mcrypt_ofb, 				arginfo_mcrypt_ofb)
245 	PHP_FE(mcrypt_get_key_size, 	arginfo_mcrypt_get_key_size)
246 	PHP_FE(mcrypt_get_block_size, 	arginfo_mcrypt_get_block_size)
247 	PHP_FE(mcrypt_get_cipher_name, 	arginfo_mcrypt_get_cipher_name)
248 	PHP_FE(mcrypt_create_iv, 		arginfo_mcrypt_create_iv)
249 
250 	PHP_FE(mcrypt_list_algorithms, 	arginfo_mcrypt_list_algorithms)
251 	PHP_FE(mcrypt_list_modes, 		arginfo_mcrypt_list_modes)
252 	PHP_FE(mcrypt_get_iv_size, 		arginfo_mcrypt_get_iv_size)
253 	PHP_FE(mcrypt_encrypt, 			arginfo_mcrypt_encrypt)
254 	PHP_FE(mcrypt_decrypt, 			arginfo_mcrypt_decrypt)
255 
256 	PHP_FE(mcrypt_module_open, 		arginfo_mcrypt_module_open)
257 	PHP_FE(mcrypt_generic_init, 	arginfo_mcrypt_generic_init)
258 	PHP_FE(mcrypt_generic, 			arginfo_mcrypt_generic)
259 	PHP_FE(mdecrypt_generic, 		arginfo_mdecrypt_generic)
260 	PHP_DEP_FALIAS(mcrypt_generic_end, mcrypt_generic_deinit, arginfo_mcrypt_generic_deinit)
261 	PHP_FE(mcrypt_generic_deinit, 	arginfo_mcrypt_generic_deinit)
262 
263 	PHP_FE(mcrypt_enc_self_test, 	arginfo_mcrypt_enc_self_test)
264 	PHP_FE(mcrypt_enc_is_block_algorithm_mode, arginfo_mcrypt_enc_is_block_algorithm_mode)
265 	PHP_FE(mcrypt_enc_is_block_algorithm, 	arginfo_mcrypt_enc_is_block_algorithm)
266 	PHP_FE(mcrypt_enc_is_block_mode, 		arginfo_mcrypt_enc_is_block_mode)
267 	PHP_FE(mcrypt_enc_get_block_size, 		arginfo_mcrypt_enc_get_block_size)
268 	PHP_FE(mcrypt_enc_get_key_size, 		arginfo_mcrypt_enc_get_key_size)
269 	PHP_FE(mcrypt_enc_get_supported_key_sizes, arginfo_mcrypt_enc_get_supported_key_sizes)
270 	PHP_FE(mcrypt_enc_get_iv_size, 			arginfo_mcrypt_enc_get_iv_size)
271 	PHP_FE(mcrypt_enc_get_algorithms_name, 	arginfo_mcrypt_enc_get_algorithms_name)
272 	PHP_FE(mcrypt_enc_get_modes_name, 		arginfo_mcrypt_enc_get_modes_name)
273 	PHP_FE(mcrypt_module_self_test, 		arginfo_mcrypt_module_self_test)
274 
275 	PHP_FE(mcrypt_module_is_block_algorithm_mode, 	arginfo_mcrypt_module_is_block_algorithm_mode)
276 	PHP_FE(mcrypt_module_is_block_algorithm, 		arginfo_mcrypt_module_is_block_algorithm)
277 	PHP_FE(mcrypt_module_is_block_mode, 			arginfo_mcrypt_module_is_block_mode)
278 	PHP_FE(mcrypt_module_get_algo_block_size, 		arginfo_mcrypt_module_get_algo_block_size)
279 	PHP_FE(mcrypt_module_get_algo_key_size, 		arginfo_mcrypt_module_get_algo_key_size)
280 	PHP_FE(mcrypt_module_get_supported_key_sizes, 	arginfo_mcrypt_module_get_supported_key_sizes)
281 
282 	PHP_FE(mcrypt_module_close, 					arginfo_mcrypt_module_close)
283 	PHP_FE_END
284 };
285 /* }}} */
286 
287 static PHP_MINFO_FUNCTION(mcrypt);
288 static PHP_MINIT_FUNCTION(mcrypt);
289 static PHP_MSHUTDOWN_FUNCTION(mcrypt);
290 
291 ZEND_DECLARE_MODULE_GLOBALS(mcrypt)
292 
293 zend_module_entry mcrypt_module_entry = {
294 	STANDARD_MODULE_HEADER,
295 	"mcrypt",
296 	mcrypt_functions,
297 	PHP_MINIT(mcrypt), PHP_MSHUTDOWN(mcrypt),
298 	NULL, NULL,
299 	PHP_MINFO(mcrypt),
300 	NO_VERSION_YET,
301 	PHP_MODULE_GLOBALS(mcrypt),
302 	NULL,
303 	NULL,
304 	NULL,
305 	STANDARD_MODULE_PROPERTIES_EX
306 };
307 
308 #ifdef COMPILE_DL_MCRYPT
309 ZEND_GET_MODULE(mcrypt)
310 #endif
311 
312 #define MCRYPT_ARGS2 											\
313 	zval **cipher, **data, **key, **mode; 						\
314 	int td; 													\
315 	char *ndata; 												\
316 	size_t bsize; 												\
317 	size_t nr; 													\
318 	size_t nsize
319 
320 #define MCRYPT_ARGS 											\
321 	MCRYPT_ARGS2; 												\
322 	zval **iv
323 
324 #define MCRYPT_SIZE 										\
325 	bsize = mcrypt_get_block_size(Z_LVAL_PP(cipher)); 		\
326 	nr = (Z_STRLEN_PP(data) + bsize - 1) / bsize; 			\
327 	nsize = nr * bsize
328 
329 #define MCRYPT_CHECK_TD_CPY 									\
330 	if (td < 0) { 												\
331 		php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_FAILED); 					\
332 		RETURN_FALSE; 											\
333 	} 															\
334 	ndata = ecalloc(nr, bsize); 								\
335 	memcpy(ndata, Z_STRVAL_PP(data), Z_STRLEN_PP(data))
336 
337 #define MCRYPT_CHECK_IV 										\
338 	convert_to_string_ex(iv);	 								\
339 	if (Z_STRLEN_PP(iv) != bsize) { 							\
340 		php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_IV_WRONG_SIZE); 			\
341 		RETURN_FALSE; 											\
342 	}
343 
344 #define MCRYPT_ACTION(x) 										\
345 	if (Z_LVAL_PP(mode) == 0) { 								\
346 		mcrypt_##x(td, ndata, nsize); 							\
347 	} else {													\
348 		mdecrypt_##x(td, ndata, nsize); 						\
349 	}															\
350 	end_mcrypt_##x(td)
351 
352 #define MCRYPT_IV_WRONG_SIZE "The IV parameter must be as long as the blocksize"
353 
354 #define MCRYPT_ENCRYPT 0
355 #define MCRYPT_DECRYPT 1
356 
357 #define MCRYPT_GET_INI											\
358 	cipher_dir_string = MCG(algorithms_dir); 					\
359 	module_dir_string = MCG(modes_dir);
360 
361 /*
362  * #warning is not ANSI C
363  * #warning Invalidate resource if the param count is wrong, or other problems
364  * #warning occurred during functions.
