1 /*
2 +----------------------------------------------------------------------+
3 | PHP Version 5 |
4 +----------------------------------------------------------------------+
5 | Copyright (c) 1997-2016 The PHP Group |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 3.01 of the PHP license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.php.net/license/3_01.txt |
11 | If you did not receive a copy of the PHP license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@php.net so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Sascha Schumann <sascha@schumann.cx> |
16 | Derick Rethans <derick@derickrethans.nl> |
17 +----------------------------------------------------------------------+
18 */
19 /* $Id$ */
20
21 #ifdef HAVE_CONFIG_H
22 #include "config.h"
23 #endif
24
25 #include "php.h"
26
27 #if HAVE_LIBMCRYPT
28
29 #if PHP_WIN32
30 # include "win32/winutil.h"
31 #endif
32
33 #include "php_mcrypt.h"
34 #include "fcntl.h"
35
36 #define NON_FREE
37 #define MCRYPT2
38 #include "mcrypt.h"
39 #include "php_ini.h"
40 #include "php_globals.h"
41 #include "ext/standard/info.h"
42 #include "ext/standard/php_rand.h"
43 #include "ext/standard/php_smart_str.h"
44 #include "php_mcrypt_filter.h"
45
46 static int le_mcrypt;
47
48 typedef struct _php_mcrypt {
49 MCRYPT td;
50 zend_bool init;
51 } php_mcrypt;
52
53 /* {{{ arginfo */
54 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_open, 0, 0, 4)
55 ZEND_ARG_INFO(0, cipher)
56 ZEND_ARG_INFO(0, cipher_directory)
57 ZEND_ARG_INFO(0, mode)
58 ZEND_ARG_INFO(0, mode_directory)
59 ZEND_END_ARG_INFO()
60
61 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_generic_init, 0, 0, 3)
62 ZEND_ARG_INFO(0, td)
63 ZEND_ARG_INFO(0, key)
64 ZEND_ARG_INFO(0, iv)
65 ZEND_END_ARG_INFO()
66
67 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_generic, 0, 0, 2)
68 ZEND_ARG_INFO(0, td)
69 ZEND_ARG_INFO(0, data)
70 ZEND_END_ARG_INFO()
71
72 ZEND_BEGIN_ARG_INFO_EX(arginfo_mdecrypt_generic, 0, 0, 2)
73 ZEND_ARG_INFO(0, td)
74 ZEND_ARG_INFO(0, data)
75 ZEND_END_ARG_INFO()
76
77 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_supported_key_sizes, 0, 0, 1)
78 ZEND_ARG_INFO(0, td)
79 ZEND_END_ARG_INFO()
80
81 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_self_test, 0, 0, 1)
82 ZEND_ARG_INFO(0, td)
83 ZEND_END_ARG_INFO()
84
85 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_close, 0, 0, 1)
86 ZEND_ARG_INFO(0, td)
87 ZEND_END_ARG_INFO()
88
89 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_generic_deinit, 0, 0, 1)
90 ZEND_ARG_INFO(0, td)
91 ZEND_END_ARG_INFO()
92
93 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_is_block_algorithm_mode, 0, 0, 1)
94 ZEND_ARG_INFO(0, td)
95 ZEND_END_ARG_INFO()
96
97 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_is_block_algorithm, 0, 0, 1)
98 ZEND_ARG_INFO(0, td)
99 ZEND_END_ARG_INFO()
100
101 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_is_block_mode, 0, 0, 1)
102 ZEND_ARG_INFO(0, td)
103 ZEND_END_ARG_INFO()
104
105 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_block_size, 0, 0, 1)
106 ZEND_ARG_INFO(0, td)
107 ZEND_END_ARG_INFO()
108
109 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_key_size, 0, 0, 1)
110 ZEND_ARG_INFO(0, td)
111 ZEND_END_ARG_INFO()
112
113 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_iv_size, 0, 0, 1)
114 ZEND_ARG_INFO(0, td)
115 ZEND_END_ARG_INFO()
116
117 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_algorithms_name, 0, 0, 1)
118 ZEND_ARG_INFO(0, td)
119 ZEND_END_ARG_INFO()
120
121 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_modes_name, 0, 0, 1)
122 ZEND_ARG_INFO(0, td)
123 ZEND_END_ARG_INFO()
124
125 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_self_test, 0, 0, 1)
126 ZEND_ARG_INFO(0, algorithm)
127 ZEND_ARG_INFO(0, lib_dir)
128 ZEND_END_ARG_INFO()
129
130 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_is_block_algorithm_mode, 0, 0, 1)
131 ZEND_ARG_INFO(0, mode)
132 ZEND_ARG_INFO(0, lib_dir)
133 ZEND_END_ARG_INFO()
134
135 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_is_block_algorithm, 0, 0, 1)
136 ZEND_ARG_INFO(0, algorithm)
137 ZEND_ARG_INFO(0, lib_dir)
138 ZEND_END_ARG_INFO()
139
140 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_is_block_mode, 0, 0, 1)
141 ZEND_ARG_INFO(0, mode)
142 ZEND_ARG_INFO(0, lib_dir)
143 ZEND_END_ARG_INFO()
144
145 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_get_algo_block_size, 0, 0, 1)
146 ZEND_ARG_INFO(0, algorithm)
147 ZEND_ARG_INFO(0, lib_dir)
148 ZEND_END_ARG_INFO()
149
150 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_get_algo_key_size, 0, 0, 1)
151 ZEND_ARG_INFO(0, algorithm)
152 ZEND_ARG_INFO(0, lib_dir)
153 ZEND_END_ARG_INFO()
154
155 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_get_supported_key_sizes, 0, 0, 1)
156 ZEND_ARG_INFO(0, algorithm)
157 ZEND_ARG_INFO(0, lib_dir)
158 ZEND_END_ARG_INFO()
159
160 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_list_algorithms, 0, 0, 0)
161 ZEND_ARG_INFO(0, lib_dir)
162 ZEND_END_ARG_INFO()
163
164 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_list_modes, 0, 0, 0)
165 ZEND_ARG_INFO(0, lib_dir)
166 ZEND_END_ARG_INFO()
167
168 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_get_key_size, 0, 0, 2)
169 ZEND_ARG_INFO(0, cipher)
170 ZEND_ARG_INFO(0, module)
171 ZEND_END_ARG_INFO()
172
173 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_get_block_size, 0, 0, 2)
174 ZEND_ARG_INFO(0, cipher)
175 ZEND_ARG_INFO(0, module)
176 ZEND_END_ARG_INFO()
177
178 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_get_iv_size, 0, 0, 2)
