1 /*
2 +----------------------------------------------------------------------+
3 | PHP Version 7 |
4 +----------------------------------------------------------------------+
5 | Copyright (c) 1997-2018 The PHP Group |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 3.01 of the PHP license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.php.net/license/3_01.txt |
11 | If you did not receive a copy of the PHP license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@php.net so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Sascha Schumann <sascha@schumann.cx> |
16 | Derick Rethans <derick@derickrethans.nl> |
17 +----------------------------------------------------------------------+
18 */
19 /* $Id$ */
20
21 #ifdef HAVE_CONFIG_H
22 #include "config.h"
23 #endif
24
25 #include "php.h"
26
27 #if HAVE_LIBMCRYPT
28
29 #ifdef PHP_WIN32
30 # include "win32/winutil.h"
31 #endif
32
33 #include "php_mcrypt.h"
34 #include "fcntl.h"
35
36 #define NON_FREE
37 #define MCRYPT2
38 #include "mcrypt.h"
39 #include "php_ini.h"
40 #include "php_globals.h"
41 #include "ext/standard/info.h"
42 #include "ext/standard/php_rand.h"
43 #include "zend_smart_str.h"
44 #include "php_mcrypt_filter.h"
45
46 static int le_mcrypt;
47
48 typedef struct _php_mcrypt {
49 MCRYPT td;
50 zend_bool init;
51 } php_mcrypt;
52
53 /* {{{ arginfo */
54 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_open, 0, 0, 4)
55 ZEND_ARG_INFO(0, cipher)
56 ZEND_ARG_INFO(0, cipher_directory)
57 ZEND_ARG_INFO(0, mode)
58 ZEND_ARG_INFO(0, mode_directory)
59 ZEND_END_ARG_INFO()
60
61 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_generic_init, 0, 0, 3)
62 ZEND_ARG_INFO(0, td)
63 ZEND_ARG_INFO(0, key)
64 ZEND_ARG_INFO(0, iv)
65 ZEND_END_ARG_INFO()
66
67 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_generic, 0, 0, 2)
68 ZEND_ARG_INFO(0, td)
69 ZEND_ARG_INFO(0, data)
70 ZEND_END_ARG_INFO()
71
72 ZEND_BEGIN_ARG_INFO_EX(arginfo_mdecrypt_generic, 0, 0, 2)
73 ZEND_ARG_INFO(0, td)
74 ZEND_ARG_INFO(0, data)
75 ZEND_END_ARG_INFO()
76
77 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_supported_key_sizes, 0, 0, 1)
78 ZEND_ARG_INFO(0, td)
79 ZEND_END_ARG_INFO()
80
81 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_self_test, 0, 0, 1)
82 ZEND_ARG_INFO(0, td)
83 ZEND_END_ARG_INFO()
84
85 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_close, 0, 0, 1)
86 ZEND_ARG_INFO(0, td)
87 ZEND_END_ARG_INFO()
88
89 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_generic_deinit, 0, 0, 1)
90 ZEND_ARG_INFO(0, td)
91 ZEND_END_ARG_INFO()
92
93 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_is_block_algorithm_mode, 0, 0, 1)
94 ZEND_ARG_INFO(0, td)
95 ZEND_END_ARG_INFO()
96
97 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_is_block_algorithm, 0, 0, 1)
98 ZEND_ARG_INFO(0, td)
99 ZEND_END_ARG_INFO()
100
101 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_is_block_mode, 0, 0, 1)
102 ZEND_ARG_INFO(0, td)
103 ZEND_END_ARG_INFO()
104
105 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_block_size, 0, 0, 1)
106 ZEND_ARG_INFO(0, td)
107 ZEND_END_ARG_INFO()
108
109 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_key_size, 0, 0, 1)
110 ZEND_ARG_INFO(0, td)
111 ZEND_END_ARG_INFO()
112
113 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_iv_size, 0, 0, 1)
114 ZEND_ARG_INFO(0, td)
115 ZEND_END_ARG_INFO()
116
117 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_algorithms_name, 0, 0, 1)
118 ZEND_ARG_INFO(0, td)
119 ZEND_END_ARG_INFO()
120
121 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_enc_get_modes_name, 0, 0, 1)
122 ZEND_ARG_INFO(0, td)
123 ZEND_END_ARG_INFO()
124
125 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_self_test, 0, 0, 1)
126 ZEND_ARG_INFO(0, algorithm)
127 ZEND_ARG_INFO(0, lib_dir)
128 ZEND_END_ARG_INFO()
129
130 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_is_block_algorithm_mode, 0, 0, 1)
131 ZEND_ARG_INFO(0, mode)
132 ZEND_ARG_INFO(0, lib_dir)
133 ZEND_END_ARG_INFO()
134
135 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_is_block_algorithm, 0, 0, 1)
136 ZEND_ARG_INFO(0, algorithm)
137 ZEND_ARG_INFO(0, lib_dir)
138 ZEND_END_ARG_INFO()
139
140 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_is_block_mode, 0, 0, 1)
141 ZEND_ARG_INFO(0, mode)
142 ZEND_ARG_INFO(0, lib_dir)
143 ZEND_END_ARG_INFO()
144
145 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_get_algo_block_size, 0, 0, 1)
146 ZEND_ARG_INFO(0, algorithm)
147 ZEND_ARG_INFO(0, lib_dir)
148 ZEND_END_ARG_INFO()
149
150 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_get_algo_key_size, 0, 0, 1)
151 ZEND_ARG_INFO(0, algorithm)
152 ZEND_ARG_INFO(0, lib_dir)
153 ZEND_END_ARG_INFO()
154
155 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_module_get_supported_key_sizes, 0, 0, 1)
156 ZEND_ARG_INFO(0, algorithm)
157 ZEND_ARG_INFO(0, lib_dir)
158 ZEND_END_ARG_INFO()
159
160 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_list_algorithms, 0, 0, 0)
161 ZEND_ARG_INFO(0, lib_dir)
162 ZEND_END_ARG_INFO()
163