365  */
366 
367 #define MCRYPT_GET_CRYPT_ARGS										\
368 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sssZ|s", 	\
369 		&cipher, &cipher_len, &key, &key_len, &data, &data_len, &mode, &iv, &iv_len) == FAILURE) {	\
370 		return;		\
371 	}
372 
373 #define MCRYPT_GET_TD_ARG										\
374 	zval *mcryptind;											\
375 	php_mcrypt *pm;													\
376 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &mcryptind) == FAILURE) {			\
377 		return;																\
378 	}																						\
379 	ZEND_FETCH_RESOURCE (pm, php_mcrypt *, &mcryptind, -1, "MCrypt", le_mcrypt);
380 
381 #define MCRYPT_GET_MODE_DIR_ARGS(DIRECTORY)								\
382 	char *dir = NULL;                                                   \
383 	int   dir_len;                                                      \
384 	char *module;                                                       \
385 	int   module_len;                                                   \
386 	if (zend_parse_parameters (ZEND_NUM_ARGS() TSRMLS_CC,               \
387 		"s|s", &module, &module_len, &dir, &dir_len) == FAILURE) {      \
388 		return;                                                         \
389 	}
390 
391 #define MCRYPT_OPEN_MODULE_FAILED "Module initialization failed"
392 
393 #define MCRYPT_ENTRY2_2_4(a,b) REGISTER_STRING_CONSTANT("MCRYPT_" #a, b, CONST_PERSISTENT)
394 #define MCRYPT_ENTRY2_4(a) MCRYPT_ENTRY_NAMED(a, a)
395 
396 #define PHP_MCRYPT_INIT_CHECK	\
397 	if (!pm->init) {	\
398 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Operation disallowed prior to mcrypt_generic_init().");	\
399 		RETURN_FALSE;	\
400 	}	\
401 
PHP_INI_BEGIN()402 PHP_INI_BEGIN()
403 	STD_PHP_INI_ENTRY("mcrypt.algorithms_dir", NULL, PHP_INI_ALL, OnUpdateString, algorithms_dir, zend_mcrypt_globals, mcrypt_globals)
404 	STD_PHP_INI_ENTRY("mcrypt.modes_dir",      NULL, PHP_INI_ALL, OnUpdateString, modes_dir, zend_mcrypt_globals, mcrypt_globals)
405 PHP_INI_END()
406 
407 static void php_mcrypt_module_dtor(zend_rsrc_list_entry *rsrc TSRMLS_DC) /* {{{ */
408 {
409 	php_mcrypt *pm = (php_mcrypt *) rsrc->ptr;
410 	if (pm) {
411 		mcrypt_generic_deinit(pm->td);
412 		mcrypt_module_close(pm->td);
413 		efree(pm);
414 		pm = NULL;
415 	}
416 }
417 /* }}} */
418 
419 typedef enum {
420 	RANDOM = 0,
421 	URANDOM,
422 	RAND
423 } iv_source;
424 
PHP_MINIT_FUNCTION(mcrypt)425 static PHP_MINIT_FUNCTION(mcrypt) /* {{{ */
426 {
427 	le_mcrypt = zend_register_list_destructors_ex(php_mcrypt_module_dtor, NULL, "mcrypt", module_number);
428 
429 	/* modes for mcrypt_??? routines */
430 	REGISTER_LONG_CONSTANT("MCRYPT_ENCRYPT", 0, CONST_PERSISTENT);
431 	REGISTER_LONG_CONSTANT("MCRYPT_DECRYPT", 1, CONST_PERSISTENT);
432 
433 	/* sources for mcrypt_create_iv */
434 	REGISTER_LONG_CONSTANT("MCRYPT_DEV_RANDOM", 0, CONST_PERSISTENT);
435 	REGISTER_LONG_CONSTANT("MCRYPT_DEV_URANDOM", 1, CONST_PERSISTENT);
436 	REGISTER_LONG_CONSTANT("MCRYPT_RAND", 2, CONST_PERSISTENT);
437 
438 	/* ciphers */
439 	MCRYPT_ENTRY2_2_4(3DES, "tripledes");
440 	MCRYPT_ENTRY2_2_4(ARCFOUR_IV, "arcfour-iv");
441 	MCRYPT_ENTRY2_2_4(ARCFOUR, "arcfour");
442 	MCRYPT_ENTRY2_2_4(BLOWFISH, "blowfish");
443 	MCRYPT_ENTRY2_2_4(BLOWFISH_COMPAT, "blowfish-compat");
444 	MCRYPT_ENTRY2_2_4(CAST_128, "cast-128");
445 	MCRYPT_ENTRY2_2_4(CAST_256, "cast-256");
446 	MCRYPT_ENTRY2_2_4(CRYPT, "crypt");
447 	MCRYPT_ENTRY2_2_4(DES, "des");
448 	MCRYPT_ENTRY2_2_4(ENIGNA, "crypt");
449 	MCRYPT_ENTRY2_2_4(GOST, "gost");
450 	MCRYPT_ENTRY2_2_4(LOKI97, "loki97");
451 	MCRYPT_ENTRY2_2_4(PANAMA, "panama");
452 	MCRYPT_ENTRY2_2_4(RC2, "rc2");
453 	MCRYPT_ENTRY2_2_4(RIJNDAEL_128, "rijndael-128");
454 	MCRYPT_ENTRY2_2_4(RIJNDAEL_192, "rijndael-192");
455 	MCRYPT_ENTRY2_2_4(RIJNDAEL_256, "rijndael-256");
456 	MCRYPT_ENTRY2_2_4(SAFER64, "safer-sk64");
457 	MCRYPT_ENTRY2_2_4(SAFER128, "safer-sk128");
458 	MCRYPT_ENTRY2_2_4(SAFERPLUS, "saferplus");
459 	MCRYPT_ENTRY2_2_4(SERPENT, "serpent");
460 	MCRYPT_ENTRY2_2_4(THREEWAY, "threeway");
461 	MCRYPT_ENTRY2_2_4(TRIPLEDES, "tripledes");
462 	MCRYPT_ENTRY2_2_4(TWOFISH, "twofish");
463 	MCRYPT_ENTRY2_2_4(WAKE, "wake");
464 	MCRYPT_ENTRY2_2_4(XTEA, "xtea");
465 
466 	MCRYPT_ENTRY2_2_4(IDEA, "idea");
467 	MCRYPT_ENTRY2_2_4(MARS, "mars");
468 	MCRYPT_ENTRY2_2_4(RC6, "rc6");
469 	MCRYPT_ENTRY2_2_4(SKIPJACK, "skipjack");
470 /* modes */
471 	MCRYPT_ENTRY2_2_4(MODE_CBC, "cbc");
472 	MCRYPT_ENTRY2_2_4(MODE_CFB, "cfb");
473 	MCRYPT_ENTRY2_2_4(MODE_ECB, "ecb");
474 	MCRYPT_ENTRY2_2_4(MODE_NOFB, "nofb");
475 	MCRYPT_ENTRY2_2_4(MODE_OFB, "ofb");
476 	MCRYPT_ENTRY2_2_4(MODE_STREAM, "stream");
477 	REGISTER_INI_ENTRIES();
478 
479 	php_stream_filter_register_factory("mcrypt.*", &php_mcrypt_filter_factory TSRMLS_CC);
480 	php_stream_filter_register_factory("mdecrypt.*", &php_mcrypt_filter_factory TSRMLS_CC);
481 
482 	MCG(fd[RANDOM]) = -1;
483 	MCG(fd[URANDOM]) = -1;
484 
485 	return SUCCESS;
486 }
487 /* }}} */
488 
PHP_MSHUTDOWN_FUNCTION(mcrypt)489 static PHP_MSHUTDOWN_FUNCTION(mcrypt) /* {{{ */
490 {
491 	php_stream_filter_unregister_factory("mcrypt.*" TSRMLS_CC);
492 	php_stream_filter_unregister_factory("mdecrypt.*" TSRMLS_CC);
493 
494 	if (MCG(fd[RANDOM]) > 0) {
495 		close(MCG(fd[RANDOM]));
496 	}
497 
498 	if (MCG(fd[URANDOM]) > 0) {
499 		close(MCG(fd[URANDOM]));