179 ZEND_ARG_INFO(0, cipher)
180 ZEND_ARG_INFO(0, module)
181 ZEND_END_ARG_INFO()
182
183 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_get_cipher_name, 0, 0, 1)
184 ZEND_ARG_INFO(0, cipher)
185 ZEND_END_ARG_INFO()
186
187 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_encrypt, 0, 0, 5)
188 ZEND_ARG_INFO(0, cipher)
189 ZEND_ARG_INFO(0, key)
190 ZEND_ARG_INFO(0, data)
191 ZEND_ARG_INFO(0, mode)
192 ZEND_ARG_INFO(0, iv)
193 ZEND_END_ARG_INFO()
194
195 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_decrypt, 0, 0, 5)
196 ZEND_ARG_INFO(0, cipher)
197 ZEND_ARG_INFO(0, key)
198 ZEND_ARG_INFO(0, data)
199 ZEND_ARG_INFO(0, mode)
200 ZEND_ARG_INFO(0, iv)
201 ZEND_END_ARG_INFO()
202
203 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_ecb, 0, 0, 5)
204 ZEND_ARG_INFO(0, cipher)
205 ZEND_ARG_INFO(0, key)
206 ZEND_ARG_INFO(0, data)
207 ZEND_ARG_INFO(0, mode)
208 ZEND_ARG_INFO(0, iv)
209 ZEND_END_ARG_INFO()
210
211 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_cbc, 0, 0, 5)
212 ZEND_ARG_INFO(0, cipher)
213 ZEND_ARG_INFO(0, key)
214 ZEND_ARG_INFO(0, data)
215 ZEND_ARG_INFO(0, mode)
216 ZEND_ARG_INFO(0, iv)
217 ZEND_END_ARG_INFO()
218
219 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_cfb, 0, 0, 5)
220 ZEND_ARG_INFO(0, cipher)
221 ZEND_ARG_INFO(0, key)
222 ZEND_ARG_INFO(0, data)
223 ZEND_ARG_INFO(0, mode)
224 ZEND_ARG_INFO(0, iv)
225 ZEND_END_ARG_INFO()
226
227 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_ofb, 0, 0, 5)
228 ZEND_ARG_INFO(0, cipher)
229 ZEND_ARG_INFO(0, key)
230 ZEND_ARG_INFO(0, data)
231 ZEND_ARG_INFO(0, mode)
232 ZEND_ARG_INFO(0, iv)
233 ZEND_END_ARG_INFO()
234
235 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_create_iv, 0, 0, 1)
236 ZEND_ARG_INFO(0, size)
237 ZEND_ARG_INFO(0, source)
238 ZEND_END_ARG_INFO()
239 /* }}} */
240
241 const zend_function_entry mcrypt_functions[] = { /* {{{ */
242 PHP_DEP_FE(mcrypt_ecb, arginfo_mcrypt_ecb)
243 PHP_DEP_FE(mcrypt_cbc, arginfo_mcrypt_cbc)
244 PHP_DEP_FE(mcrypt_cfb, arginfo_mcrypt_cfb)
245 PHP_DEP_FE(mcrypt_ofb, arginfo_mcrypt_ofb)
246 PHP_FE(mcrypt_get_key_size, arginfo_mcrypt_get_key_size)
247 PHP_FE(mcrypt_get_block_size, arginfo_mcrypt_get_block_size)
248 PHP_FE(mcrypt_get_cipher_name, arginfo_mcrypt_get_cipher_name)
249 PHP_FE(mcrypt_create_iv, arginfo_mcrypt_create_iv)
250
251 PHP_FE(mcrypt_list_algorithms, arginfo_mcrypt_list_algorithms)
252 PHP_FE(mcrypt_list_modes, arginfo_mcrypt_list_modes)
253 PHP_FE(mcrypt_get_iv_size, arginfo_mcrypt_get_iv_size)
254 PHP_FE(mcrypt_encrypt, arginfo_mcrypt_encrypt)
255 PHP_FE(mcrypt_decrypt, arginfo_mcrypt_decrypt)
256
257 PHP_FE(mcrypt_module_open, arginfo_mcrypt_module_open)
258 PHP_FE(mcrypt_generic_init, arginfo_mcrypt_generic_init)
259 PHP_FE(mcrypt_generic, arginfo_mcrypt_generic)
260 PHP_FE(mdecrypt_generic, arginfo_mdecrypt_generic)
261 PHP_DEP_FALIAS(mcrypt_generic_end, mcrypt_generic_deinit, arginfo_mcrypt_generic_deinit)
262 PHP_FE(mcrypt_generic_deinit, arginfo_mcrypt_generic_deinit)
263
264 PHP_FE(mcrypt_enc_self_test, arginfo_mcrypt_enc_self_test)
265 PHP_FE(mcrypt_enc_is_block_algorithm_mode, arginfo_mcrypt_enc_is_block_algorithm_mode)
266 PHP_FE(mcrypt_enc_is_block_algorithm, arginfo_mcrypt_enc_is_block_algorithm)
267 PHP_FE(mcrypt_enc_is_block_mode, arginfo_mcrypt_enc_is_block_mode)
268 PHP_FE(mcrypt_enc_get_block_size, arginfo_mcrypt_enc_get_block_size)
269 PHP_FE(mcrypt_enc_get_key_size, arginfo_mcrypt_enc_get_key_size)
270 PHP_FE(mcrypt_enc_get_supported_key_sizes, arginfo_mcrypt_enc_get_supported_key_sizes)
271 PHP_FE(mcrypt_enc_get_iv_size, arginfo_mcrypt_enc_get_iv_size)
272 PHP_FE(mcrypt_enc_get_algorithms_name, arginfo_mcrypt_enc_get_algorithms_name)
273 PHP_FE(mcrypt_enc_get_modes_name, arginfo_mcrypt_enc_get_modes_name)
274 PHP_FE(mcrypt_module_self_test, arginfo_mcrypt_module_self_test)
275
276 PHP_FE(mcrypt_module_is_block_algorithm_mode, arginfo_mcrypt_module_is_block_algorithm_mode)
277 PHP_FE(mcrypt_module_is_block_algorithm, arginfo_mcrypt_module_is_block_algorithm)
278 PHP_FE(mcrypt_module_is_block_mode, arginfo_mcrypt_module_is_block_mode)
279 PHP_FE(mcrypt_module_get_algo_block_size, arginfo_mcrypt_module_get_algo_block_size)
280 PHP_FE(mcrypt_module_get_algo_key_size, arginfo_mcrypt_module_get_algo_key_size)
281 PHP_FE(mcrypt_module_get_supported_key_sizes, arginfo_mcrypt_module_get_supported_key_sizes)
282
283 PHP_FE(mcrypt_module_close, arginfo_mcrypt_module_close)
284 PHP_FE_END
285 };
286 /* }}} */
287
288 static PHP_MINFO_FUNCTION(mcrypt);
289 static PHP_MINIT_FUNCTION(mcrypt);
290 static PHP_MSHUTDOWN_FUNCTION(mcrypt);
291 static PHP_GINIT_FUNCTION(mcrypt);
292 static PHP_GSHUTDOWN_FUNCTION(mcrypt);
293
294 ZEND_DECLARE_MODULE_GLOBALS(mcrypt)
295
296 zend_module_entry mcrypt_module_entry = {
297 STANDARD_MODULE_HEADER,
298 "mcrypt",
299 mcrypt_functions,
300 PHP_MINIT(mcrypt), PHP_MSHUTDOWN(mcrypt),
301 NULL, NULL,
302 PHP_MINFO(mcrypt),
303 NO_VERSION_YET,
304 PHP_MODULE_GLOBALS(mcrypt),
305 PHP_GINIT(mcrypt),
306 PHP_GSHUTDOWN(mcrypt),
307 NULL,
308 STANDARD_MODULE_PROPERTIES_EX
309 };
310
311 #ifdef COMPILE_DL_MCRYPT
312 ZEND_GET_MODULE(mcrypt)
313 #endif
314
315 #define MCRYPT_ENCRYPT 0
316 #define MCRYPT_DECRYPT 1
317
318 typedef enum {
319 RANDOM = 0,
320 URANDOM,
321 RAND
322 } iv_source;
323
324 #define MCRYPT_GET_INI \
325 cipher_dir_string = MCG(algorithms_dir); \
326 module_dir_string = MCG(modes_dir);
327
328 /*
329 * #warning is not ANSI C
330 * #warning Invalidate resource if the param count is wrong, or other problems
331 * #warning occurred during functions.