164 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_list_modes, 0, 0, 0)
165 ZEND_ARG_INFO(0, lib_dir)
166 ZEND_END_ARG_INFO()
167
168 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_get_key_size, 0, 0, 2)
169 ZEND_ARG_INFO(0, cipher)
170 ZEND_ARG_INFO(0, module)
171 ZEND_END_ARG_INFO()
172
173 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_get_block_size, 0, 0, 2)
174 ZEND_ARG_INFO(0, cipher)
175 ZEND_ARG_INFO(0, module)
176 ZEND_END_ARG_INFO()
177
178 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_get_iv_size, 0, 0, 2)
179 ZEND_ARG_INFO(0, cipher)
180 ZEND_ARG_INFO(0, module)
181 ZEND_END_ARG_INFO()
182
183 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_get_cipher_name, 0, 0, 1)
184 ZEND_ARG_INFO(0, cipher)
185 ZEND_END_ARG_INFO()
186
187 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_encrypt, 0, 0, 5)
188 ZEND_ARG_INFO(0, cipher)
189 ZEND_ARG_INFO(0, key)
190 ZEND_ARG_INFO(0, data)
191 ZEND_ARG_INFO(0, mode)
192 ZEND_ARG_INFO(0, iv)
193 ZEND_END_ARG_INFO()
194
195 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_decrypt, 0, 0, 5)
196 ZEND_ARG_INFO(0, cipher)
197 ZEND_ARG_INFO(0, key)
198 ZEND_ARG_INFO(0, data)
199 ZEND_ARG_INFO(0, mode)
200 ZEND_ARG_INFO(0, iv)
201 ZEND_END_ARG_INFO()
202
203 ZEND_BEGIN_ARG_INFO_EX(arginfo_mcrypt_create_iv, 0, 0, 1)
204 ZEND_ARG_INFO(0, size)
205 ZEND_ARG_INFO(0, source)
206 ZEND_END_ARG_INFO()
207 /* }}} */
208
209 const zend_function_entry mcrypt_functions[] = { /* {{{ */
210 PHP_DEP_FE(mcrypt_get_key_size, arginfo_mcrypt_get_key_size)
211 PHP_DEP_FE(mcrypt_get_block_size, arginfo_mcrypt_get_block_size)
212 PHP_DEP_FE(mcrypt_get_cipher_name, arginfo_mcrypt_get_cipher_name)
213 PHP_DEP_FE(mcrypt_create_iv, arginfo_mcrypt_create_iv)
214
215 PHP_DEP_FE(mcrypt_list_algorithms, arginfo_mcrypt_list_algorithms)
216 PHP_DEP_FE(mcrypt_list_modes, arginfo_mcrypt_list_modes)
217 PHP_DEP_FE(mcrypt_get_iv_size, arginfo_mcrypt_get_iv_size)
218 PHP_DEP_FE(mcrypt_encrypt, arginfo_mcrypt_encrypt)
219 PHP_DEP_FE(mcrypt_decrypt, arginfo_mcrypt_decrypt)
220
221 PHP_DEP_FE(mcrypt_module_open, arginfo_mcrypt_module_open)
222 PHP_DEP_FE(mcrypt_generic_init, arginfo_mcrypt_generic_init)
223 PHP_DEP_FE(mcrypt_generic, arginfo_mcrypt_generic)
224 PHP_DEP_FE(mdecrypt_generic, arginfo_mdecrypt_generic)
225 PHP_DEP_FE(mcrypt_generic_deinit, arginfo_mcrypt_generic_deinit)
226
227 PHP_DEP_FE(mcrypt_enc_self_test, arginfo_mcrypt_enc_self_test)
228 PHP_DEP_FE(mcrypt_enc_is_block_algorithm_mode, arginfo_mcrypt_enc_is_block_algorithm_mode)
229 PHP_DEP_FE(mcrypt_enc_is_block_algorithm, arginfo_mcrypt_enc_is_block_algorithm)
230 PHP_DEP_FE(mcrypt_enc_is_block_mode, arginfo_mcrypt_enc_is_block_mode)
231 PHP_DEP_FE(mcrypt_enc_get_block_size, arginfo_mcrypt_enc_get_block_size)
232 PHP_DEP_FE(mcrypt_enc_get_key_size, arginfo_mcrypt_enc_get_key_size)
233 PHP_DEP_FE(mcrypt_enc_get_supported_key_sizes, arginfo_mcrypt_enc_get_supported_key_sizes)
234 PHP_DEP_FE(mcrypt_enc_get_iv_size, arginfo_mcrypt_enc_get_iv_size)
235 PHP_DEP_FE(mcrypt_enc_get_algorithms_name, arginfo_mcrypt_enc_get_algorithms_name)
236 PHP_DEP_FE(mcrypt_enc_get_modes_name, arginfo_mcrypt_enc_get_modes_name)
237 PHP_DEP_FE(mcrypt_module_self_test, arginfo_mcrypt_module_self_test)
238
239 PHP_DEP_FE(mcrypt_module_is_block_algorithm_mode, arginfo_mcrypt_module_is_block_algorithm_mode)
240 PHP_DEP_FE(mcrypt_module_is_block_algorithm, arginfo_mcrypt_module_is_block_algorithm)
241 PHP_DEP_FE(mcrypt_module_is_block_mode, arginfo_mcrypt_module_is_block_mode)
242 PHP_DEP_FE(mcrypt_module_get_algo_block_size, arginfo_mcrypt_module_get_algo_block_size)
243 PHP_DEP_FE(mcrypt_module_get_algo_key_size, arginfo_mcrypt_module_get_algo_key_size)
244 PHP_DEP_FE(mcrypt_module_get_supported_key_sizes, arginfo_mcrypt_module_get_supported_key_sizes)
245
246 PHP_DEP_FE(mcrypt_module_close, arginfo_mcrypt_module_close)
247 PHP_FE_END
248 };
249 /* }}} */
250
251 static PHP_MINFO_FUNCTION(mcrypt);
252 static PHP_MINIT_FUNCTION(mcrypt);
253 static PHP_MSHUTDOWN_FUNCTION(mcrypt);
254 static PHP_GINIT_FUNCTION(mcrypt);
255 static PHP_GSHUTDOWN_FUNCTION(mcrypt);
256
257 ZEND_DECLARE_MODULE_GLOBALS(mcrypt)
258
259 zend_module_entry mcrypt_module_entry = {
260 STANDARD_MODULE_HEADER,
261 "mcrypt",
262 mcrypt_functions,
263 PHP_MINIT(mcrypt), PHP_MSHUTDOWN(mcrypt),
264 NULL, NULL,
265 PHP_MINFO(mcrypt),
266 PHP_MCRYPT_VERSION,
267 PHP_MODULE_GLOBALS(mcrypt),
268 PHP_GINIT(mcrypt),
269 PHP_GSHUTDOWN(mcrypt),
270 NULL,
271 STANDARD_MODULE_PROPERTIES_EX
272 };
273
274 #ifdef COMPILE_DL_MCRYPT
275 #ifdef ZTS
276 ZEND_TSRMLS_CACHE_DEFINE()
277 #endif
278 ZEND_GET_MODULE(mcrypt)
279 #endif
280
281 #define MCRYPT_ENCRYPT 0
282 #define MCRYPT_DECRYPT 1
283
284 typedef enum {
285 RANDOM = 0,
286 URANDOM,
287 RAND
288 } iv_source;
289
290 #define MCRYPT_GET_INI \
291 cipher_dir_string = MCG(algorithms_dir); \
292 module_dir_string = MCG(modes_dir);
293
294 /*
295 * #warning is not ANSI C
296 * #warning Invalidate resource if the param count is wrong, or other problems
297 * #warning occurred during functions.