500 	}
501 
502 	UNREGISTER_INI_ENTRIES();
503 	return SUCCESS;
504 }
505 /* }}} */
506 
507 #include "ext/standard/php_smart_str.h"
508 
PHP_MINFO_FUNCTION(mcrypt)509 PHP_MINFO_FUNCTION(mcrypt) /* {{{ */
510 {
511 	char **modules;
512 	char mcrypt_api_no[16];
513 	int i, count;
514 	smart_str tmp1 = {0};
515 	smart_str tmp2 = {0};
516 
517 	modules = mcrypt_list_algorithms(MCG(algorithms_dir), &count);
518 	if (count == 0) {
519 		smart_str_appends(&tmp1, "none");
520 	}
521 	for (i = 0; i < count; i++) {
522 		smart_str_appends(&tmp1, modules[i]);
523 		smart_str_appendc(&tmp1, ' ');
524 	}
525 	smart_str_0(&tmp1);
526 	mcrypt_free_p(modules, count);
527 
528 	modules = mcrypt_list_modes(MCG(modes_dir), &count);
529 	if (count == 0) {
530 		smart_str_appends(&tmp2, "none");
531 	}
532 	for (i = 0; i < count; i++) {
533 		smart_str_appends(&tmp2, modules[i]);
534 		smart_str_appendc(&tmp2, ' ');
535 	}
536 	smart_str_0 (&tmp2);
537 	mcrypt_free_p (modules, count);
538 
539 	snprintf (mcrypt_api_no, 16, "%d", MCRYPT_API_VERSION);
540 
541 	php_info_print_table_start();
542 	php_info_print_table_header(2, "mcrypt support", "enabled");
543 	php_info_print_table_header(2, "mcrypt_filter support", "enabled");
544 	php_info_print_table_row(2, "Version", LIBMCRYPT_VERSION);
545 	php_info_print_table_row(2, "Api No", mcrypt_api_no);
546 	php_info_print_table_row(2, "Supported ciphers", tmp1.c);
547 	php_info_print_table_row(2, "Supported modes", tmp2.c);
548 	smart_str_free(&tmp1);
549 	smart_str_free(&tmp2);
550 	php_info_print_table_end();
551 
552 	DISPLAY_INI_ENTRIES();
553 }
554 /* }}} */
555 
556 /* {{{ proto resource mcrypt_module_open(string cipher, string cipher_directory, string mode, string mode_directory)
557    Opens the module of the algorithm and the mode to be used */
PHP_FUNCTION(mcrypt_module_open)558 PHP_FUNCTION(mcrypt_module_open)
559 {
560 	char *cipher, *cipher_dir;
561 	char *mode,   *mode_dir;
562 	int   cipher_len, cipher_dir_len;
563 	int   mode_len,   mode_dir_len;
564 	MCRYPT td;
565 	php_mcrypt *pm;
566 
567 	if (zend_parse_parameters (ZEND_NUM_ARGS() TSRMLS_CC, "ssss",
568 		&cipher, &cipher_len, &cipher_dir, &cipher_dir_len,
569 		&mode,   &mode_len,   &mode_dir,   &mode_dir_len)) {
570 		return;
571 	}
572 
573 	td = mcrypt_module_open (
574 		cipher,
575 		cipher_dir_len > 0 ? cipher_dir : MCG(algorithms_dir),
576 		mode,
577 		mode_dir_len > 0 ? mode_dir : MCG(modes_dir)
578 	);
579 
580 	if (td == MCRYPT_FAILED) {
581 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not open encryption module");
582 		RETURN_FALSE;
583 	} else {
584 		pm = emalloc(sizeof(php_mcrypt));
585 		pm->td = td;
586 		pm->init = 0;
587 		ZEND_REGISTER_RESOURCE(return_value, pm, le_mcrypt);
588 	}
589 }
590 /* }}} */
591 
592 /* {{{ proto int mcrypt_generic_init(resource td, string key, string iv)
593    This function initializes all buffers for the specific module */
PHP_FUNCTION(mcrypt_generic_init)594 PHP_FUNCTION(mcrypt_generic_init)
595 {
596 	char *key, *iv;
597 	int key_len, iv_len;
598 	zval *mcryptind;
599 	unsigned char *key_s, *iv_s;
600 	int max_key_size, key_size, iv_size;
601 	php_mcrypt *pm;
602 	int result = 0;
603 
604 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rss", &mcryptind, &key, &key_len, &iv, &iv_len) == FAILURE) {
605 		return;
606 	}
607 
608 	ZEND_FETCH_RESOURCE(pm, php_mcrypt *, &mcryptind, -1, "MCrypt", le_mcrypt);
609 
610 	max_key_size = mcrypt_enc_get_key_size(pm->td);
611 	iv_size = mcrypt_enc_get_iv_size(pm->td);
612 
613 	if (key_len == 0) {
614 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Key size is 0");
615 	}
616 
617 	key_s = emalloc(key_len);
618 	memset(key_s, 0, key_len);
619 
620 	iv_s = emalloc(iv_size + 1);
621 	memset(iv_s, 0, iv_size + 1);
622 
623 	if (key_len > max_key_size) {
624 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Key size too large; supplied length: %d, max: %d", key_len, max_key_size);
625 		key_size = max_key_size;
626 	} else {
627 		key_size = key_len;
628 	}
629 	memcpy(key_s, key, key_len);
630 
631 	if (iv_len != iv_size) {
632 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Iv size incorrect; supplied length: %d, needed: %d", iv_len, iv_size);
633 		if (iv_len > iv_size) {
634 			iv_len = iv_size;
635 		}
636 	}
637 	memcpy(iv_s, iv, iv_len);
638 
639 	mcrypt_generic_deinit(pm->td);
640 	result = mcrypt_generic_init(pm->td, key_s, key_size, iv_s);
641 
642 	/* If this function fails, close the mcrypt module to prevent crashes
643 	 * when further functions want to access this resource */
644 	if (result < 0) {
645 		zend_list_delete(Z_LVAL_P(mcryptind));
646 		switch (result) {
647 			case -3:
648 				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Key length incorrect");
649 				break;
650 			case -4:
651 				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Memory allocation error");
652 				break;
653 			case -1:
654 			default:
655 				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown error");
656 				break;
657 		}
658 	} else {
659 		pm->init = 1;
660 	}
661 	RETVAL_LONG(result);
662 
663 	efree(iv_s);
664 	efree(key_s);
665 }
666 /* }}} */
667 
668 /* {{{ proto string mcrypt_generic(resource td, string data)
669    This function encrypts the plaintext */