332 */
333
334 #define MCRYPT_GET_CRYPT_ARGS \
335 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sssZ|s", \
336 &cipher, &cipher_len, &key, &key_len, &data, &data_len, &mode, &iv, &iv_len) == FAILURE) { \
337 return; \
338 }
339
340 #define MCRYPT_GET_TD_ARG \
341 zval *mcryptind; \
342 php_mcrypt *pm; \
343 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "r", &mcryptind) == FAILURE) { \
344 return; \
345 } \
346 ZEND_FETCH_RESOURCE (pm, php_mcrypt *, &mcryptind, -1, "MCrypt", le_mcrypt);
347
348 #define MCRYPT_GET_MODE_DIR_ARGS(DIRECTORY) \
349 char *dir = NULL; \
350 int dir_len; \
351 char *module; \
352 int module_len; \
353 if (zend_parse_parameters (ZEND_NUM_ARGS() TSRMLS_CC, \
354 "s|s", &module, &module_len, &dir, &dir_len) == FAILURE) { \
355 return; \
356 }
357
358 #define MCRYPT_OPEN_MODULE_FAILED "Module initialization failed"
359
360 #define MCRYPT_ENTRY2_2_4(a,b) REGISTER_STRING_CONSTANT("MCRYPT_" #a, b, CONST_PERSISTENT)
361 #define MCRYPT_ENTRY2_4(a) MCRYPT_ENTRY_NAMED(a, a)
362
363 #define PHP_MCRYPT_INIT_CHECK \
364 if (!pm->init) { \
365 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Operation disallowed prior to mcrypt_generic_init()."); \
366 RETURN_FALSE; \
367 } \
368
369 PHP_INI_BEGIN()
370 STD_PHP_INI_ENTRY("mcrypt.algorithms_dir", NULL, PHP_INI_ALL, OnUpdateString, algorithms_dir, zend_mcrypt_globals, mcrypt_globals)
371 STD_PHP_INI_ENTRY("mcrypt.modes_dir", NULL, PHP_INI_ALL, OnUpdateString, modes_dir, zend_mcrypt_globals, mcrypt_globals)
PHP_INI_END()372 PHP_INI_END()
373
374 static void php_mcrypt_module_dtor(zend_rsrc_list_entry *rsrc TSRMLS_DC) /* {{{ */
375 {
376 php_mcrypt *pm = (php_mcrypt *) rsrc->ptr;
377 if (pm) {
378 mcrypt_generic_deinit(pm->td);
379 mcrypt_module_close(pm->td);
380 efree(pm);
381 pm = NULL;
382 }
383 }
384 /* }}} */
385
PHP_GINIT_FUNCTION(mcrypt)386 static PHP_GINIT_FUNCTION(mcrypt)
387 {
388 mcrypt_globals->fd[RANDOM] = -1;
389 mcrypt_globals->fd[URANDOM] = -1;
390 }
391
PHP_GSHUTDOWN_FUNCTION(mcrypt)392 static PHP_GSHUTDOWN_FUNCTION(mcrypt)
393 {
394 if (mcrypt_globals->fd[RANDOM] > 0) {
395 close(mcrypt_globals->fd[RANDOM]);
396 mcrypt_globals->fd[RANDOM] = -1;
397 }
398
399 if (mcrypt_globals->fd[URANDOM] > 0) {
400 close(mcrypt_globals->fd[URANDOM]);
401 mcrypt_globals->fd[URANDOM] = -1;
402 }
403 }
404
PHP_MINIT_FUNCTION(mcrypt)405 static PHP_MINIT_FUNCTION(mcrypt) /* {{{ */
406 {
407 le_mcrypt = zend_register_list_destructors_ex(php_mcrypt_module_dtor, NULL, "mcrypt", module_number);
408
409 /* modes for mcrypt_??? routines */
410 REGISTER_LONG_CONSTANT("MCRYPT_ENCRYPT", 0, CONST_PERSISTENT);
411 REGISTER_LONG_CONSTANT("MCRYPT_DECRYPT", 1, CONST_PERSISTENT);
412
413 /* sources for mcrypt_create_iv */
414 REGISTER_LONG_CONSTANT("MCRYPT_DEV_RANDOM", RANDOM, CONST_PERSISTENT);
415 REGISTER_LONG_CONSTANT("MCRYPT_DEV_URANDOM", URANDOM, CONST_PERSISTENT);
416 REGISTER_LONG_CONSTANT("MCRYPT_RAND", RAND, CONST_PERSISTENT);
417
418 /* ciphers */
419 MCRYPT_ENTRY2_2_4(3DES, "tripledes");
420 MCRYPT_ENTRY2_2_4(ARCFOUR_IV, "arcfour-iv");
421 MCRYPT_ENTRY2_2_4(ARCFOUR, "arcfour");
422 MCRYPT_ENTRY2_2_4(BLOWFISH, "blowfish");
423 MCRYPT_ENTRY2_2_4(BLOWFISH_COMPAT, "blowfish-compat");
424 MCRYPT_ENTRY2_2_4(CAST_128, "cast-128");
425 MCRYPT_ENTRY2_2_4(CAST_256, "cast-256");
426 MCRYPT_ENTRY2_2_4(CRYPT, "crypt");
427 MCRYPT_ENTRY2_2_4(DES, "des");
428 MCRYPT_ENTRY2_2_4(ENIGNA, "crypt");
429 MCRYPT_ENTRY2_2_4(GOST, "gost");
430 MCRYPT_ENTRY2_2_4(LOKI97, "loki97");
431 MCRYPT_ENTRY2_2_4(PANAMA, "panama");
432 MCRYPT_ENTRY2_2_4(RC2, "rc2");
433 MCRYPT_ENTRY2_2_4(RIJNDAEL_128, "rijndael-128");
434 MCRYPT_ENTRY2_2_4(RIJNDAEL_192, "rijndael-192");
435 MCRYPT_ENTRY2_2_4(RIJNDAEL_256, "rijndael-256");
436 MCRYPT_ENTRY2_2_4(SAFER64, "safer-sk64");
437 MCRYPT_ENTRY2_2_4(SAFER128, "safer-sk128");
438 MCRYPT_ENTRY2_2_4(SAFERPLUS, "saferplus");
439 MCRYPT_ENTRY2_2_4(SERPENT, "serpent");
440 MCRYPT_ENTRY2_2_4(THREEWAY, "threeway");
441 MCRYPT_ENTRY2_2_4(TRIPLEDES, "tripledes");
442 MCRYPT_ENTRY2_2_4(TWOFISH, "twofish");
443 MCRYPT_ENTRY2_2_4(WAKE, "wake");
444 MCRYPT_ENTRY2_2_4(XTEA, "xtea");
445
446 MCRYPT_ENTRY2_2_4(IDEA, "idea");
447 MCRYPT_ENTRY2_2_4(MARS, "mars");
448 MCRYPT_ENTRY2_2_4(RC6, "rc6");
449 MCRYPT_ENTRY2_2_4(SKIPJACK, "skipjack");
450 /* modes */
451 MCRYPT_ENTRY2_2_4(MODE_CBC, "cbc");
452 MCRYPT_ENTRY2_2_4(MODE_CFB, "cfb");
453 MCRYPT_ENTRY2_2_4(MODE_ECB, "ecb");
454 MCRYPT_ENTRY2_2_4(MODE_NOFB, "nofb");
455 MCRYPT_ENTRY2_2_4(MODE_OFB, "ofb");
456 MCRYPT_ENTRY2_2_4(MODE_STREAM, "stream");
457 REGISTER_INI_ENTRIES();
458
459 php_stream_filter_register_factory("mcrypt.*", &php_mcrypt_filter_factory TSRMLS_CC);
460 php_stream_filter_register_factory("mdecrypt.*", &php_mcrypt_filter_factory TSRMLS_CC);
461
462 return SUCCESS;
463 }
464 /* }}} */
465
PHP_MSHUTDOWN_FUNCTION(mcrypt)466 static PHP_MSHUTDOWN_FUNCTION(mcrypt) /* {{{ */
467 {
468 php_stream_filter_unregister_factory("mcrypt.*" TSRMLS_CC);
469 php_stream_filter_unregister_factory("mdecrypt.*" TSRMLS_CC);
470
471 UNREGISTER_INI_ENTRIES();
472 return SUCCESS;
473 }
474 /* }}} */
475
476 #include "ext/standard/php_smart_str.h"
477
PHP_MINFO_FUNCTION(mcrypt)478 PHP_MINFO_FUNCTION(mcrypt) /* {{{ */
479 {
480 char **modules;
481 char mcrypt_api_no[16];
482 int i, count;
483 smart_str tmp1 = {0};
484 smart_str tmp2 = {0};
485
486 modules = mcrypt_list_algorithms(MCG(algorithms_dir), &count);
487 if (count == 0) {
488 smart_str_appends(&tmp1, "none");
489 }
490 for (i = 0; i < count; i++) {
491 smart_str_appends(&tmp1, modules[i]);
492 smart_str_appendc(&tmp1, ' ');
493 }
494 smart_str_0(&tmp1);
495 mcrypt_free_p(modules, count);
496
497 modules = mcrypt_list_modes(MCG(modes_dir), &count);
498 if (count == 0) {
499 smart_str_appends(&tmp2, "none");
500 }
501 for (i = 0; i < count; i++) {
502 smart_str_appends(&tmp2, modules[i]);
503 smart_str_appendc(&tmp2, ' ');
504 }
505 smart_str_0 (&tmp2);
506 mcrypt_free_p (modules, count);
507
508 snprintf (mcrypt_api_no, 16, "%d", MCRYPT_API_VERSION);
509
510 php_info_print_table_start();
511 php_info_print_table_header(2, "mcrypt support", "enabled");
512 php_info_print_table_header(2, "mcrypt_filter support", "enabled");