298 */
299
300 #define MCRYPT_GET_CRYPT_ARGS \
301 if (zend_parse_parameters(ZEND_NUM_ARGS(), "sssz|s", \
302 &cipher, &cipher_len, &key, &key_len, &data, &data_len, &mode, &iv, &iv_len) == FAILURE) { \
303 return; \
304 }
305
306 #define MCRYPT_GET_TD_ARG \
307 zval *mcryptind; \
308 php_mcrypt *pm; \
309 if (zend_parse_parameters(ZEND_NUM_ARGS(), "r", &mcryptind) == FAILURE) { \
310 return; \
311 } \
312 if ((pm = (php_mcrypt *)zend_fetch_resource(Z_RES_P(mcryptind), "MCrypt", le_mcrypt)) == NULL) { \
313 RETURN_FALSE; \
314 }
315
316 #define MCRYPT_GET_MODE_DIR_ARGS(DIRECTORY) \
317 char *dir = NULL; \
318 size_t dir_len; \
319 char *module; \
320 size_t module_len; \
321 if (zend_parse_parameters (ZEND_NUM_ARGS(), \
322 "s|s", &module, &module_len, &dir, &dir_len) == FAILURE) { \
323 return; \
324 }
325
326 #define MCRYPT_OPEN_MODULE_FAILED "Module initialization failed"
327
328 #define MCRYPT_ENTRY2_2_4(a,b) REGISTER_STRING_CONSTANT("MCRYPT_" #a, b, CONST_PERSISTENT)
329 #define MCRYPT_ENTRY2_4(a) MCRYPT_ENTRY_NAMED(a, a)
330
331 #define PHP_MCRYPT_INIT_CHECK \
332 if (!pm->init) { \
333 php_error_docref(NULL, E_WARNING, "Operation disallowed prior to mcrypt_generic_init()."); \
334 RETURN_FALSE; \
335 } \
336
337 PHP_INI_BEGIN()
338 STD_PHP_INI_ENTRY("mcrypt.algorithms_dir", NULL, PHP_INI_ALL, OnUpdateString, algorithms_dir, zend_mcrypt_globals, mcrypt_globals)
339 STD_PHP_INI_ENTRY("mcrypt.modes_dir", NULL, PHP_INI_ALL, OnUpdateString, modes_dir, zend_mcrypt_globals, mcrypt_globals)
PHP_INI_END()340 PHP_INI_END()
341
342 static void php_mcrypt_module_dtor(zend_resource *rsrc) /* {{{ */
343 {
344 php_mcrypt *pm = (php_mcrypt *) rsrc->ptr;
345 if (pm) {
346 mcrypt_generic_deinit(pm->td);
347 mcrypt_module_close(pm->td);
348 efree(pm);
349 pm = NULL;
350 }
351 }
352 /* }}} */
353
PHP_GINIT_FUNCTION(mcrypt)354 static PHP_GINIT_FUNCTION(mcrypt)
355 {/*{{{*/
356 #if defined(COMPILE_DL_MCRYPT) && defined(ZTS)
357 ZEND_TSRMLS_CACHE_UPDATE();
358 #endif
359 mcrypt_globals->fd[RANDOM] = -1;
360 mcrypt_globals->fd[URANDOM] = -1;
361 }/*}}}*/
362
PHP_GSHUTDOWN_FUNCTION(mcrypt)363 static PHP_GSHUTDOWN_FUNCTION(mcrypt)
364 {/*{{{*/
365 if (mcrypt_globals->fd[RANDOM] > 0) {
366 close(mcrypt_globals->fd[RANDOM]);
367 mcrypt_globals->fd[RANDOM] = -1;
368 }
369
370 if (mcrypt_globals->fd[URANDOM] > 0) {
371 close(mcrypt_globals->fd[URANDOM]);
372 mcrypt_globals->fd[URANDOM] = -1;
373 }
374 }/*}}}*/
375
PHP_MINIT_FUNCTION(mcrypt)376 static PHP_MINIT_FUNCTION(mcrypt) /* {{{ */
377 {
378 le_mcrypt = zend_register_list_destructors_ex(php_mcrypt_module_dtor, NULL, "mcrypt", module_number);
379
380 /* modes for mcrypt_??? routines */
381 REGISTER_LONG_CONSTANT("MCRYPT_ENCRYPT", 0, CONST_PERSISTENT);
382 REGISTER_LONG_CONSTANT("MCRYPT_DECRYPT", 1, CONST_PERSISTENT);
383
384 /* sources for mcrypt_create_iv */
385 REGISTER_LONG_CONSTANT("MCRYPT_DEV_RANDOM", RANDOM, CONST_PERSISTENT);
386 REGISTER_LONG_CONSTANT("MCRYPT_DEV_URANDOM", URANDOM, CONST_PERSISTENT);
387 REGISTER_LONG_CONSTANT("MCRYPT_RAND", RAND, CONST_PERSISTENT);
388
389 /* ciphers */
390 MCRYPT_ENTRY2_2_4(3DES, "tripledes");
391 MCRYPT_ENTRY2_2_4(ARCFOUR_IV, "arcfour-iv");
392 MCRYPT_ENTRY2_2_4(ARCFOUR, "arcfour");
393 MCRYPT_ENTRY2_2_4(BLOWFISH, "blowfish");
394 MCRYPT_ENTRY2_2_4(BLOWFISH_COMPAT, "blowfish-compat");
395 MCRYPT_ENTRY2_2_4(CAST_128, "cast-128");
396 MCRYPT_ENTRY2_2_4(CAST_256, "cast-256");
397 MCRYPT_ENTRY2_2_4(CRYPT, "crypt");
398 MCRYPT_ENTRY2_2_4(DES, "des");
399 MCRYPT_ENTRY2_2_4(ENIGNA, "crypt");
400 MCRYPT_ENTRY2_2_4(GOST, "gost");
401 MCRYPT_ENTRY2_2_4(LOKI97, "loki97");
402 MCRYPT_ENTRY2_2_4(PANAMA, "panama");
403 MCRYPT_ENTRY2_2_4(RC2, "rc2");
404 MCRYPT_ENTRY2_2_4(RIJNDAEL_128, "rijndael-128");
405 MCRYPT_ENTRY2_2_4(RIJNDAEL_192, "rijndael-192");
406 MCRYPT_ENTRY2_2_4(RIJNDAEL_256, "rijndael-256");
407 MCRYPT_ENTRY2_2_4(SAFER64, "safer-sk64");
408 MCRYPT_ENTRY2_2_4(SAFER128, "safer-sk128");
409 MCRYPT_ENTRY2_2_4(SAFERPLUS, "saferplus");
410 MCRYPT_ENTRY2_2_4(SERPENT, "serpent");
411 MCRYPT_ENTRY2_2_4(THREEWAY, "threeway");
412 MCRYPT_ENTRY2_2_4(TRIPLEDES, "tripledes");
413 MCRYPT_ENTRY2_2_4(TWOFISH, "twofish");
414 MCRYPT_ENTRY2_2_4(WAKE, "wake");
415 MCRYPT_ENTRY2_2_4(XTEA, "xtea");
416
417 MCRYPT_ENTRY2_2_4(IDEA, "idea");
418 MCRYPT_ENTRY2_2_4(MARS, "mars");
419 MCRYPT_ENTRY2_2_4(RC6, "rc6");
420 MCRYPT_ENTRY2_2_4(SKIPJACK, "skipjack");
421 /* modes */
422 MCRYPT_ENTRY2_2_4(MODE_CBC, "cbc");
423 MCRYPT_ENTRY2_2_4(MODE_CFB, "cfb");
424 MCRYPT_ENTRY2_2_4(MODE_ECB, "ecb");
425 MCRYPT_ENTRY2_2_4(MODE_NOFB, "nofb");
426 MCRYPT_ENTRY2_2_4(MODE_OFB, "ofb");
427 MCRYPT_ENTRY2_2_4(MODE_STREAM, "stream");
428 REGISTER_INI_ENTRIES();
429
430 php_stream_filter_register_factory("mcrypt.*", &php_mcrypt_filter_factory);
431 php_stream_filter_register_factory("mdecrypt.*", &php_mcrypt_filter_factory);
432
433 return SUCCESS;
434 }
435 /* }}} */
436
PHP_MSHUTDOWN_FUNCTION(mcrypt)437 static PHP_MSHUTDOWN_FUNCTION(mcrypt) /* {{{ */
438 {
439 php_stream_filter_unregister_factory("mcrypt.*");
440 php_stream_filter_unregister_factory("mdecrypt.*");
441
442 UNREGISTER_INI_ENTRIES();
443 return SUCCESS;
444 }
445 /* }}} */
446
447 #include "zend_smart_str.h"
448
PHP_MINFO_FUNCTION(mcrypt)449 PHP_MINFO_FUNCTION(mcrypt) /* {{{ */
450 {
451 char **modules;
452 char mcrypt_api_no[16];
453 int i, count;
454 smart_str tmp1 = {0};
455 smart_str tmp2 = {0};
456
457 modules = mcrypt_list_algorithms(MCG(algorithms_dir), &count);
458 if (count == 0) {
459 smart_str_appends(&tmp1, "none");
460 }
461 for (i = 0; i < count; i++) {
462 smart_str_appends(&tmp1, modules[i]);
463 smart_str_appendc(&tmp1, ' ');
464 }
465 smart_str_0(&tmp1);
466 mcrypt_free_p(modules, count);
467
468 modules = mcrypt_list_modes(MCG(modes_dir), &count);
469 if (count == 0) {
470 smart_str_appends(&tmp2, "none");
471 }
472 for (i = 0; i < count; i++) {
473 smart_str_appends(&tmp2, modules[i]);