PHP_FUNCTION(mcrypt_generic)670 PHP_FUNCTION(mcrypt_generic)
671 {
672 	zval *mcryptind;
673 	char *data;
674 	int data_len;
675 	php_mcrypt *pm;
676 	unsigned char* data_s;
677 	int block_size, data_size;
678 
679 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs", &mcryptind, &data, &data_len) == FAILURE) {
680 		return;
681 	}
682 
683 	ZEND_FETCH_RESOURCE(pm, php_mcrypt *, &mcryptind, -1, "MCrypt", le_mcrypt);
684 	PHP_MCRYPT_INIT_CHECK
685 
686 	if (data_len == 0) {
687 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "An empty string was passed");
688 		RETURN_FALSE
689 	}
690 
691 	/* Check blocksize */
692 	if (mcrypt_enc_is_block_mode(pm->td) == 1) { /* It's a block algorithm */
693 		block_size = mcrypt_enc_get_block_size(pm->td);
694 		data_size = (((data_len - 1) / block_size) + 1) * block_size;
695 		if (data_size <= 0) {
696 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Integer overflow in data size");
697 			RETURN_FALSE;
698 		}
699 		data_s = emalloc(data_size + 1);
700 		memset(data_s, 0, data_size);
701 		memcpy(data_s, data, data_len);
702 	} else { /* It's not a block algorithm */
703 		data_size = data_len;
704 		data_s = emalloc(data_size + 1);
705 		memset(data_s, 0, data_size);
706 		memcpy(data_s, data, data_len);
707 	}
708 
709 	mcrypt_generic(pm->td, data_s, data_size);
710 	data_s[data_size] = '\0';
711 
712 	RETVAL_STRINGL(data_s, data_size, 1);
713 	efree(data_s);
714 }
715 /* }}} */
716 
717 /* {{{ proto string mdecrypt_generic(resource td, string data)
718    This function decrypts the plaintext */
PHP_FUNCTION(mdecrypt_generic)719 PHP_FUNCTION(mdecrypt_generic)
720 {
721 	zval *mcryptind;
722 	char *data;
723 	int data_len;
724 	php_mcrypt *pm;
725 	char* data_s;
726 	int block_size, data_size;
727 
728 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs", &mcryptind, &data, &data_len) == FAILURE) {
729 		return;
730 	}
731 
732 	ZEND_FETCH_RESOURCE(pm, php_mcrypt * , &mcryptind, -1, "MCrypt", le_mcrypt);
733 	PHP_MCRYPT_INIT_CHECK
734 
735 	if (data_len == 0) {
736 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "An empty string was passed");
737 		RETURN_FALSE
738 	}
739 
740 	/* Check blocksize */
741 	if (mcrypt_enc_is_block_mode(pm->td) == 1) { /* It's a block algorithm */
742 		block_size = mcrypt_enc_get_block_size(pm->td);
743 		data_size = (((data_len - 1) / block_size) + 1) * block_size;
744 		if (data_size <= 0) {
745 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Integer overflow in data size");
746 			RETURN_FALSE;
747 		}
748 		data_s = emalloc(data_size + 1);
749 		memset(data_s, 0, data_size);
750 		memcpy(data_s, data, data_len);
751 	} else { /* It's not a block algorithm */
752 		data_size = data_len;
753 		data_s = emalloc(data_size + 1);
754 		memset(data_s, 0, data_size);
755 		memcpy(data_s, data, data_len);
756 	}
757 
758 	mdecrypt_generic(pm->td, data_s, data_size);
759 
760 	RETVAL_STRINGL(data_s, data_size, 1);
761 	efree(data_s);
762 }
763 /* }}} */
764 
765 /* {{{ proto array mcrypt_enc_get_supported_key_sizes(resource td)
766    This function decrypts the crypttext */
PHP_FUNCTION(mcrypt_enc_get_supported_key_sizes)767 PHP_FUNCTION(mcrypt_enc_get_supported_key_sizes)
768 {
769 	int i, count = 0;
770 	int *key_sizes;
771 
772 	MCRYPT_GET_TD_ARG
773 	array_init(return_value);
774 
775 	key_sizes = mcrypt_enc_get_supported_key_sizes(pm->td, &count);
776 
777 	for (i = 0; i < count; i++) {
778 		add_index_long(return_value, i, key_sizes[i]);
779 	}
780 
781 	mcrypt_free(key_sizes);
782 }
783 /* }}} */
784 
785 /* {{{ proto int mcrypt_enc_self_test(resource td)
786    This function runs the self test on the algorithm specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_self_test)787 PHP_FUNCTION(mcrypt_enc_self_test)
788 {
789 	MCRYPT_GET_TD_ARG
790 	RETURN_LONG(mcrypt_enc_self_test(pm->td));
791 }
792 /* }}} */
793 
794 /* {{{ proto bool mcrypt_module_close(resource td)
795    Free the descriptor td */
PHP_FUNCTION(mcrypt_module_close)796 PHP_FUNCTION(mcrypt_module_close)
797 {
798 	MCRYPT_GET_TD_ARG
799 	zend_list_delete(Z_LVAL_P(mcryptind));
800 	RETURN_TRUE;
801 }
802 /* }}} */
803 
804 /* {{{ proto bool mcrypt_generic_deinit(resource td)
805    This function terminates encrypt specified by the descriptor td */
PHP_FUNCTION(mcrypt_generic_deinit)806 PHP_FUNCTION(mcrypt_generic_deinit)
807 {
808 	MCRYPT_GET_TD_ARG
809 
810 	if (mcrypt_generic_deinit(pm->td) < 0) {
811 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not terminate encryption specifier");
812 		RETURN_FALSE
813 	}
814 	pm->init = 0;
815 	RETURN_TRUE
816 }
817 /* }}} */
818 
819 /* {{{ proto bool mcrypt_enc_is_block_algorithm_mode(resource td)
820    Returns TRUE if the mode is for use with block algorithms */
PHP_FUNCTION(mcrypt_enc_is_block_algorithm_mode)821 PHP_FUNCTION(mcrypt_enc_is_block_algorithm_mode)
822 {
823 	MCRYPT_GET_TD_ARG
824 
825 	if (mcrypt_enc_is_block_algorithm_mode(pm->td) == 1) {
826 		RETURN_TRUE
827 	} else {
828 		RETURN_FALSE
829 	}
830 }
831 /* }}} */
832 
833 /* {{{ proto bool mcrypt_enc_is_block_algorithm(resource td)
834    Returns TRUE if the alrogithm is a block algorithms */
PHP_FUNCTION(mcrypt_enc_is_block_algorithm)835 PHP_FUNCTION(mcrypt_enc_is_block_algorithm)
836 {