513 php_info_print_table_row(2, "Version", LIBMCRYPT_VERSION);
514 php_info_print_table_row(2, "Api No", mcrypt_api_no);
515 php_info_print_table_row(2, "Supported ciphers", tmp1.c);
516 php_info_print_table_row(2, "Supported modes", tmp2.c);
517 smart_str_free(&tmp1);
518 smart_str_free(&tmp2);
519 php_info_print_table_end();
520
521 DISPLAY_INI_ENTRIES();
522 }
523 /* }}} */
524
525 /* {{{ proto resource mcrypt_module_open(string cipher, string cipher_directory, string mode, string mode_directory)
526 Opens the module of the algorithm and the mode to be used */
PHP_FUNCTION(mcrypt_module_open)527 PHP_FUNCTION(mcrypt_module_open)
528 {
529 char *cipher, *cipher_dir;
530 char *mode, *mode_dir;
531 int cipher_len, cipher_dir_len;
532 int mode_len, mode_dir_len;
533 MCRYPT td;
534 php_mcrypt *pm;
535
536 if (zend_parse_parameters (ZEND_NUM_ARGS() TSRMLS_CC, "ssss",
537 &cipher, &cipher_len, &cipher_dir, &cipher_dir_len,
538 &mode, &mode_len, &mode_dir, &mode_dir_len)) {
539 return;
540 }
541
542 td = mcrypt_module_open (
543 cipher,
544 cipher_dir_len > 0 ? cipher_dir : MCG(algorithms_dir),
545 mode,
546 mode_dir_len > 0 ? mode_dir : MCG(modes_dir)
547 );
548
549 if (td == MCRYPT_FAILED) {
550 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not open encryption module");
551 RETURN_FALSE;
552 } else {
553 pm = emalloc(sizeof(php_mcrypt));
554 pm->td = td;
555 pm->init = 0;
556 ZEND_REGISTER_RESOURCE(return_value, pm, le_mcrypt);
557 }
558 }
559 /* }}} */
560
561 /* {{{ proto int mcrypt_generic_init(resource td, string key, string iv)
562 This function initializes all buffers for the specific module */
PHP_FUNCTION(mcrypt_generic_init)563 PHP_FUNCTION(mcrypt_generic_init)
564 {
565 char *key, *iv;
566 int key_len, iv_len;
567 zval *mcryptind;
568 unsigned char *key_s, *iv_s;
569 int max_key_size, key_size, iv_size;
570 php_mcrypt *pm;
571 int result = 0;
572
573 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rss", &mcryptind, &key, &key_len, &iv, &iv_len) == FAILURE) {
574 return;
575 }
576
577 ZEND_FETCH_RESOURCE(pm, php_mcrypt *, &mcryptind, -1, "MCrypt", le_mcrypt);
578
579 max_key_size = mcrypt_enc_get_key_size(pm->td);
580 iv_size = mcrypt_enc_get_iv_size(pm->td);
581
582 if (key_len == 0) {
583 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Key size is 0");
584 }
585
586 key_s = emalloc(key_len);
587 memset(key_s, 0, key_len);
588
589 iv_s = emalloc(iv_size + 1);
590 memset(iv_s, 0, iv_size + 1);
591
592 if (key_len > max_key_size) {
593 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Key size too large; supplied length: %d, max: %d", key_len, max_key_size);
594 key_size = max_key_size;
595 } else {
596 key_size = key_len;
597 }
598 memcpy(key_s, key, key_len);
599
600 if (iv_len != iv_size) {
601 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Iv size incorrect; supplied length: %d, needed: %d", iv_len, iv_size);
602 if (iv_len > iv_size) {
603 iv_len = iv_size;
604 }
605 }
606 memcpy(iv_s, iv, iv_len);
607
608 mcrypt_generic_deinit(pm->td);
609 result = mcrypt_generic_init(pm->td, key_s, key_size, iv_s);
610
611 /* If this function fails, close the mcrypt module to prevent crashes
612 * when further functions want to access this resource */
613 if (result < 0) {
614 zend_list_delete(Z_LVAL_P(mcryptind));
615 switch (result) {
616 case -3:
617 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Key length incorrect");
618 break;
619 case -4:
620 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Memory allocation error");
621 break;
622 case -1:
623 default:
624 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown error");
625 break;
626 }
627 } else {
628 pm->init = 1;
629 }
630 RETVAL_LONG(result);
631
632 efree(iv_s);
633 efree(key_s);
634 }
635 /* }}} */
636
637 /* {{{ proto string mcrypt_generic(resource td, string data)
638 This function encrypts the plaintext */
PHP_FUNCTION(mcrypt_generic)639 PHP_FUNCTION(mcrypt_generic)
640 {
641 zval *mcryptind;
642 char *data;
643 int data_len;
644 php_mcrypt *pm;
645 char* data_s;
646 int block_size, data_size;
647
648 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs", &mcryptind, &data, &data_len) == FAILURE) {
649 return;
650 }
651
652 ZEND_FETCH_RESOURCE(pm, php_mcrypt *, &mcryptind, -1, "MCrypt", le_mcrypt);
653 PHP_MCRYPT_INIT_CHECK
654
655 if (data_len == 0) {
656 php_error_docref(NULL TSRMLS_CC, E_WARNING, "An empty string was passed");
657 RETURN_FALSE
658 }
659
660 /* Check blocksize */
661 if (mcrypt_enc_is_block_mode(pm->td) == 1) { /* It's a block algorithm */
662 block_size = mcrypt_enc_get_block_size(pm->td);
663 data_size = (((data_len - 1) / block_size) + 1) * block_size;
664 if (data_size <= 0) {
665 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Integer overflow in data size");
666 RETURN_FALSE;
667 }
668 data_s = emalloc(data_size + 1);
669 memset(data_s, 0, data_size);
670 memcpy(data_s, data, data_len);
671 } else { /* It's not a block algorithm */
672 data_size = data_len;
673 data_s = emalloc(data_size + 1);
674 memset(data_s, 0, data_size);
675 memcpy(data_s, data, data_len);
676 }
677
678 mcrypt_generic(pm->td, data_s, data_size);
679 data_s[data_size] = '\0';
680
681 RETVAL_STRINGL(data_s, data_size, 1);
682 efree(data_s);
683 }
684 /* }}} */
685
686 /* {{{ proto string mdecrypt_generic(resource td, string data)
687 This function decrypts the plaintext */
PHP_FUNCTION(mdecrypt_generic)688 PHP_FUNCTION(mdecrypt_generic)
689 {
690 zval *mcryptind;
691 char *data;
692 int data_len;
693 php_mcrypt *pm;
694 char* data_s;
695 int block_size, data_size;
696
697 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs", &mcryptind, &data, &data_len) == FAILURE) {
698 return;
699 }
700
701 ZEND_FETCH_RESOURCE(pm, php_mcrypt * , &mcryptind, -1, "MCrypt", le_mcrypt);
702 PHP_MCRYPT_INIT_CHECK
703
704 if (data_len == 0) {
705 php_error_docref(NULL TSRMLS_CC, E_WARNING, "An empty string was passed");
706 RETURN_FALSE
707 }
708
709 /* Check blocksize */
710 if (mcrypt_enc_is_block_mode(pm->td) == 1) { /* It's a block algorithm */
711 block_size = mcrypt_enc_get_block_size(pm->td);
712 data_size = (((data_len - 1) / block_size) + 1) * block_size;
713 if (data_size <= 0) {