474 smart_str_appendc(&tmp2, ' ');
475 }
476 smart_str_0 (&tmp2);
477 mcrypt_free_p (modules, count);
478
479 snprintf (mcrypt_api_no, 16, "%d", MCRYPT_API_VERSION);
480
481 php_info_print_table_start();
482 php_info_print_table_header(2, "mcrypt support", "enabled");
483 php_info_print_table_header(2, "mcrypt_filter support", "enabled");
484 php_info_print_table_row(2, "Version", LIBMCRYPT_VERSION);
485 php_info_print_table_row(2, "Api No", mcrypt_api_no);
486 php_info_print_table_row(2, "Supported ciphers", ZSTR_VAL(tmp1.s));
487 php_info_print_table_row(2, "Supported modes", ZSTR_VAL(tmp2.s));
488 smart_str_free(&tmp1);
489 smart_str_free(&tmp2);
490
491 php_info_print_table_end();
492
493 DISPLAY_INI_ENTRIES();
494 }
495 /* }}} */
496
497 /* {{{ proto resource mcrypt_module_open(string cipher, string cipher_directory, string mode, string mode_directory)
498 Opens the module of the algorithm and the mode to be used */
PHP_FUNCTION(mcrypt_module_open)499 PHP_FUNCTION(mcrypt_module_open)
500 {
501 char *cipher, *cipher_dir;
502 char *mode, *mode_dir;
503 size_t cipher_len, cipher_dir_len;
504 size_t mode_len, mode_dir_len;
505 MCRYPT td;
506 php_mcrypt *pm;
507
508 if (zend_parse_parameters (ZEND_NUM_ARGS(), "ssss",
509 &cipher, &cipher_len, &cipher_dir, &cipher_dir_len,
510 &mode, &mode_len, &mode_dir, &mode_dir_len)) {
511 return;
512 }
513
514 td = mcrypt_module_open (
515 cipher,
516 cipher_dir_len > 0 ? cipher_dir : MCG(algorithms_dir),
517 mode,
518 mode_dir_len > 0 ? mode_dir : MCG(modes_dir)
519 );
520
521 if (td == MCRYPT_FAILED) {
522 php_error_docref(NULL, E_WARNING, "Could not open encryption module");
523 RETURN_FALSE;
524 } else {
525 pm = emalloc(sizeof(php_mcrypt));
526 pm->td = td;
527 pm->init = 0;
528 RETURN_RES(zend_register_resource(pm, le_mcrypt));
529 }
530 }
531 /* }}} */
532
533 /* {{{ proto int mcrypt_generic_init(resource td, string key, string iv)
534 This function initializes all buffers for the specific module */
PHP_FUNCTION(mcrypt_generic_init)535 PHP_FUNCTION(mcrypt_generic_init)
536 {
537 char *key, *iv;
538 size_t key_len, iv_len;
539 zval *mcryptind;
540 unsigned char *key_s, *iv_s;
541 int max_key_size, key_size, iv_size;
542 php_mcrypt *pm;
543 int result = 0;
544
545 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rss", &mcryptind, &key, &key_len, &iv, &iv_len) == FAILURE) {
546 return;
547 }
548
549 if ((pm = (php_mcrypt *)zend_fetch_resource(Z_RES_P(mcryptind), "MCrypt", le_mcrypt)) == NULL) {
550 RETURN_FALSE;
551 }
552
553 max_key_size = mcrypt_enc_get_key_size(pm->td);
554 iv_size = mcrypt_enc_get_iv_size(pm->td);
555
556 if (key_len == 0) {
557 php_error_docref(NULL, E_WARNING, "Key size is 0");
558 }
559
560 key_s = emalloc(key_len);
561 memset(key_s, 0, key_len);
562
563 iv_s = emalloc(iv_size + 1);
564 memset(iv_s, 0, iv_size + 1);
565
566 if (key_len > (size_t)max_key_size) {
567 php_error_docref(NULL, E_WARNING, "Key size too large; supplied length: %zd, max: %d", key_len, max_key_size);
568 key_size = max_key_size;
569 } else {
570 key_size = (int)key_len;
571 }
572 memcpy(key_s, key, key_len);
573
574 if (iv_len != (size_t)iv_size) {
575 if (mcrypt_enc_mode_has_iv(pm->td)) {
576 php_error_docref(NULL, E_WARNING, "Iv size incorrect; supplied length: %zd, needed: %d", iv_len, iv_size);
577 }
578 if (iv_len > (size_t)iv_size) {
579 iv_len = iv_size;
580 }
581 }
582 memcpy(iv_s, iv, iv_len);
583
584 mcrypt_generic_deinit(pm->td);
585 result = mcrypt_generic_init(pm->td, key_s, key_size, iv_s);
586
587 /* If this function fails, close the mcrypt module to prevent crashes
588 * when further functions want to access this resource */
589 if (result < 0) {
590 zend_list_close(Z_RES_P(mcryptind));
591 switch (result) {
592 case -3:
593 php_error_docref(NULL, E_WARNING, "Key length incorrect");
594 break;
595 case -4:
596 php_error_docref(NULL, E_WARNING, "Memory allocation error");
597 break;
598 case -1:
599 default:
600 php_error_docref(NULL, E_WARNING, "Unknown error");
601 break;
602 }
603 } else {
604 pm->init = 1;
605 }
606 RETVAL_LONG(result);
607
608 ZEND_SECURE_ZERO(key_s, key_len);
609 ZEND_SECURE_ZERO(iv_s, iv_len);
610 efree(iv_s);
611 efree(key_s);
612 }
613 /* }}} */
614
615 /* {{{ proto string mcrypt_generic(resource td, string data)
616 This function encrypts the plaintext */
PHP_FUNCTION(mcrypt_generic)617 PHP_FUNCTION(mcrypt_generic)
618 {
619 zval *mcryptind;
620 char *data;
621 size_t data_len;
622 php_mcrypt *pm;
623 zend_string* data_str;
624 int block_size, data_size;
625
626 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rs", &mcryptind, &data, &data_len) == FAILURE) {
627 return;
628 }
629
630 if ((pm = (php_mcrypt *)zend_fetch_resource(Z_RES_P(mcryptind), "MCrypt", le_mcrypt)) == NULL) {
631 RETURN_FALSE;
632 }
633 PHP_MCRYPT_INIT_CHECK
634
635 if (data_len == 0) {
636 php_error_docref(NULL, E_WARNING, "An empty string was passed");
637 RETURN_FALSE
638 }
639
640 if (data_len > INT_MAX) {
641 php_error_docref(NULL, E_WARNING, "Data size too large, %d maximum", INT_MAX);
642 RETURN_FALSE;
643 }
644 /* Check blocksize */
645 if (mcrypt_enc_is_block_mode(pm->td) == 1) { /* It's a block algorithm */
646 block_size = mcrypt_enc_get_block_size(pm->td);
647 data_size = ((((int)data_len - 1) / block_size) + 1) * block_size;
648 if (data_size <= 0) {
649 php_error_docref(NULL, E_WARNING, "Integer overflow in data size");
650 RETURN_FALSE;
651 }
652 data_str = zend_string_alloc(data_size, 0);
653 memset(ZSTR_VAL(data_str), 0, data_size);
654 memcpy(ZSTR_VAL(data_str), data, data_len);
655 } else { /* It's not a block algorithm */
656 data_size = (int)data_len;
657 data_str = zend_string_alloc(data_size, 0);
658 memset(ZSTR_VAL(data_str), 0, data_size);
659 memcpy(ZSTR_VAL(data_str), data, data_len);
660 }
661
662 mcrypt_generic(pm->td, ZSTR_VAL(data_str), data_size);
663 ZSTR_VAL(data_str)[data_size] = '\0';
664
665 RETVAL_NEW_STR(data_str);