837 	MCRYPT_GET_TD_ARG
838 
839 	if (mcrypt_enc_is_block_algorithm(pm->td) == 1) {
840 		RETURN_TRUE
841 	} else {
842 		RETURN_FALSE
843 	}
844 }
845 /* }}} */
846 
847 /* {{{ proto bool mcrypt_enc_is_block_mode(resource td)
848    Returns TRUE if the mode outputs blocks */
PHP_FUNCTION(mcrypt_enc_is_block_mode)849 PHP_FUNCTION(mcrypt_enc_is_block_mode)
850 {
851 	MCRYPT_GET_TD_ARG
852 
853 	if (mcrypt_enc_is_block_mode(pm->td) == 1) {
854 		RETURN_TRUE
855 	} else {
856 		RETURN_FALSE
857 	}
858 }
859 /* }}} */
860 
861 /* {{{ proto int mcrypt_enc_get_block_size(resource td)
862    Returns the block size of the cipher specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_block_size)863 PHP_FUNCTION(mcrypt_enc_get_block_size)
864 {
865 	MCRYPT_GET_TD_ARG
866 	RETURN_LONG(mcrypt_enc_get_block_size(pm->td));
867 }
868 /* }}} */
869 
870 /* {{{ proto int mcrypt_enc_get_key_size(resource td)
871    Returns the maximum supported key size in bytes of the algorithm specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_key_size)872 PHP_FUNCTION(mcrypt_enc_get_key_size)
873 {
874 	MCRYPT_GET_TD_ARG
875 	RETURN_LONG(mcrypt_enc_get_key_size(pm->td));
876 }
877 /* }}} */
878 
879 /* {{{ proto int mcrypt_enc_get_iv_size(resource td)
880    Returns the size of the IV in bytes of the algorithm specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_iv_size)881 PHP_FUNCTION(mcrypt_enc_get_iv_size)
882 {
883 	MCRYPT_GET_TD_ARG
884 	RETURN_LONG(mcrypt_enc_get_iv_size(pm->td));
885 }
886 /* }}} */
887 
888 /* {{{ proto string mcrypt_enc_get_algorithms_name(resource td)
889    Returns the name of the algorithm specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_algorithms_name)890 PHP_FUNCTION(mcrypt_enc_get_algorithms_name)
891 {
892 	char *name;
893 	MCRYPT_GET_TD_ARG
894 
895 	name = mcrypt_enc_get_algorithms_name(pm->td);
896 	RETVAL_STRING(name, 1);
897 	mcrypt_free(name);
898 }
899 /* }}} */
900 
901 /* {{{ proto string mcrypt_enc_get_modes_name(resource td)
902    Returns the name of the mode specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_modes_name)903 PHP_FUNCTION(mcrypt_enc_get_modes_name)
904 {
905 	char *name;
906 	MCRYPT_GET_TD_ARG
907 
908 	name = mcrypt_enc_get_modes_name(pm->td);
909 	RETVAL_STRING(name, 1);
910 	mcrypt_free(name);
911 }
912 /* }}} */
913 
914 /* {{{ proto bool mcrypt_module_self_test(string algorithm [, string lib_dir])
915    Does a self test of the module "module" */
PHP_FUNCTION(mcrypt_module_self_test)916 PHP_FUNCTION(mcrypt_module_self_test)
917 {
918 	MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir);
919 
920 	if (mcrypt_module_self_test(module, dir) == 0) {
921 		RETURN_TRUE;
922 	} else {
923 		RETURN_FALSE;
924 	}
925 }
926 /* }}} */
927 
928 /* {{{ proto bool mcrypt_module_is_block_algorithm_mode(string mode [, string lib_dir])
929    Returns TRUE if the mode is for use with block algorithms */
PHP_FUNCTION(mcrypt_module_is_block_algorithm_mode)930 PHP_FUNCTION(mcrypt_module_is_block_algorithm_mode)
931 {
932 	MCRYPT_GET_MODE_DIR_ARGS(modes_dir)
933 
934 	if (mcrypt_module_is_block_algorithm_mode(module, dir) == 1) {
935 		RETURN_TRUE;
936 	} else {
937 		RETURN_FALSE;
938 	}
939 }
940 /* }}} */
941 
942 /* {{{ proto bool mcrypt_module_is_block_algorithm(string algorithm [, string lib_dir])
943    Returns TRUE if the algorithm is a block algorithm */
PHP_FUNCTION(mcrypt_module_is_block_algorithm)944 PHP_FUNCTION(mcrypt_module_is_block_algorithm)
945 {
946 	MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir)
947 
948 	if (mcrypt_module_is_block_algorithm(module, dir) == 1) {
949 		RETURN_TRUE;
950 	} else {
951 		RETURN_FALSE;
952 	}
953 }
954 /* }}} */
955 
956 /* {{{ proto bool mcrypt_module_is_block_mode(string mode [, string lib_dir])
957    Returns TRUE if the mode outputs blocks of bytes */
PHP_FUNCTION(mcrypt_module_is_block_mode)958 PHP_FUNCTION(mcrypt_module_is_block_mode)
959 {
960 	MCRYPT_GET_MODE_DIR_ARGS(modes_dir)
961 
962 	if (mcrypt_module_is_block_mode(module, dir) == 1) {
963 		RETURN_TRUE;
964 	} else {
965 		RETURN_FALSE;
966 	}
967 }
968 /* }}} */
969 
970 /* {{{ proto int mcrypt_module_get_algo_block_size(string algorithm [, string lib_dir])
971    Returns the block size of the algorithm */
PHP_FUNCTION(mcrypt_module_get_algo_block_size)972 PHP_FUNCTION(mcrypt_module_get_algo_block_size)
973 {
974 	MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir)
975 
976 	RETURN_LONG(mcrypt_module_get_algo_block_size(module, dir));
977 }
978 /* }}} */
979 
980 /* {{{ proto int mcrypt_module_get_algo_key_size(string algorithm [, string lib_dir])
981    Returns the maximum supported key size of the algorithm */
PHP_FUNCTION(mcrypt_module_get_algo_key_size)982 PHP_FUNCTION(mcrypt_module_get_algo_key_size)
983 {
984 	MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir);
985 
986 	RETURN_LONG(mcrypt_module_get_algo_key_size(module, dir));
987 }
988 /* }}} */
989 
990 /* {{{ proto array mcrypt_module_get_supported_key_sizes(string algorithm [, string lib_dir])
991    This function decrypts the crypttext */
PHP_FUNCTION(mcrypt_module_get_supported_key_sizes)992 PHP_FUNCTION(mcrypt_module_get_supported_key_sizes)
993 {
994 	int i, count = 0;
995 	int *key_sizes;
996 
997 	MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir)