714 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Integer overflow in data size");
715 RETURN_FALSE;
716 }
717 data_s = emalloc(data_size + 1);
718 memset(data_s, 0, data_size);
719 memcpy(data_s, data, data_len);
720 } else { /* It's not a block algorithm */
721 data_size = data_len;
722 data_s = emalloc(data_size + 1);
723 memset(data_s, 0, data_size);
724 memcpy(data_s, data, data_len);
725 }
726
727 mdecrypt_generic(pm->td, data_s, data_size);
728
729 RETVAL_STRINGL(data_s, data_size, 1);
730 efree(data_s);
731 }
732 /* }}} */
733
734 /* {{{ proto array mcrypt_enc_get_supported_key_sizes(resource td)
735 This function decrypts the crypttext */
PHP_FUNCTION(mcrypt_enc_get_supported_key_sizes)736 PHP_FUNCTION(mcrypt_enc_get_supported_key_sizes)
737 {
738 int i, count = 0;
739 int *key_sizes;
740
741 MCRYPT_GET_TD_ARG
742 array_init(return_value);
743
744 key_sizes = mcrypt_enc_get_supported_key_sizes(pm->td, &count);
745
746 for (i = 0; i < count; i++) {
747 add_index_long(return_value, i, key_sizes[i]);
748 }
749
750 mcrypt_free(key_sizes);
751 }
752 /* }}} */
753
754 /* {{{ proto int mcrypt_enc_self_test(resource td)
755 This function runs the self test on the algorithm specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_self_test)756 PHP_FUNCTION(mcrypt_enc_self_test)
757 {
758 MCRYPT_GET_TD_ARG
759 RETURN_LONG(mcrypt_enc_self_test(pm->td));
760 }
761 /* }}} */
762
763 /* {{{ proto bool mcrypt_module_close(resource td)
764 Free the descriptor td */
PHP_FUNCTION(mcrypt_module_close)765 PHP_FUNCTION(mcrypt_module_close)
766 {
767 MCRYPT_GET_TD_ARG
768 zend_list_delete(Z_LVAL_P(mcryptind));
769 RETURN_TRUE;
770 }
771 /* }}} */
772
773 /* {{{ proto bool mcrypt_generic_deinit(resource td)
774 This function terminates encrypt specified by the descriptor td */
PHP_FUNCTION(mcrypt_generic_deinit)775 PHP_FUNCTION(mcrypt_generic_deinit)
776 {
777 MCRYPT_GET_TD_ARG
778
779 if (mcrypt_generic_deinit(pm->td) < 0) {
780 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not terminate encryption specifier");
781 RETURN_FALSE
782 }
783 pm->init = 0;
784 RETURN_TRUE
785 }
786 /* }}} */
787
788 /* {{{ proto bool mcrypt_enc_is_block_algorithm_mode(resource td)
789 Returns TRUE if the mode is for use with block algorithms */
PHP_FUNCTION(mcrypt_enc_is_block_algorithm_mode)790 PHP_FUNCTION(mcrypt_enc_is_block_algorithm_mode)
791 {
792 MCRYPT_GET_TD_ARG
793
794 if (mcrypt_enc_is_block_algorithm_mode(pm->td) == 1) {
795 RETURN_TRUE
796 } else {
797 RETURN_FALSE
798 }
799 }
800 /* }}} */
801
802 /* {{{ proto bool mcrypt_enc_is_block_algorithm(resource td)
803 Returns TRUE if the alrogithm is a block algorithms */
PHP_FUNCTION(mcrypt_enc_is_block_algorithm)804 PHP_FUNCTION(mcrypt_enc_is_block_algorithm)
805 {
806 MCRYPT_GET_TD_ARG
807
808 if (mcrypt_enc_is_block_algorithm(pm->td) == 1) {
809 RETURN_TRUE
810 } else {
811 RETURN_FALSE
812 }
813 }
814 /* }}} */
815
816 /* {{{ proto bool mcrypt_enc_is_block_mode(resource td)
817 Returns TRUE if the mode outputs blocks */
PHP_FUNCTION(mcrypt_enc_is_block_mode)818 PHP_FUNCTION(mcrypt_enc_is_block_mode)
819 {
820 MCRYPT_GET_TD_ARG
821
822 if (mcrypt_enc_is_block_mode(pm->td) == 1) {
823 RETURN_TRUE
824 } else {
825 RETURN_FALSE
826 }
827 }
828 /* }}} */
829
830 /* {{{ proto int mcrypt_enc_get_block_size(resource td)
831 Returns the block size of the cipher specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_block_size)832 PHP_FUNCTION(mcrypt_enc_get_block_size)
833 {
834 MCRYPT_GET_TD_ARG
835 RETURN_LONG(mcrypt_enc_get_block_size(pm->td));
836 }
837 /* }}} */
838
839 /* {{{ proto int mcrypt_enc_get_key_size(resource td)
840 Returns the maximum supported key size in bytes of the algorithm specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_key_size)841 PHP_FUNCTION(mcrypt_enc_get_key_size)
842 {
843 MCRYPT_GET_TD_ARG
844 RETURN_LONG(mcrypt_enc_get_key_size(pm->td));
845 }
846 /* }}} */
847
848 /* {{{ proto int mcrypt_enc_get_iv_size(resource td)
849 Returns the size of the IV in bytes of the algorithm specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_iv_size)850 PHP_FUNCTION(mcrypt_enc_get_iv_size)
851 {
852 MCRYPT_GET_TD_ARG
853 RETURN_LONG(mcrypt_enc_get_iv_size(pm->td));
854 }
855 /* }}} */
856
857 /* {{{ proto string mcrypt_enc_get_algorithms_name(resource td)
858 Returns the name of the algorithm specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_algorithms_name)859 PHP_FUNCTION(mcrypt_enc_get_algorithms_name)
860 {
861 char *name;
862 MCRYPT_GET_TD_ARG
863
864 name = mcrypt_enc_get_algorithms_name(pm->td);
865 RETVAL_STRING(name, 1);
866 mcrypt_free(name);
867 }
868 /* }}} */
869
870 /* {{{ proto string mcrypt_enc_get_modes_name(resource td)
871 Returns the name of the mode specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_modes_name)872 PHP_FUNCTION(mcrypt_enc_get_modes_name)
873 {
874 char *name;
875 MCRYPT_GET_TD_ARG
876
877 name = mcrypt_enc_get_modes_name(pm->td);
878 RETVAL_STRING(name, 1);
879 mcrypt_free(name);
880 }
881 /* }}} */
882
883 /* {{{ proto bool mcrypt_module_self_test(string algorithm [, string lib_dir])
884 Does a self test of the module "module" */
PHP_FUNCTION(mcrypt_module_self_test)885 PHP_FUNCTION(mcrypt_module_self_test)
886 {
887 MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir);
888
889 if (mcrypt_module_self_test(module, dir) == 0) {
890 RETURN_TRUE;
891 } else {
892 RETURN_FALSE;
893 }
894 }
895 /* }}} */
896
897 /* {{{ proto bool mcrypt_module_is_block_algorithm_mode(string mode [, string lib_dir])
898 Returns TRUE if the mode is for use with block algorithms */
PHP_FUNCTION(mcrypt_module_is_block_algorithm_mode)899 PHP_FUNCTION(mcrypt_module_is_block_algorithm_mode)
900 {
901 MCRYPT_GET_MODE_DIR_ARGS(modes_dir)
902
903 if (mcrypt_module_is_block_algorithm_mode(module, dir) == 1) {
904 RETURN_TRUE;
905 } else {
906 RETURN_FALSE;
907 }
908 }
909 /* }}} */
910
911 /* {{{ proto bool mcrypt_module_is_block_algorithm(string algorithm [, string lib_dir])
912 Returns TRUE if the algorithm is a block algorithm */
PHP_FUNCTION(mcrypt_module_is_block_algorithm)913 PHP_FUNCTION(mcrypt_module_is_block_algorithm)
914 {
915 MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir)
916