666 }
667 /* }}} */
668
669 /* {{{ proto string mdecrypt_generic(resource td, string data)
670 This function decrypts the plaintext */
PHP_FUNCTION(mdecrypt_generic)671 PHP_FUNCTION(mdecrypt_generic)
672 {
673 zval *mcryptind;
674 char *data;
675 size_t data_len;
676 php_mcrypt *pm;
677 char* data_s;
678 int block_size, data_size;
679
680 if (zend_parse_parameters(ZEND_NUM_ARGS(), "rs", &mcryptind, &data, &data_len) == FAILURE) {
681 return;
682 }
683
684 if ((pm = (php_mcrypt *)zend_fetch_resource(Z_RES_P(mcryptind), "MCrypt", le_mcrypt)) == NULL) {
685 RETURN_FALSE;
686 }
687 PHP_MCRYPT_INIT_CHECK
688
689 if (data_len == 0) {
690 php_error_docref(NULL, E_WARNING, "An empty string was passed");
691 RETURN_FALSE
692 }
693
694 /* Check blocksize */
695 if (data_len > INT_MAX) {
696 php_error_docref(NULL, E_WARNING, "Data size too large, %d maximum", INT_MAX);
697 RETURN_FALSE;
698 }
699 if (mcrypt_enc_is_block_mode(pm->td) == 1) { /* It's a block algorithm */
700 block_size = mcrypt_enc_get_block_size(pm->td);
701 data_size = ((((int)data_len - 1) / block_size) + 1) * block_size;
702 if (data_size <= 0) {
703 php_error_docref(NULL, E_WARNING, "Integer overflow in data size");
704 RETURN_FALSE;
705 }
706 data_s = emalloc((size_t)data_size + 1);
707 memset(data_s, 0, data_size);
708 memcpy(data_s, data, data_len);
709 } else { /* It's not a block algorithm */
710 data_size = (int)data_len;
711 data_s = emalloc(data_size + 1);
712 memset(data_s, 0, data_size);
713 memcpy(data_s, data, data_len);
714 }
715
716 mdecrypt_generic(pm->td, data_s, data_size);
717
718 RETVAL_STRINGL(data_s, data_size);
719 efree(data_s);
720 }
721 /* }}} */
722
723 /* {{{ proto array mcrypt_enc_get_supported_key_sizes(resource td)
724 This function decrypts the crypttext */
PHP_FUNCTION(mcrypt_enc_get_supported_key_sizes)725 PHP_FUNCTION(mcrypt_enc_get_supported_key_sizes)
726 {
727 int i, count = 0;
728 int *key_sizes;
729
730 MCRYPT_GET_TD_ARG
731 array_init(return_value);
732
733 key_sizes = mcrypt_enc_get_supported_key_sizes(pm->td, &count);
734
735 for (i = 0; i < count; i++) {
736 add_index_long(return_value, i, key_sizes[i]);
737 }
738
739 mcrypt_free(key_sizes);
740 }
741 /* }}} */
742
743 /* {{{ proto int mcrypt_enc_self_test(resource td)
744 This function runs the self test on the algorithm specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_self_test)745 PHP_FUNCTION(mcrypt_enc_self_test)
746 {
747 MCRYPT_GET_TD_ARG
748 RETURN_LONG(mcrypt_enc_self_test(pm->td));
749 }
750 /* }}} */
751
752 /* {{{ proto bool mcrypt_module_close(resource td)
753 Free the descriptor td */
PHP_FUNCTION(mcrypt_module_close)754 PHP_FUNCTION(mcrypt_module_close)
755 {
756 MCRYPT_GET_TD_ARG
757 zend_list_close(Z_RES_P(mcryptind));
758 RETURN_TRUE;
759 }
760 /* }}} */
761
762 /* {{{ proto bool mcrypt_generic_deinit(resource td)
763 This function terminates encrypt specified by the descriptor td */
PHP_FUNCTION(mcrypt_generic_deinit)764 PHP_FUNCTION(mcrypt_generic_deinit)
765 {
766 MCRYPT_GET_TD_ARG
767
768 if (mcrypt_generic_deinit(pm->td) < 0) {
769 php_error_docref(NULL, E_WARNING, "Could not terminate encryption specifier");
770 RETURN_FALSE
771 }
772 pm->init = 0;
773 RETURN_TRUE
774 }
775 /* }}} */
776
777 /* {{{ proto bool mcrypt_enc_is_block_algorithm_mode(resource td)
778 Returns TRUE if the mode is for use with block algorithms */
PHP_FUNCTION(mcrypt_enc_is_block_algorithm_mode)779 PHP_FUNCTION(mcrypt_enc_is_block_algorithm_mode)
780 {
781 MCRYPT_GET_TD_ARG
782
783 if (mcrypt_enc_is_block_algorithm_mode(pm->td) == 1) {
784 RETURN_TRUE
785 } else {
786 RETURN_FALSE
787 }
788 }
789 /* }}} */
790
791 /* {{{ proto bool mcrypt_enc_is_block_algorithm(resource td)
792 Returns TRUE if the alrogithm is a block algorithms */
PHP_FUNCTION(mcrypt_enc_is_block_algorithm)793 PHP_FUNCTION(mcrypt_enc_is_block_algorithm)
794 {
795 MCRYPT_GET_TD_ARG
796
797 if (mcrypt_enc_is_block_algorithm(pm->td) == 1) {
798 RETURN_TRUE
799 } else {
800 RETURN_FALSE
801 }
802 }
803 /* }}} */
804
805 /* {{{ proto bool mcrypt_enc_is_block_mode(resource td)
806 Returns TRUE if the mode outputs blocks */
PHP_FUNCTION(mcrypt_enc_is_block_mode)807 PHP_FUNCTION(mcrypt_enc_is_block_mode)
808 {
809 MCRYPT_GET_TD_ARG
810
811 if (mcrypt_enc_is_block_mode(pm->td) == 1) {
812 RETURN_TRUE
813 } else {
814 RETURN_FALSE
815 }
816 }
817 /* }}} */
818
819 /* {{{ proto int mcrypt_enc_get_block_size(resource td)
820 Returns the block size of the cipher specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_block_size)821 PHP_FUNCTION(mcrypt_enc_get_block_size)
822 {
823 MCRYPT_GET_TD_ARG
824 RETURN_LONG(mcrypt_enc_get_block_size(pm->td));
825 }
826 /* }}} */
827
828 /* {{{ proto int mcrypt_enc_get_key_size(resource td)
829 Returns the maximum supported key size in bytes of the algorithm specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_key_size)830 PHP_FUNCTION(mcrypt_enc_get_key_size)
831 {
832 MCRYPT_GET_TD_ARG
833 RETURN_LONG(mcrypt_enc_get_key_size(pm->td));
834 }
835 /* }}} */
836
837 /* {{{ proto int mcrypt_enc_get_iv_size(resource td)
838 Returns the size of the IV in bytes of the algorithm specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_iv_size)839 PHP_FUNCTION(mcrypt_enc_get_iv_size)
840 {
841 MCRYPT_GET_TD_ARG
842 RETURN_LONG(mcrypt_enc_get_iv_size(pm->td));
843 }
844 /* }}} */
845
846 /* {{{ proto string mcrypt_enc_get_algorithms_name(resource td)
847 Returns the name of the algorithm specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_algorithms_name)848 PHP_FUNCTION(mcrypt_enc_get_algorithms_name)
849 {
850 char *name;
851 MCRYPT_GET_TD_ARG
852
853 name = mcrypt_enc_get_algorithms_name(pm->td);
854 RETVAL_STRING(name);
855 mcrypt_free(name);
856 }
857 /* }}} */
858
859 /* {{{ proto string mcrypt_enc_get_modes_name(resource td)
860 Returns the name of the mode specified by the descriptor td */