998 	array_init(return_value);
999 
1000 	key_sizes = mcrypt_module_get_algo_supported_key_sizes(module, dir, &count);
1001 
1002 	for (i = 0; i < count; i++) {
1003 		add_index_long(return_value, i, key_sizes[i]);
1004 	}
1005 	mcrypt_free(key_sizes);
1006 }
1007 /* }}} */
1008 
1009 /* {{{ proto array mcrypt_list_algorithms([string lib_dir])
1010    List all algorithms in "module_dir" */
PHP_FUNCTION(mcrypt_list_algorithms)1011 PHP_FUNCTION(mcrypt_list_algorithms)
1012 {
1013 	char **modules;
1014 	char *lib_dir = MCG(algorithms_dir);
1015 	int   lib_dir_len;
1016 	int   i, count;
1017 
1018 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s",
1019 		&lib_dir, &lib_dir_len) == FAILURE) {
1020 		return;
1021 	}
1022 
1023 	array_init(return_value);
1024 	modules = mcrypt_list_algorithms(lib_dir, &count);
1025 
1026 	if (count == 0) {
1027 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "No algorithms found in module dir");
1028 	}
1029 	for (i = 0; i < count; i++) {
1030 		add_index_string(return_value, i, modules[i], 1);
1031 	}
1032 	mcrypt_free_p(modules, count);
1033 }
1034 /* }}} */
1035 
1036 /* {{{ proto array mcrypt_list_modes([string lib_dir])
1037    List all modes "module_dir" */
PHP_FUNCTION(mcrypt_list_modes)1038 PHP_FUNCTION(mcrypt_list_modes)
1039 {
1040 	char **modules;
1041 	char *lib_dir = MCG(modes_dir);
1042 	int   lib_dir_len;
1043 	int   i, count;
1044 
1045 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s",
1046 		&lib_dir, &lib_dir_len) == FAILURE) {
1047 		return;
1048 	}
1049 
1050 	array_init(return_value);
1051 	modules = mcrypt_list_modes(lib_dir, &count);
1052 
1053 	if (count == 0) {
1054 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "No modes found in module dir");
1055 	}
1056 	for (i = 0; i < count; i++) {
1057 		add_index_string(return_value, i, modules[i], 1);
1058 	}
1059 	mcrypt_free_p(modules, count);
1060 }
1061 /* }}} */
1062 
1063 /* {{{ proto int mcrypt_get_key_size(string cipher, string module)
1064    Get the key size of cipher */
PHP_FUNCTION(mcrypt_get_key_size)1065 PHP_FUNCTION(mcrypt_get_key_size)
1066 {
1067 	char *cipher;
1068 	char *module;
1069 	int   cipher_len, module_len;
1070 	char *cipher_dir_string;
1071 	char *module_dir_string;
1072 	MCRYPT td;
1073 
1074 	MCRYPT_GET_INI
1075 
1076 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss",
1077 		&cipher, &cipher_len, &module, &module_len) == FAILURE) {
1078 		return;
1079 	}
1080 
1081 	td = mcrypt_module_open(cipher, cipher_dir_string, module, module_dir_string);
1082 	if (td != MCRYPT_FAILED) {
1083 		RETVAL_LONG(mcrypt_enc_get_key_size(td));
1084 		mcrypt_module_close(td);
1085 	} else {
1086 		php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1087 		RETURN_FALSE;
1088 	}
1089 }
1090 /* }}} */
1091 
1092 /* {{{ proto int mcrypt_get_block_size(string cipher, string module)
1093    Get the key size of cipher */
PHP_FUNCTION(mcrypt_get_block_size)1094 PHP_FUNCTION(mcrypt_get_block_size)
1095 {
1096 	char *cipher;
1097 	char *module;
1098 	int   cipher_len, module_len;
1099 	char *cipher_dir_string;
1100 	char *module_dir_string;
1101 	MCRYPT td;
1102 
1103 	MCRYPT_GET_INI
1104 
1105 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss",
1106 		&cipher, &cipher_len, &module, &module_len) == FAILURE) {
1107 		return;
1108 	}
1109 
1110 	td = mcrypt_module_open(cipher, cipher_dir_string, module, module_dir_string);
1111 	if (td != MCRYPT_FAILED) {
1112 		RETVAL_LONG(mcrypt_enc_get_block_size(td));
1113 		mcrypt_module_close(td);
1114 	} else {
1115 		php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1116 		RETURN_FALSE;
1117 	}
1118 }
1119 /* }}} */
1120 
1121 /* {{{ proto int mcrypt_get_iv_size(string cipher, string module)
1122    Get the IV size of cipher (Usually the same as the blocksize) */
PHP_FUNCTION(mcrypt_get_iv_size)1123 PHP_FUNCTION(mcrypt_get_iv_size)
1124 {
1125 	char *cipher;
1126 	char *module;
1127 	int   cipher_len, module_len;
1128 	char *cipher_dir_string;
1129 	char *module_dir_string;
1130 	MCRYPT td;
1131 
1132 	MCRYPT_GET_INI
1133 
1134 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss",
1135 		&cipher, &cipher_len, &module, &module_len) == FAILURE) {
1136 		return;
1137 	}
1138 
1139 	td = mcrypt_module_open(cipher, cipher_dir_string, module, module_dir_string);
1140 	if (td != MCRYPT_FAILED) {
1141 		RETVAL_LONG(mcrypt_enc_get_iv_size(td));
1142 		mcrypt_module_close(td);
1143 	} else {
1144 		php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1145 		RETURN_FALSE;
1146 	}
1147 }
1148 /* }}} */
1149 
1150 /* {{{ proto string mcrypt_get_cipher_name(string cipher)
1151    Get the key size of cipher */
PHP_FUNCTION(mcrypt_get_cipher_name)1152 PHP_FUNCTION(mcrypt_get_cipher_name)
1153 {
1154 	char *cipher_dir_string;
1155 	char *module_dir_string;
1156 	char *cipher_name;
1157 	char *cipher;
1158 	int   cipher_len;
1159 	MCRYPT td;
1160 
1161 	MCRYPT_GET_INI
1162 
1163 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s",
1164 		&cipher, &cipher_len) == FAILURE) {
1165 		return;
1166 	}
1167 
1168 	/* The code below is actually not very nice, but I didn't see a better
1169 	 * method */
1170 	td = mcrypt_module_open(cipher, cipher_dir_string, "ecb", module_dir_string);