917 if (mcrypt_module_is_block_algorithm(module, dir) == 1) {
918 RETURN_TRUE;
919 } else {
920 RETURN_FALSE;
921 }
922 }
923 /* }}} */
924
925 /* {{{ proto bool mcrypt_module_is_block_mode(string mode [, string lib_dir])
926 Returns TRUE if the mode outputs blocks of bytes */
PHP_FUNCTION(mcrypt_module_is_block_mode)927 PHP_FUNCTION(mcrypt_module_is_block_mode)
928 {
929 MCRYPT_GET_MODE_DIR_ARGS(modes_dir)
930
931 if (mcrypt_module_is_block_mode(module, dir) == 1) {
932 RETURN_TRUE;
933 } else {
934 RETURN_FALSE;
935 }
936 }
937 /* }}} */
938
939 /* {{{ proto int mcrypt_module_get_algo_block_size(string algorithm [, string lib_dir])
940 Returns the block size of the algorithm */
PHP_FUNCTION(mcrypt_module_get_algo_block_size)941 PHP_FUNCTION(mcrypt_module_get_algo_block_size)
942 {
943 MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir)
944
945 RETURN_LONG(mcrypt_module_get_algo_block_size(module, dir));
946 }
947 /* }}} */
948
949 /* {{{ proto int mcrypt_module_get_algo_key_size(string algorithm [, string lib_dir])
950 Returns the maximum supported key size of the algorithm */
PHP_FUNCTION(mcrypt_module_get_algo_key_size)951 PHP_FUNCTION(mcrypt_module_get_algo_key_size)
952 {
953 MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir);
954
955 RETURN_LONG(mcrypt_module_get_algo_key_size(module, dir));
956 }
957 /* }}} */
958
959 /* {{{ proto array mcrypt_module_get_supported_key_sizes(string algorithm [, string lib_dir])
960 This function decrypts the crypttext */
PHP_FUNCTION(mcrypt_module_get_supported_key_sizes)961 PHP_FUNCTION(mcrypt_module_get_supported_key_sizes)
962 {
963 int i, count = 0;
964 int *key_sizes;
965
966 MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir)
967 array_init(return_value);
968
969 key_sizes = mcrypt_module_get_algo_supported_key_sizes(module, dir, &count);
970
971 for (i = 0; i < count; i++) {
972 add_index_long(return_value, i, key_sizes[i]);
973 }
974 mcrypt_free(key_sizes);
975 }
976 /* }}} */
977
978 /* {{{ proto array mcrypt_list_algorithms([string lib_dir])
979 List all algorithms in "module_dir" */
PHP_FUNCTION(mcrypt_list_algorithms)980 PHP_FUNCTION(mcrypt_list_algorithms)
981 {
982 char **modules;
983 char *lib_dir = MCG(algorithms_dir);
984 int lib_dir_len;
985 int i, count;
986
987 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s",
988 &lib_dir, &lib_dir_len) == FAILURE) {
989 return;
990 }
991
992 array_init(return_value);
993 modules = mcrypt_list_algorithms(lib_dir, &count);
994
995 if (count == 0) {
996 php_error_docref(NULL TSRMLS_CC, E_WARNING, "No algorithms found in module dir");
997 }
998 for (i = 0; i < count; i++) {
999 add_index_string(return_value, i, modules[i], 1);
1000 }
1001 mcrypt_free_p(modules, count);
1002 }
1003 /* }}} */
1004
1005 /* {{{ proto array mcrypt_list_modes([string lib_dir])
1006 List all modes "module_dir" */
PHP_FUNCTION(mcrypt_list_modes)1007 PHP_FUNCTION(mcrypt_list_modes)
1008 {
1009 char **modules;
1010 char *lib_dir = MCG(modes_dir);
1011 int lib_dir_len;
1012 int i, count;
1013
1014 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s",
1015 &lib_dir, &lib_dir_len) == FAILURE) {
1016 return;
1017 }
1018
1019 array_init(return_value);
1020 modules = mcrypt_list_modes(lib_dir, &count);
1021
1022 if (count == 0) {
1023 php_error_docref(NULL TSRMLS_CC, E_WARNING, "No modes found in module dir");
1024 }
1025 for (i = 0; i < count; i++) {
1026 add_index_string(return_value, i, modules[i], 1);
1027 }
1028 mcrypt_free_p(modules, count);
1029 }
1030 /* }}} */
1031
1032 /* {{{ proto int mcrypt_get_key_size(string cipher, string module)
1033 Get the key size of cipher */
PHP_FUNCTION(mcrypt_get_key_size)1034 PHP_FUNCTION(mcrypt_get_key_size)
1035 {
1036 char *cipher;
1037 char *module;
1038 int cipher_len, module_len;
1039 char *cipher_dir_string;
1040 char *module_dir_string;
1041 MCRYPT td;
1042
1043 MCRYPT_GET_INI
1044
1045 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss",
1046 &cipher, &cipher_len, &module, &module_len) == FAILURE) {
1047 return;
1048 }
1049
1050 td = mcrypt_module_open(cipher, cipher_dir_string, module, module_dir_string);
1051 if (td != MCRYPT_FAILED) {
1052 RETVAL_LONG(mcrypt_enc_get_key_size(td));
1053 mcrypt_module_close(td);
1054 } else {
1055 php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1056 RETURN_FALSE;
1057 }
1058 }
1059 /* }}} */
1060
1061 /* {{{ proto int mcrypt_get_block_size(string cipher, string module)
1062 Get the key size of cipher */
PHP_FUNCTION(mcrypt_get_block_size)1063 PHP_FUNCTION(mcrypt_get_block_size)
1064 {
1065 char *cipher;
1066 char *module;
1067 int cipher_len, module_len;
1068 char *cipher_dir_string;
1069 char *module_dir_string;
1070 MCRYPT td;
1071
1072 MCRYPT_GET_INI
1073
1074 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss",
1075 &cipher, &cipher_len, &module, &module_len) == FAILURE) {
1076 return;
1077 }
1078
1079 td = mcrypt_module_open(cipher, cipher_dir_string, module, module_dir_string);
1080 if (td != MCRYPT_FAILED) {
1081 RETVAL_LONG(mcrypt_enc_get_block_size(td));
1082 mcrypt_module_close(td);
1083 } else {
1084 php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1085 RETURN_FALSE;
1086 }
1087 }
1088 /* }}} */
1089
1090 /* {{{ proto int mcrypt_get_iv_size(string cipher, string module)
1091 Get the IV size of cipher (Usually the same as the blocksize) */
PHP_FUNCTION(mcrypt_get_iv_size)1092 PHP_FUNCTION(mcrypt_get_iv_size)
1093 {
1094 char *cipher;
1095 char *module;
1096 int cipher_len, module_len;
1097 char *cipher_dir_string;
1098 char *module_dir_string;
1099 MCRYPT td;
1100
1101 MCRYPT_GET_INI
1102
1103 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss",
1104 &cipher, &cipher_len, &module, &module_len) == FAILURE) {
1105 return;
1106 }
1107
1108 td = mcrypt_module_open(cipher, cipher_dir_string, module, module_dir_string);
1109 if (td != MCRYPT_FAILED) {
1110 RETVAL_LONG(mcrypt_enc_get_iv_size(td));
1111 mcrypt_module_close(td);
1112 } else {
1113 php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1114 RETURN_FALSE;
1115 }
1116 }
1117 /* }}} */
1118
1119 /* {{{ proto string mcrypt_get_cipher_name(string cipher)
1120 Get the key size of cipher */
PHP_FUNCTION(mcrypt_get_cipher_name)1121 PHP_FUNCTION(mcrypt_get_cipher_name)