PHP_FUNCTION(mcrypt_enc_get_modes_name)861 PHP_FUNCTION(mcrypt_enc_get_modes_name)
862 {
863 char *name;
864 MCRYPT_GET_TD_ARG
865
866 name = mcrypt_enc_get_modes_name(pm->td);
867 RETVAL_STRING(name);
868 mcrypt_free(name);
869 }
870 /* }}} */
871
872 /* {{{ proto bool mcrypt_module_self_test(string algorithm [, string lib_dir])
873 Does a self test of the module "module" */
PHP_FUNCTION(mcrypt_module_self_test)874 PHP_FUNCTION(mcrypt_module_self_test)
875 {
876 MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir);
877
878 if (mcrypt_module_self_test(module, dir) == 0) {
879 RETURN_TRUE;
880 } else {
881 RETURN_FALSE;
882 }
883 }
884 /* }}} */
885
886 /* {{{ proto bool mcrypt_module_is_block_algorithm_mode(string mode [, string lib_dir])
887 Returns TRUE if the mode is for use with block algorithms */
PHP_FUNCTION(mcrypt_module_is_block_algorithm_mode)888 PHP_FUNCTION(mcrypt_module_is_block_algorithm_mode)
889 {
890 MCRYPT_GET_MODE_DIR_ARGS(modes_dir)
891
892 if (mcrypt_module_is_block_algorithm_mode(module, dir) == 1) {
893 RETURN_TRUE;
894 } else {
895 RETURN_FALSE;
896 }
897 }
898 /* }}} */
899
900 /* {{{ proto bool mcrypt_module_is_block_algorithm(string algorithm [, string lib_dir])
901 Returns TRUE if the algorithm is a block algorithm */
PHP_FUNCTION(mcrypt_module_is_block_algorithm)902 PHP_FUNCTION(mcrypt_module_is_block_algorithm)
903 {
904 MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir)
905
906 if (mcrypt_module_is_block_algorithm(module, dir) == 1) {
907 RETURN_TRUE;
908 } else {
909 RETURN_FALSE;
910 }
911 }
912 /* }}} */
913
914 /* {{{ proto bool mcrypt_module_is_block_mode(string mode [, string lib_dir])
915 Returns TRUE if the mode outputs blocks of bytes */
PHP_FUNCTION(mcrypt_module_is_block_mode)916 PHP_FUNCTION(mcrypt_module_is_block_mode)
917 {
918 MCRYPT_GET_MODE_DIR_ARGS(modes_dir)
919
920 if (mcrypt_module_is_block_mode(module, dir) == 1) {
921 RETURN_TRUE;
922 } else {
923 RETURN_FALSE;
924 }
925 }
926 /* }}} */
927
928 /* {{{ proto int mcrypt_module_get_algo_block_size(string algorithm [, string lib_dir])
929 Returns the block size of the algorithm */
PHP_FUNCTION(mcrypt_module_get_algo_block_size)930 PHP_FUNCTION(mcrypt_module_get_algo_block_size)
931 {
932 MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir)
933
934 RETURN_LONG(mcrypt_module_get_algo_block_size(module, dir));
935 }
936 /* }}} */
937
938 /* {{{ proto int mcrypt_module_get_algo_key_size(string algorithm [, string lib_dir])
939 Returns the maximum supported key size of the algorithm */
PHP_FUNCTION(mcrypt_module_get_algo_key_size)940 PHP_FUNCTION(mcrypt_module_get_algo_key_size)
941 {
942 MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir);
943
944 RETURN_LONG(mcrypt_module_get_algo_key_size(module, dir));
945 }
946 /* }}} */
947
948 /* {{{ proto array mcrypt_module_get_supported_key_sizes(string algorithm [, string lib_dir])
949 This function decrypts the crypttext */
PHP_FUNCTION(mcrypt_module_get_supported_key_sizes)950 PHP_FUNCTION(mcrypt_module_get_supported_key_sizes)
951 {
952 int i, count = 0;
953 int *key_sizes;
954
955 MCRYPT_GET_MODE_DIR_ARGS(algorithms_dir)
956 array_init(return_value);
957
958 key_sizes = mcrypt_module_get_algo_supported_key_sizes(module, dir, &count);
959
960 for (i = 0; i < count; i++) {
961 add_index_long(return_value, i, key_sizes[i]);
962 }
963 mcrypt_free(key_sizes);
964 }
965 /* }}} */
966
967 /* {{{ proto array mcrypt_list_algorithms([string lib_dir])
968 List all algorithms in "module_dir" */
PHP_FUNCTION(mcrypt_list_algorithms)969 PHP_FUNCTION(mcrypt_list_algorithms)
970 {
971 char **modules;
972 char *lib_dir = MCG(algorithms_dir);
973 size_t lib_dir_len;
974 int i, count;
975
976 if (zend_parse_parameters(ZEND_NUM_ARGS(), "|s",
977 &lib_dir, &lib_dir_len) == FAILURE) {
978 return;
979 }
980
981 array_init(return_value);
982 modules = mcrypt_list_algorithms(lib_dir, &count);
983
984 if (count == 0) {
985 php_error_docref(NULL, E_WARNING, "No algorithms found in module dir");
986 }
987 for (i = 0; i < count; i++) {
988 add_index_string(return_value, i, modules[i]);
989 }
990 mcrypt_free_p(modules, count);
991 }
992 /* }}} */
993
994 /* {{{ proto array mcrypt_list_modes([string lib_dir])
995 List all modes "module_dir" */
PHP_FUNCTION(mcrypt_list_modes)996 PHP_FUNCTION(mcrypt_list_modes)
997 {
998 char **modules;
999 char *lib_dir = MCG(modes_dir);
1000 size_t lib_dir_len;
1001 int i, count;
1002
1003 if (zend_parse_parameters(ZEND_NUM_ARGS(), "|s",
1004 &lib_dir, &lib_dir_len) == FAILURE) {
1005 return;
1006 }
1007
1008 array_init(return_value);
1009 modules = mcrypt_list_modes(lib_dir, &count);
1010
1011 if (count == 0) {
1012 php_error_docref(NULL, E_WARNING, "No modes found in module dir");
1013 }
1014 for (i = 0; i < count; i++) {
1015 add_index_string(return_value, i, modules[i]);
1016 }
1017 mcrypt_free_p(modules, count);
1018 }
1019 /* }}} */
1020
1021 /* {{{ proto int mcrypt_get_key_size(string cipher, string module)
1022 Get the key size of cipher */
PHP_FUNCTION(mcrypt_get_key_size)1023 PHP_FUNCTION(mcrypt_get_key_size)
1024 {
1025 char *cipher;
1026 char *module;
1027 size_t cipher_len, module_len;
1028 char *cipher_dir_string;
1029 char *module_dir_string;
1030 MCRYPT td;
1031
1032 MCRYPT_GET_INI
1033
1034 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
1035 &cipher, &cipher_len, &module, &module_len) == FAILURE) {
1036 return;
1037 }
1038
1039 td = mcrypt_module_open(cipher, cipher_dir_string, module, module_dir_string);
1040 if (td != MCRYPT_FAILED) {
1041 RETVAL_LONG(mcrypt_enc_get_key_size(td));
1042 mcrypt_module_close(td);
1043 } else {
1044 php_error_docref(NULL, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1045 RETURN_FALSE;
1046 }
1047 }
1048 /* }}} */
1049
1050 /* {{{ proto int mcrypt_get_block_size(string cipher, string module)
1051 Get the key size of cipher */
PHP_FUNCTION(mcrypt_get_block_size)1052 PHP_FUNCTION(mcrypt_get_block_size)
1053 {