1171 	if (td != MCRYPT_FAILED) {
1172 		cipher_name = mcrypt_enc_get_algorithms_name(td);
1173 		mcrypt_module_close(td);
1174 		RETVAL_STRING(cipher_name,1);
1175 		mcrypt_free(cipher_name);
1176 	} else {
1177 		td = mcrypt_module_open(cipher, cipher_dir_string, "stream", module_dir_string);
1178 		if (td != MCRYPT_FAILED) {
1179 			cipher_name = mcrypt_enc_get_algorithms_name(td);
1180 			mcrypt_module_close(td);
1181 			RETVAL_STRING(cipher_name,1);
1182 			mcrypt_free(cipher_name);
1183 		} else {
1184 			php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1185 			RETURN_FALSE;
1186 		}
1187 	}
1188 }
1189 /* }}} */
1190 
php_mcrypt_do_crypt(char * cipher,const char * key,int key_len,const char * data,int data_len,char * mode,const char * iv,int iv_len,int argc,int dencrypt,zval * return_value TSRMLS_DC)1191 static void php_mcrypt_do_crypt(char* cipher, const char *key, int key_len, const char *data, int data_len, char *mode, const char *iv, int iv_len, int argc, int dencrypt, zval* return_value TSRMLS_DC) /* {{{ */
1192 {
1193 	char *cipher_dir_string;
1194 	char *module_dir_string;
1195 	int block_size, max_key_length, use_key_length, i, count, iv_size;
1196 	unsigned long int data_size;
1197 	int *key_length_sizes;
1198 	char *key_s = NULL, *iv_s;
1199 	char *data_s;
1200 	MCRYPT td;
1201 
1202 	MCRYPT_GET_INI
1203 
1204 	td = mcrypt_module_open(cipher, cipher_dir_string, mode, module_dir_string);
1205 	if (td == MCRYPT_FAILED) {
1206 		php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1207 		RETURN_FALSE;
1208 	}
1209 	/* Checking for key-length */
1210 	max_key_length = mcrypt_enc_get_key_size(td);
1211 	if (key_len > max_key_length) {
1212 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Size of key is too large for this algorithm");
1213 	}
1214 	key_length_sizes = mcrypt_enc_get_supported_key_sizes(td, &count);
1215 	if (count == 0 && key_length_sizes == NULL) { /* all lengths 1 - k_l_s = OK */
1216 		use_key_length = key_len;
1217 		key_s = emalloc(use_key_length);
1218 		memset(key_s, 0, use_key_length);
1219 		memcpy(key_s, key, use_key_length);
1220 	} else if (count == 1) {  /* only m_k_l = OK */
1221 		key_s = emalloc(key_length_sizes[0]);
1222 		memset(key_s, 0, key_length_sizes[0]);
1223 		memcpy(key_s, key, MIN(key_len, key_length_sizes[0]));
1224 		use_key_length = key_length_sizes[0];
1225 	} else { /* dertermine smallest supported key > length of requested key */
1226 		use_key_length = max_key_length; /* start with max key length */
1227 		for (i = 0; i < count; i++) {
1228 			if (key_length_sizes[i] >= key_len &&
1229 				key_length_sizes[i] < use_key_length)
1230 			{
1231 				use_key_length = key_length_sizes[i];
1232 			}
1233 		}
1234 		key_s = emalloc(use_key_length);
1235 		memset(key_s, 0, use_key_length);
1236 		memcpy(key_s, key, MIN(key_len, use_key_length));
1237 	}
1238 	mcrypt_free (key_length_sizes);
1239 
1240 	/* Check IV */
1241 	iv_s = NULL;
1242 	iv_size = mcrypt_enc_get_iv_size (td);
1243 
1244 	/* IV is required */
1245 	if (mcrypt_enc_mode_has_iv(td) == 1) {
1246 		if (argc == 5) {
1247 			if (iv_size != iv_len) {
1248 				php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_IV_WRONG_SIZE);
1249 			} else {
1250 				iv_s = emalloc(iv_size + 1);
1251 				memcpy(iv_s, iv, iv_size);
1252 			}
1253 		} else if (argc == 4) {
1254 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempt to use an empty IV, which is NOT recommend");
1255 			iv_s = emalloc(iv_size + 1);
1256 			memset(iv_s, 0, iv_size + 1);
1257 		}
1258 	}
1259 
1260 	/* Check blocksize */
1261 	if (mcrypt_enc_is_block_mode(td) == 1) { /* It's a block algorithm */
1262 		block_size = mcrypt_enc_get_block_size(td);
1263 		data_size = (((data_len - 1) / block_size) + 1) * block_size;
1264 		data_s = emalloc(data_size);
1265 		memset(data_s, 0, data_size);
1266 		memcpy(data_s, data, data_len);
1267 	} else { /* It's not a block algorithm */
1268 		data_size = data_len;
1269 		data_s = emalloc(data_size);
1270 		memset(data_s, 0, data_size);
1271 		memcpy(data_s, data, data_len);
1272 	}
1273 
1274 	if (mcrypt_generic_init(td, key_s, use_key_length, iv_s) < 0) {
1275 		php_error_docref(NULL TSRMLS_CC, E_RECOVERABLE_ERROR, "Mcrypt initialisation failed");
1276 		RETURN_FALSE;
1277 	}
1278 	if (dencrypt == MCRYPT_ENCRYPT) {
1279 		mcrypt_generic(td, data_s, data_size);
1280 	} else {
1281 		mdecrypt_generic(td, data_s, data_size);
1282 	}
1283 
1284 	RETVAL_STRINGL(data_s, data_size, 1);
1285 
1286 	/* freeing vars */
1287 	mcrypt_generic_end(td);
1288 	if (key_s != NULL) {
1289 		efree (key_s);
1290 	}
1291 	if (iv_s != NULL) {
1292 		efree (iv_s);
1293 	}
1294 	efree (data_s);
1295 }
1296 /* }}} */
1297 
1298 /* {{{ proto string mcrypt_encrypt(string cipher, string key, string data, string mode, string iv)
1299    OFB crypt/decrypt data using key key with cipher cipher starting with iv */
PHP_FUNCTION(mcrypt_encrypt)1300 PHP_FUNCTION(mcrypt_encrypt)
1301 {
1302 	zval **mode;
1303 	char *cipher, *key, *data, *iv = NULL;
1304 	int cipher_len, key_len, data_len, iv_len = 0;
1305 
1306 	MCRYPT_GET_CRYPT_ARGS
1307 
1308 	convert_to_string_ex(mode);
1309 
1310 	php_mcrypt_do_crypt(cipher, key, key_len, data, data_len, Z_STRVAL_PP(mode), iv, iv_len, ZEND_NUM_ARGS(), MCRYPT_ENCRYPT, return_value TSRMLS_CC);