1122 {
1123 char *cipher_dir_string;
1124 char *module_dir_string;
1125 char *cipher_name;
1126 char *cipher;
1127 int cipher_len;
1128 MCRYPT td;
1129
1130 MCRYPT_GET_INI
1131
1132 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s",
1133 &cipher, &cipher_len) == FAILURE) {
1134 return;
1135 }
1136
1137 /* The code below is actually not very nice, but I didn't see a better
1138 * method */
1139 td = mcrypt_module_open(cipher, cipher_dir_string, "ecb", module_dir_string);
1140 if (td != MCRYPT_FAILED) {
1141 cipher_name = mcrypt_enc_get_algorithms_name(td);
1142 mcrypt_module_close(td);
1143 RETVAL_STRING(cipher_name,1);
1144 mcrypt_free(cipher_name);
1145 } else {
1146 td = mcrypt_module_open(cipher, cipher_dir_string, "stream", module_dir_string);
1147 if (td != MCRYPT_FAILED) {
1148 cipher_name = mcrypt_enc_get_algorithms_name(td);
1149 mcrypt_module_close(td);
1150 RETVAL_STRING(cipher_name,1);
1151 mcrypt_free(cipher_name);
1152 } else {
1153 php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1154 RETURN_FALSE;
1155 }
1156 }
1157 }
1158 /* }}} */
1159
php_mcrypt_get_key_size_str(int max_key_size,const int * key_sizes,int key_size_count)1160 static char *php_mcrypt_get_key_size_str(
1161 int max_key_size, const int *key_sizes, int key_size_count) /* {{{ */
1162 {
1163 if (key_size_count == 0) {
1164 char *str;
1165 spprintf(&str, 0, "Only keys of size 1 to %d supported", max_key_size);
1166 return str;
1167 } else if (key_size_count == 1) {
1168 char *str;
1169 spprintf(&str, 0, "Only keys of size %d supported", key_sizes[0]);
1170 return str;
1171 } else {
1172 int i;
1173 smart_str str = {0};
1174 smart_str_appends(&str, "Only keys of sizes ");
1175
1176 for (i = 0; i < key_size_count; ++i) {
1177 if (i == key_size_count - 1) {
1178 smart_str_appends(&str, " or ");
1179 } else if (i != 0) {
1180 smart_str_appends(&str, ", ");
1181 }
1182
1183 smart_str_append_long(&str, key_sizes[i]);
1184 }
1185
1186 smart_str_appends(&str, " supported");
1187 smart_str_0(&str);
1188 return str.c;
1189 }
1190 }
1191 /* }}} */
1192
php_mcrypt_is_valid_key_size(int key_size,int max_key_size,int * key_sizes,int key_size_count)1193 static zend_bool php_mcrypt_is_valid_key_size(
1194 int key_size, int max_key_size, int *key_sizes, int key_size_count) /* {{{ */
1195 {
1196 int i;
1197
1198 if (key_size <= 0 || key_size > max_key_size) {
1199 return 0;
1200 }
1201
1202 if (key_size_count == 0) {
1203 /* All key sizes are valid */
1204 return 1;
1205 }
1206
1207 for (i = 0; i < key_size_count; i++) {
1208 if (key_sizes[i] == key_size) {
1209 return 1;
1210 }
1211 }
1212
1213 return 0;
1214 }
1215 /* }}} */
1216
php_mcrypt_ensure_valid_key_size(MCRYPT td,int key_size TSRMLS_DC)1217 static int php_mcrypt_ensure_valid_key_size(MCRYPT td, int key_size TSRMLS_DC) /* {{{ */
1218 {
1219 int key_size_count;
1220 int max_key_size = mcrypt_enc_get_key_size(td);
1221 int *key_sizes = mcrypt_enc_get_supported_key_sizes(td, &key_size_count);
1222
1223 zend_bool is_valid_key_size = php_mcrypt_is_valid_key_size(
1224 key_size, max_key_size, key_sizes, key_size_count
1225 );
1226 if (!is_valid_key_size) {
1227 char *key_size_str = php_mcrypt_get_key_size_str(
1228 max_key_size, key_sizes, key_size_count
1229 );
1230 php_error_docref(NULL TSRMLS_CC, E_WARNING,
1231 "Key of size %d not supported by this algorithm. %s", key_size, key_size_str
1232 );
1233 efree(key_size_str);
1234 }
1235
1236 if (key_sizes) {
1237 mcrypt_free(key_sizes);
1238 }
1239
1240 return is_valid_key_size ? SUCCESS : FAILURE;
1241 }
1242 /* }}} */
1243
php_mcrypt_ensure_valid_iv(MCRYPT td,const char * iv,int iv_size TSRMLS_DC)1244 static int php_mcrypt_ensure_valid_iv(MCRYPT td, const char *iv, int iv_size TSRMLS_DC) /* {{{ */
1245 {
1246 if (mcrypt_enc_mode_has_iv(td) == 1) {
1247 int expected_iv_size = mcrypt_enc_get_iv_size(td);
1248 if (expected_iv_size == 0) {
1249 /* Algorithm does not use IV, even though mode supports it */
1250 return SUCCESS;
1251 }
1252
1253 if (!iv) {
1254 php_error_docref(NULL TSRMLS_CC, E_WARNING,
1255 "Encryption mode requires an initialization vector of size %d", expected_iv_size
1256 );
1257 return FAILURE;
1258 }
1259
1260 if (iv_size != expected_iv_size) {
1261 php_error_docref(NULL TSRMLS_CC, E_WARNING,
1262 "Received initialization vector of size %d, but size %d is required "
1263 "for this encryption mode", iv_size, expected_iv_size
1264 );
1265 return FAILURE;
1266 }
1267 }
1268
1269 return SUCCESS;
1270 }
1271 /* }}} */
1272
php_mcrypt_do_crypt(char * cipher,const char * key,int key_len,const char * data,int data_len,char * mode,const char * iv,int iv_len,int dencrypt,zval * return_value TSRMLS_DC)1273 static void php_mcrypt_do_crypt(char* cipher, const char *key, int key_len, const char *data, int data_len, char *mode, const char *iv, int iv_len, int dencrypt, zval* return_value TSRMLS_DC) /* {{{ */
1274 {
1275 char *cipher_dir_string;
1276 char *module_dir_string;
1277 unsigned long int data_size;
1278 char *data_s;
1279 MCRYPT td;
1280
1281 MCRYPT_GET_INI
1282
1283 td = mcrypt_module_open(cipher, cipher_dir_string, mode, module_dir_string);
1284 if (td == MCRYPT_FAILED) {
1285 php_error_docref(NULL TSRMLS_CC, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1286 RETURN_FALSE;
1287 }
1288
1289 if (php_mcrypt_ensure_valid_key_size(td, key_len TSRMLS_CC) == FAILURE) {
1290 mcrypt_module_close(td);
1291 RETURN_FALSE;
1292 }
1293
1294 if (php_mcrypt_ensure_valid_iv(td, iv, iv_len TSRMLS_CC) == FAILURE) {
1295 mcrypt_module_close(td);
1296 RETURN_FALSE;
1297 }
1298
1299 /* Check blocksize */
1300 if (mcrypt_enc_is_block_mode(td) == 1) { /* It's a block algorithm */
1301 int block_size = mcrypt_enc_get_block_size(td);
1302 data_size = (((data_len - 1) / block_size) + 1) * block_size;
1303 data_s = emalloc(data_size + 1);
1304 memset(data_s, 0, data_size);
1305 memcpy(data_s, data, data_len);
1306 } else { /* It's not a block algorithm */
1307 data_size = data_len;
1308 data_s = emalloc(data_size + 1);
1309 memcpy(data_s, data, data_len);
1310 }
1311
1312 if (mcrypt_generic_init(td, (void *) key, key_len, (void *) iv) < 0) {
1313 efree(data_s);