1054 char *cipher;
1055 char *module;
1056 size_t cipher_len, module_len;
1057 char *cipher_dir_string;
1058 char *module_dir_string;
1059 MCRYPT td;
1060
1061 MCRYPT_GET_INI
1062
1063 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
1064 &cipher, &cipher_len, &module, &module_len) == FAILURE) {
1065 return;
1066 }
1067
1068 td = mcrypt_module_open(cipher, cipher_dir_string, module, module_dir_string);
1069 if (td != MCRYPT_FAILED) {
1070 RETVAL_LONG(mcrypt_enc_get_block_size(td));
1071 mcrypt_module_close(td);
1072 } else {
1073 php_error_docref(NULL, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1074 RETURN_FALSE;
1075 }
1076 }
1077 /* }}} */
1078
1079 /* {{{ proto int mcrypt_get_iv_size(string cipher, string module)
1080 Get the IV size of cipher (Usually the same as the blocksize) */
PHP_FUNCTION(mcrypt_get_iv_size)1081 PHP_FUNCTION(mcrypt_get_iv_size)
1082 {
1083 char *cipher;
1084 char *module;
1085 size_t cipher_len, module_len;
1086 char *cipher_dir_string;
1087 char *module_dir_string;
1088 MCRYPT td;
1089
1090 MCRYPT_GET_INI
1091
1092 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ss",
1093 &cipher, &cipher_len, &module, &module_len) == FAILURE) {
1094 return;
1095 }
1096
1097 td = mcrypt_module_open(cipher, cipher_dir_string, module, module_dir_string);
1098 if (td != MCRYPT_FAILED) {
1099 RETVAL_LONG(mcrypt_enc_get_iv_size(td));
1100 mcrypt_module_close(td);
1101 } else {
1102 php_error_docref(NULL, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1103 RETURN_FALSE;
1104 }
1105 }
1106 /* }}} */
1107
1108 /* {{{ proto string mcrypt_get_cipher_name(string cipher)
1109 Get the key size of cipher */
PHP_FUNCTION(mcrypt_get_cipher_name)1110 PHP_FUNCTION(mcrypt_get_cipher_name)
1111 {
1112 char *cipher_dir_string;
1113 char *module_dir_string;
1114 char *cipher_name;
1115 char *cipher;
1116 size_t cipher_len;
1117 MCRYPT td;
1118
1119 MCRYPT_GET_INI
1120
1121 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s",
1122 &cipher, &cipher_len) == FAILURE) {
1123 return;
1124 }
1125
1126 /* The code below is actually not very nice, but I didn't see a better
1127 * method */
1128 td = mcrypt_module_open(cipher, cipher_dir_string, "ecb", module_dir_string);
1129 if (td != MCRYPT_FAILED) {
1130 cipher_name = mcrypt_enc_get_algorithms_name(td);
1131 mcrypt_module_close(td);
1132 RETVAL_STRING(cipher_name);
1133 mcrypt_free(cipher_name);
1134 } else {
1135 td = mcrypt_module_open(cipher, cipher_dir_string, "stream", module_dir_string);
1136 if (td != MCRYPT_FAILED) {
1137 cipher_name = mcrypt_enc_get_algorithms_name(td);
1138 mcrypt_module_close(td);
1139 RETVAL_STRING(cipher_name);
1140 mcrypt_free(cipher_name);
1141 } else {
1142 php_error_docref(NULL, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1143 RETURN_FALSE;
1144 }
1145 }
1146 }
1147 /* }}} */
1148
php_mcrypt_get_key_size_str(int max_key_size,const int * key_sizes,int key_size_count)1149 static char *php_mcrypt_get_key_size_str(
1150 int max_key_size, const int *key_sizes, int key_size_count) /* {{{ */
1151 {
1152 if (key_size_count == 0) {
1153 char *str;
1154 spprintf(&str, 0, "Only keys of size 1 to %d supported", max_key_size);
1155 return str;
1156 } else if (key_size_count == 1) {
1157 char *str;
1158 spprintf(&str, 0, "Only keys of size %d supported", key_sizes[0]);
1159 return str;
1160 } else {
1161 int i;
1162 char *result = NULL;
1163 smart_str str = {0};
1164 smart_str_appends(&str, "Only keys of sizes ");
1165
1166 for (i = 0; i < key_size_count; ++i) {
1167 if (i == key_size_count - 1) {
1168 smart_str_appends(&str, " or ");
1169 } else if (i != 0) {
1170 smart_str_appends(&str, ", ");
1171 }
1172
1173 smart_str_append_long(&str, key_sizes[i]);
1174 }
1175
1176 smart_str_appends(&str, " supported");
1177 smart_str_0(&str);
1178 result = estrndup(ZSTR_VAL(str.s), ZSTR_LEN(str.s));
1179 smart_str_free(&str);
1180
1181 return result;
1182 }
1183 }
1184 /* }}} */
1185
php_mcrypt_is_valid_key_size(int key_size,int max_key_size,int * key_sizes,int key_size_count)1186 static zend_bool php_mcrypt_is_valid_key_size(
1187 int key_size, int max_key_size, int *key_sizes, int key_size_count) /* {{{ */
1188 {
1189 int i;
1190
1191 if (key_size <= 0 || key_size > max_key_size) {
1192 return 0;
1193 }
1194
1195 if (key_size_count == 0) {
1196 /* All key sizes are valid */
1197 return 1;
1198 }
1199
1200 for (i = 0; i < key_size_count; i++) {
1201 if (key_sizes[i] == key_size) {
1202 return 1;
1203 }
1204 }
1205
1206 return 0;
1207 }
1208 /* }}} */
1209
php_mcrypt_ensure_valid_key_size(MCRYPT td,int key_size)1210 static int php_mcrypt_ensure_valid_key_size(MCRYPT td, int key_size) /* {{{ */
1211 {
1212 int key_size_count;
1213 int max_key_size = mcrypt_enc_get_key_size(td);
1214 int *key_sizes = mcrypt_enc_get_supported_key_sizes(td, &key_size_count);
1215
1216 zend_bool is_valid_key_size = php_mcrypt_is_valid_key_size(
1217 key_size, max_key_size, key_sizes, key_size_count
1218 );
1219 if (!is_valid_key_size) {
1220 char *key_size_str = php_mcrypt_get_key_size_str(
1221 max_key_size, key_sizes, key_size_count
1222 );
1223 php_error_docref(NULL, E_WARNING,
1224 "Key of size %d not supported by this algorithm. %s", key_size, key_size_str
1225 );
1226 efree(key_size_str);
1227 }
1228
1229 if (key_sizes) {
1230 mcrypt_free(key_sizes);
1231 }
1232
1233 return is_valid_key_size ? SUCCESS : FAILURE;
1234 }
1235 /* }}} */
1236
php_mcrypt_ensure_valid_iv(MCRYPT td,const char * iv,int iv_size)1237 static int php_mcrypt_ensure_valid_iv(MCRYPT td, const char *iv, int iv_size) /* {{{ */
1238 {
1239 if (mcrypt_enc_mode_has_iv(td) == 1) {
1240 int expected_iv_size = mcrypt_enc_get_iv_size(td);
1241 if (expected_iv_size == 0) {
1242 /* Algorithm does not use IV, even though mode supports it */
1243 return SUCCESS;
1244 }
1245
1246 if (!iv) {
1247 php_error_docref(NULL, E_WARNING,
1248 "Encryption mode requires an initialization vector of size %d", expected_iv_size