1311 }
1312 /* }}} */
1313 
1314 /* {{{ proto string mcrypt_decrypt(string cipher, string key, string data, string mode, string iv)
1315    OFB crypt/decrypt data using key key with cipher cipher starting with iv */
PHP_FUNCTION(mcrypt_decrypt)1316 PHP_FUNCTION(mcrypt_decrypt)
1317 {
1318 	zval **mode;
1319 	char *cipher, *key, *data, *iv = NULL;
1320 	int cipher_len, key_len, data_len, iv_len = 0;
1321 
1322 	MCRYPT_GET_CRYPT_ARGS
1323 
1324 	convert_to_string_ex(mode);
1325 
1326 	php_mcrypt_do_crypt(cipher, key, key_len, data, data_len, Z_STRVAL_PP(mode), iv, iv_len, ZEND_NUM_ARGS(), MCRYPT_DECRYPT, return_value TSRMLS_CC);
1327 }
1328 /* }}} */
1329 
1330 /* {{{ proto string mcrypt_ecb(int cipher, string key, string data, int mode, string iv)
1331    ECB crypt/decrypt data using key key with cipher cipher starting with iv */
PHP_FUNCTION(mcrypt_ecb)1332 PHP_FUNCTION(mcrypt_ecb)
1333 {
1334 	zval **mode;
1335 	char *cipher, *key, *data, *iv = NULL;
1336 	int cipher_len, key_len, data_len, iv_len = 0;
1337 
1338 	MCRYPT_GET_CRYPT_ARGS
1339 
1340 	convert_to_long_ex(mode);
1341 
1342 	php_mcrypt_do_crypt(cipher, key, key_len, data, data_len, "ecb", iv, iv_len, ZEND_NUM_ARGS(), Z_LVAL_PP(mode), return_value TSRMLS_CC);
1343 }
1344 /* }}} */
1345 
1346 /* {{{ proto string mcrypt_cbc(int cipher, string key, string data, int mode, string iv)
1347    CBC crypt/decrypt data using key key with cipher cipher starting with iv */
PHP_FUNCTION(mcrypt_cbc)1348 PHP_FUNCTION(mcrypt_cbc)
1349 {
1350 	zval **mode;
1351 	char *cipher, *key, *data, *iv = NULL;
1352 	int cipher_len, key_len, data_len, iv_len = 0;
1353 
1354 	MCRYPT_GET_CRYPT_ARGS
1355 
1356 	convert_to_long_ex(mode);
1357 
1358 	php_mcrypt_do_crypt(cipher, key, key_len, data, data_len, "cbc", iv, iv_len, ZEND_NUM_ARGS(), Z_LVAL_PP(mode), return_value TSRMLS_CC);
1359 }
1360 /* }}} */
1361 
1362 /* {{{ proto string mcrypt_cfb(int cipher, string key, string data, int mode, string iv)
1363    CFB crypt/decrypt data using key key with cipher cipher starting with iv */
PHP_FUNCTION(mcrypt_cfb)1364 PHP_FUNCTION(mcrypt_cfb)
1365 {
1366 	zval **mode;
1367 	char *cipher, *key, *data, *iv = NULL;
1368 	int cipher_len, key_len, data_len, iv_len = 0;
1369 
1370 	MCRYPT_GET_CRYPT_ARGS
1371 
1372 	convert_to_long_ex(mode);
1373 
1374 	php_mcrypt_do_crypt(cipher, key, key_len, data, data_len, "cfb", iv, iv_len, ZEND_NUM_ARGS(), Z_LVAL_PP(mode), return_value TSRMLS_CC);
1375 }
1376 /* }}} */
1377 
1378 /* {{{ proto string mcrypt_ofb(int cipher, string key, string data, int mode, string iv)
1379    OFB crypt/decrypt data using key key with cipher cipher starting with iv */
PHP_FUNCTION(mcrypt_ofb)1380 PHP_FUNCTION(mcrypt_ofb)
1381 {
1382 	zval **mode;
1383 	char *cipher, *key, *data, *iv = NULL;
1384 	int cipher_len, key_len, data_len, iv_len = 0;
1385 
1386 	MCRYPT_GET_CRYPT_ARGS
1387 
1388 	convert_to_long_ex(mode);
1389 
1390 	php_mcrypt_do_crypt(cipher, key, key_len, data, data_len, "ofb", iv, iv_len, ZEND_NUM_ARGS(), Z_LVAL_PP(mode), return_value TSRMLS_CC);
1391 }
1392 /* }}} */
1393 
1394 /* {{{ proto string mcrypt_create_iv(int size, int source)
1395    Create an initialization vector (IV) */
PHP_FUNCTION(mcrypt_create_iv)1396 PHP_FUNCTION(mcrypt_create_iv)
1397 {
1398 	char *iv;
1399 	long source = RANDOM;
1400 	long size;
1401 	int n = 0;
1402 
1403 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l|l", &size, &source) == FAILURE) {
1404 		return;
1405 	}
1406 
1407 	if (size <= 0 || size >= INT_MAX) {
1408 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot create an IV with a size of less than 1 or greater than %d", INT_MAX);
1409 		RETURN_FALSE;
1410 	}
1411 
1412 	iv = ecalloc(size + 1, 1);
1413 
1414 	if (source == RANDOM || source == URANDOM) {
1415 #if PHP_WIN32
1416 		/* random/urandom equivalent on Windows */
1417 		BYTE *iv_b = (BYTE *) iv;
1418 		if (php_win32_get_random_bytes(iv_b, (size_t) size) == FAILURE){
1419 			efree(iv);
1420 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not gather sufficient random data");
1421 			RETURN_FALSE;
1422 		}
1423 		n = size;
1424 #else
1425 		int    *fd = &MCG(fd[source]);
1426 		size_t read_bytes = 0;
1427 
1428 		if (*fd < 0) {
1429 			*fd = open(source == RANDOM ? "/dev/random" : "/dev/urandom", O_RDONLY);
1430 			if (*fd < 0) {
1431 				efree(iv);
1432 				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot open source device");
1433 				RETURN_FALSE;
1434 			}
1435 		}
1436 
1437 		while (read_bytes < size) {
1438 			n = read(*fd, iv + read_bytes, size - read_bytes);
1439 			if (n < 0) {
1440 				break;
1441 			}
1442 			read_bytes += n;
1443 		}
1444 		n = read_bytes;
1445 
1446 		if (n < size) {
1447 			efree(iv);
1448 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not gather sufficient random data");
1449 			RETURN_FALSE;
1450 		}
1451 #endif
1452 	} else {
1453 		n = size;
1454 		while (size) {
1455 			iv[--size] = (char) (255.0 * php_rand(TSRMLS_C) / RAND_MAX);
1456 		}
1457 	}
1458 	RETURN_STRINGL(iv, n, 0);
1459 }
1460 /* }}} */
1461 
1462 #endif
1463 
1464 /*
1465  * Local variables:
1466  * tab-width: 4
1467  * c-basic-offset: 4
1468  * End:
1469  * vim600: sw=4 ts=4 fdm=marker
1470  * vim<600: sw=4 ts=4
1471  */
1472