1314 php_error_docref(NULL TSRMLS_CC, E_RECOVERABLE_ERROR, "Mcrypt initialisation failed");
1315 mcrypt_module_close(td);
1316 RETURN_FALSE;
1317 }
1318
1319 if (dencrypt == MCRYPT_ENCRYPT) {
1320 mcrypt_generic(td, data_s, data_size);
1321 } else {
1322 mdecrypt_generic(td, data_s, data_size);
1323 }
1324
1325 data_s[data_size] = 0;
1326 RETVAL_STRINGL(data_s, data_size, 0);
1327
1328 /* freeing vars */
1329 mcrypt_generic_end(td);
1330 }
1331 /* }}} */
1332
1333 /* {{{ proto string mcrypt_encrypt(string cipher, string key, string data, string mode, string iv)
1334 OFB crypt/decrypt data using key key with cipher cipher starting with iv */
PHP_FUNCTION(mcrypt_encrypt)1335 PHP_FUNCTION(mcrypt_encrypt)
1336 {
1337 char *cipher, *key, *data, *mode, *iv = NULL;
1338 int cipher_len, key_len, data_len, mode_len, iv_len = 0;
1339
1340 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssss|s", &cipher, &cipher_len,
1341 &key, &key_len, &data, &data_len, &mode, &mode_len, &iv, &iv_len) == FAILURE) {
1342 return;
1343 }
1344
1345 php_mcrypt_do_crypt(cipher, key, key_len, data, data_len, mode, iv, iv_len, MCRYPT_ENCRYPT, return_value TSRMLS_CC);
1346 }
1347 /* }}} */
1348
1349 /* {{{ proto string mcrypt_decrypt(string cipher, string key, string data, string mode, string iv)
1350 OFB crypt/decrypt data using key key with cipher cipher starting with iv */
PHP_FUNCTION(mcrypt_decrypt)1351 PHP_FUNCTION(mcrypt_decrypt)
1352 {
1353 char *cipher, *key, *data, *mode, *iv = NULL;
1354 int cipher_len, key_len, data_len, mode_len, iv_len = 0;
1355
1356 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssss|s", &cipher, &cipher_len,
1357 &key, &key_len, &data, &data_len, &mode, &mode_len, &iv, &iv_len) == FAILURE) {
1358 return;
1359 }
1360
1361 php_mcrypt_do_crypt(cipher, key, key_len, data, data_len, mode, iv, iv_len, MCRYPT_DECRYPT, return_value TSRMLS_CC);
1362 }
1363 /* }}} */
1364
1365 /* {{{ proto string mcrypt_ecb(int cipher, string key, string data, int mode, string iv)
1366 ECB crypt/decrypt data using key key with cipher cipher starting with iv */
PHP_FUNCTION(mcrypt_ecb)1367 PHP_FUNCTION(mcrypt_ecb)
1368 {
1369 zval **mode;
1370 char *cipher, *key, *data, *iv = NULL;
1371 int cipher_len, key_len, data_len, iv_len = 0;
1372
1373 MCRYPT_GET_CRYPT_ARGS
1374
1375 convert_to_long_ex(mode);
1376
1377 php_mcrypt_do_crypt(cipher, key, key_len, data, data_len, "ecb", iv, iv_len, Z_LVAL_PP(mode), return_value TSRMLS_CC);
1378 }
1379 /* }}} */
1380
1381 /* {{{ proto string mcrypt_cbc(int cipher, string key, string data, int mode, string iv)
1382 CBC crypt/decrypt data using key key with cipher cipher starting with iv */
PHP_FUNCTION(mcrypt_cbc)1383 PHP_FUNCTION(mcrypt_cbc)
1384 {
1385 zval **mode;
1386 char *cipher, *key, *data, *iv = NULL;
1387 int cipher_len, key_len, data_len, iv_len = 0;
1388
1389 MCRYPT_GET_CRYPT_ARGS
1390
1391 convert_to_long_ex(mode);
1392
1393 php_mcrypt_do_crypt(cipher, key, key_len, data, data_len, "cbc", iv, iv_len, Z_LVAL_PP(mode), return_value TSRMLS_CC);
1394 }
1395 /* }}} */
1396
1397 /* {{{ proto string mcrypt_cfb(int cipher, string key, string data, int mode, string iv)
1398 CFB crypt/decrypt data using key key with cipher cipher starting with iv */
PHP_FUNCTION(mcrypt_cfb)1399 PHP_FUNCTION(mcrypt_cfb)
1400 {
1401 zval **mode;
1402 char *cipher, *key, *data, *iv = NULL;
1403 int cipher_len, key_len, data_len, iv_len = 0;
1404
1405 MCRYPT_GET_CRYPT_ARGS
1406
1407 convert_to_long_ex(mode);
1408
1409 php_mcrypt_do_crypt(cipher, key, key_len, data, data_len, "cfb", iv, iv_len, Z_LVAL_PP(mode), return_value TSRMLS_CC);
1410 }
1411 /* }}} */
1412
1413 /* {{{ proto string mcrypt_ofb(int cipher, string key, string data, int mode, string iv)
1414 OFB crypt/decrypt data using key key with cipher cipher starting with iv */
PHP_FUNCTION(mcrypt_ofb)1415 PHP_FUNCTION(mcrypt_ofb)
1416 {
1417 zval **mode;
1418 char *cipher, *key, *data, *iv = NULL;
1419 int cipher_len, key_len, data_len, iv_len = 0;
1420
1421 MCRYPT_GET_CRYPT_ARGS
1422
1423 convert_to_long_ex(mode);
1424
1425 php_mcrypt_do_crypt(cipher, key, key_len, data, data_len, "ofb", iv, iv_len, Z_LVAL_PP(mode), return_value TSRMLS_CC);
1426 }
1427 /* }}} */
1428
1429 /* {{{ proto string mcrypt_create_iv(int size, int source)
1430 Create an initialization vector (IV) */
PHP_FUNCTION(mcrypt_create_iv)1431 PHP_FUNCTION(mcrypt_create_iv)
1432 {
1433 char *iv;
1434 long source = URANDOM;
1435 long size;
1436 int n = 0;
1437
1438 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "l|l", &size, &source) == FAILURE) {
1439 return;
1440 }
1441
1442 if (size <= 0 || size >= INT_MAX) {
1443 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot create an IV with a size of less than 1 or greater than %d", INT_MAX);
1444 RETURN_FALSE;
1445 }
1446
1447 iv = ecalloc(size + 1, 1);
1448
1449 if (source == RANDOM || source == URANDOM) {
1450 #if PHP_WIN32
1451 /* random/urandom equivalent on Windows */
1452 BYTE *iv_b = (BYTE *) iv;
1453 if (php_win32_get_random_bytes(iv_b, (size_t) size) == FAILURE){
1454 efree(iv);
1455 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not gather sufficient random data");
1456 RETURN_FALSE;
1457 }
1458 n = size;
1459 #else
1460 int *fd = &MCG(fd[source]);
1461 size_t read_bytes = 0;
1462
1463 if (*fd < 0) {
1464 *fd = open(source == RANDOM ? "/dev/random" : "/dev/urandom", O_RDONLY);
1465 if (*fd < 0) {
1466 efree(iv);
1467 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot open source device");
1468 RETURN_FALSE;
1469 }
1470 }
1471
1472 while (read_bytes < size) {
1473 n = read(*fd, iv + read_bytes, size - read_bytes);
1474 if (n < 0) {
1475 break;
1476 }
1477 read_bytes += n;
1478 }
1479 n = read_bytes;
1480
1481 if (n < size) {
1482 efree(iv);
1483 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not gather sufficient random data");
1484 RETURN_FALSE;
1485 }
1486 #endif
1487 } else {
1488 n = size;
1489 while (size) {
1490 iv[--size] = (char) (255.0 * php_rand(TSRMLS_C) / RAND_MAX);
1491 }
1492 }
1493 RETURN_STRINGL(iv, n, 0);
1494 }
1495 /* }}} */
1496
1497 #endif
1498
1499 /*
1500 * Local variables:
1501 * tab-width: 4
1502 * c-basic-offset: 4
1503 * End:
1504 * vim600: sw=4 ts=4 fdm=marker
1505 * vim<600: sw=4 ts=4
1506 */
1507