1249 );
1250 return FAILURE;
1251 }
1252
1253 if (iv_size != expected_iv_size) {
1254 php_error_docref(NULL, E_WARNING,
1255 "Received initialization vector of size %d, but size %d is required "
1256 "for this encryption mode", iv_size, expected_iv_size
1257 );
1258 return FAILURE;
1259 }
1260 }
1261
1262 return SUCCESS;
1263 }
1264 /* }}} */
1265
php_mcrypt_do_crypt(char * cipher,const char * key,size_t key_len,const char * data,size_t data_len,char * mode,const char * iv,size_t iv_len,size_t dencrypt,zval * return_value)1266 static void php_mcrypt_do_crypt(char* cipher, const char *key, size_t key_len, const char *data, size_t data_len, char *mode, const char *iv, size_t iv_len, size_t dencrypt, zval* return_value) /* {{{ */
1267 {
1268 char *cipher_dir_string;
1269 char *module_dir_string;
1270 zend_long data_size;
1271 char *data_s;
1272 MCRYPT td;
1273
1274 MCRYPT_GET_INI
1275
1276 td = mcrypt_module_open(cipher, cipher_dir_string, mode, module_dir_string);
1277 if (td == MCRYPT_FAILED) {
1278 php_error_docref(NULL, E_WARNING, MCRYPT_OPEN_MODULE_FAILED);
1279 RETURN_FALSE;
1280 }
1281
1282 if (php_mcrypt_ensure_valid_key_size(td, (int)key_len) == FAILURE) {
1283 mcrypt_module_close(td);
1284 RETURN_FALSE;
1285 }
1286
1287 if (php_mcrypt_ensure_valid_iv(td, iv, (int)iv_len) == FAILURE) {
1288 mcrypt_module_close(td);
1289 RETURN_FALSE;
1290 }
1291
1292 /* Check blocksize */
1293 if (mcrypt_enc_is_block_mode(td) == 1) { /* It's a block algorithm */
1294 int block_size = mcrypt_enc_get_block_size(td);
1295 data_size = ((((zend_long)data_len - 1) / block_size) + 1) * block_size;
1296 data_s = emalloc(data_size + 1);
1297 memset(data_s, 0, data_size);
1298 memcpy(data_s, data, data_len);
1299 } else { /* It's not a block algorithm */
1300 data_size = data_len;
1301 data_s = emalloc(data_size + 1);
1302 memcpy(data_s, data, data_len);
1303 }
1304
1305 if (mcrypt_generic_init(td, (void *) key, (int)key_len, (void *) iv) < 0) {
1306 efree(data_s);
1307 zend_throw_error(NULL, "Mcrypt initialisation failed");
1308 mcrypt_module_close(td);
1309 RETURN_FALSE;
1310 }
1311
1312 if (dencrypt == MCRYPT_ENCRYPT) {
1313 mcrypt_generic(td, data_s, (int)data_size);
1314 } else {
1315 mdecrypt_generic(td, data_s, (int)data_size);
1316 }
1317
1318 data_s[data_size] = 0;
1319
1320 RETVAL_STRINGL(data_s, data_size);
1321 efree(data_s);
1322
1323 /* freeing vars */
1324 mcrypt_generic_end(td);
1325 }
1326 /* }}} */
1327
1328 /* {{{ proto string mcrypt_encrypt(string cipher, string key, string data, string mode, string iv)
1329 OFB crypt/decrypt data using key key with cipher cipher starting with iv */
PHP_FUNCTION(mcrypt_encrypt)1330 PHP_FUNCTION(mcrypt_encrypt)
1331 {
1332 char *cipher, *key, *data, *mode, *iv = NULL;
1333 size_t cipher_len, key_len, data_len, mode_len, iv_len = 0;
1334
1335 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssss|s", &cipher, &cipher_len,
1336 &key, &key_len, &data, &data_len, &mode, &mode_len, &iv, &iv_len) == FAILURE) {
1337 return;
1338 }
1339
1340 php_mcrypt_do_crypt(cipher, key, key_len, data, data_len, mode, iv, iv_len, MCRYPT_ENCRYPT, return_value);
1341 }
1342 /* }}} */
1343
1344 /* {{{ proto string mcrypt_decrypt(string cipher, string key, string data, string mode, string iv)
1345 OFB crypt/decrypt data using key key with cipher cipher starting with iv */
PHP_FUNCTION(mcrypt_decrypt)1346 PHP_FUNCTION(mcrypt_decrypt)
1347 {
1348 char *cipher, *key, *data, *mode, *iv = NULL;
1349 size_t cipher_len, key_len, data_len, mode_len, iv_len = 0;
1350
1351 if (zend_parse_parameters(ZEND_NUM_ARGS(), "ssss|s", &cipher, &cipher_len,
1352 &key, &key_len, &data, &data_len, &mode, &mode_len, &iv, &iv_len) == FAILURE) {
1353 return;
1354 }
1355
1356 php_mcrypt_do_crypt(cipher, key, key_len, data, data_len, mode, iv, iv_len, MCRYPT_DECRYPT, return_value);
1357 }
1358 /* }}} */
1359
1360 /* {{{ proto string mcrypt_create_iv(int size, int source)
1361 Create an initialization vector (IV) */
PHP_FUNCTION(mcrypt_create_iv)1362 PHP_FUNCTION(mcrypt_create_iv)
1363 {
1364 char *iv;
1365 zend_long source = URANDOM;
1366 zend_long size;
1367 int n = 0;
1368
1369 if (zend_parse_parameters(ZEND_NUM_ARGS(), "l|l", &size, &source) == FAILURE) {
1370 return;
1371 }
1372
1373 if (size <= 0 || size >= INT_MAX) {
1374 php_error_docref(NULL, E_WARNING, "Cannot create an IV with a size of less than 1 or greater than %d", INT_MAX);
1375 RETURN_FALSE;
1376 }
1377
1378 iv = ecalloc(size + 1, 1);
1379
1380 if (source == RANDOM || source == URANDOM) {
1381 #ifdef PHP_WIN32
1382 /* random/urandom equivalent on Windows */
1383 BYTE *iv_b = (BYTE *) iv;
1384 if (php_win32_get_random_bytes(iv_b, (size_t) size) == FAILURE){
1385 efree(iv);
1386 php_error_docref(NULL, E_WARNING, "Could not gather sufficient random data");
1387 RETURN_FALSE;
1388 }
1389 n = (int)size;
1390 #else
1391 int *fd = &MCG(fd[source]);
1392 size_t read_bytes = 0;
1393
1394 if (*fd < 0) {
1395 *fd = open(source == RANDOM ? "/dev/random" : "/dev/urandom", O_RDONLY);
1396 if (*fd < 0) {
1397 efree(iv);
1398 php_error_docref(NULL, E_WARNING, "Cannot open source device");
1399 RETURN_FALSE;
1400 }
1401 }
1402
1403 while ((zend_long)read_bytes < size) {
1404 n = read(*fd, iv + read_bytes, size - read_bytes);
1405 if (n <= 0) {
1406 break;
1407 }
1408 read_bytes += n;
1409 }
1410 n = read_bytes;
1411
1412 if (n < size) {
1413 efree(iv);
1414 php_error_docref(NULL, E_WARNING, "Could not gather sufficient random data");
1415 RETURN_FALSE;
1416 }
1417 #endif
1418 } else {
1419 n = (int)size;
1420 while (size) {
1421 iv[--size] = (char) (255.0 * php_rand() / RAND_MAX);
1422 }
1423 }
1424 RETVAL_STRINGL(iv, n);
1425 efree(iv);
1426 }
1427 /* }}} */
1428
1429 #endif
1430
1431 /*
1432 * Local variables:
1433 * tab-width: 4
1434 * c-basic-offset: 4
1435 * End:
1436 * vim600: sw=4 ts=4 fdm=marker
1437 * vim<600: sw=4 ts=4
1438 */
1439
