xref: /php-src/ext/openssl/tests/bug81713.phpt (revision 500b28ad) 
1--TEST--
2Bug #81713 (OpenSSL functions null byte injection)
3--EXTENSIONS--
4openssl
5--SKIPIF--
6<?php
7if (!defined("OPENSSL_KEYTYPE_DSA")) die("skip DSA disabled");
8?>
9--FILE--
10<?php
11$priv_key_file = "file://" . __DIR__ . "/private_rsa_1024.key";
12$priv_key_file_null = "$priv_key_file\x00foo";
13$crt =  __DIR__ . '/cert.crt';
14$crt_null =  "$crt\x00foo";
15$csr = __DIR__ . '/cert.csr';
16$crt_file = "file://$crt";
17$crt_file_null = "$crt_file\x00foo";
18$csr_file = "file://$csr";
19$csr_file_null = "$csr_file\x00foo";
20$infile = __DIR__ . '/plain.txt';
21$infile_null = "$infile\x00acd";;
22$outfile = __DIR__ . '/bug81713.out';
23$outfile_null = "$outfile\x00acd";
24$eml = __DIR__ . "/signed.eml";
25$eml_null = "$eml\x00foo";
26$headers = ["test@test", "testing openssl_cms_encrypt()"];
27$cainfo = [$crt];
28$cainfo_null = [$crt_file_null];
29
30$config = __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf';
31$config_arg = array('config' => $config);
32
33$dn = [
34    "countryName" => "BR",
35    "stateOrProvinceName" => "Rio Grande do Sul",
36    "localityName" => "Porto Alegre",
37    "commonName" => "Henrique do N. Angelo",
38    "emailAddress" => "hnangelo@php.net"
39];
40
41$csr_args = [
42    "digest_alg" => "sha256",
43    "private_key_bits" => 2048,
44    "private_key_type" => OPENSSL_KEYTYPE_DSA,
45    "encrypt_key" => true,
46    "config" => $config,
47];
48
49$tests = [
50    ["openssl_pkey_get_public", $crt_file],
51    ["openssl_pkey_get_public", $crt_file_null],
52    ["openssl_pkey_get_private", $crt_file_null],
53    ["openssl_pkey_export_to_file", $priv_key_file_null, $outfile],
54    ["openssl_pkey_export_to_file", $priv_key_file, $outfile_null],
55    ["openssl_pkey_export", $priv_key_file_null, &$out],
56    ["openssl_pkey_derive", $priv_key_file_null, $priv_key_file],
57    ["openssl_pkey_derive", $priv_key_file, $priv_key_file_null],
58    ["openssl_private_encrypt", "test", &$out, $priv_key_file_null],
59    ["openssl_private_decrypt", "test", &$out, $priv_key_file_null],
60    ["openssl_public_encrypt", "test", &$out, $priv_key_file_null],
61    ["openssl_public_decrypt", "test", &$out, $priv_key_file_null],
62    ["openssl_sign", "test", &$out, $priv_key_file_null],
63    ["openssl_verify", "test", "sig", $priv_key_file_null],
64    ["openssl_seal", "test", &$sealed, &$ekeys, [$priv_key_file_null], "AES-128-CBC", &$iv],
65    ["openssl_open", "test", &$open, "aaa", $priv_key_file_null, "AES-128-CBC", &$iv],
66    ["openssl_csr_new", $dn, &$priv_key_file_null, $csr_args],
67    ["openssl_csr_get_subject", $csr_file_null],
68    ["openssl_csr_get_public_key", $csr_file_null],
69    ["openssl_x509_fingerprint", $crt_file_null],
70    ["openssl_x509_export_to_file", $crt_file_null, $outfile],
71    ["openssl_x509_export_to_file", $crt_file, $outfile_null],
72    ["openssl_x509_export", $crt_file_null, &$out],
73    ["openssl_x509_checkpurpose", $crt_file_null, X509_PURPOSE_SSL_CLIENT],
74    ["openssl_x509_checkpurpose", $crt_file, X509_PURPOSE_SSL_CLIENT, $cainfo_null],
75    ["openssl_x509_check_private_key", $crt_file_null, $priv_key_file],
76    ["openssl_x509_check_private_key", $crt_file, $priv_key_file_null],
77    ["openssl_x509_verify", $crt_file_null, $priv_key_file],
78    ["openssl_x509_verify", $crt_file, $priv_key_file_null],
79    ["openssl_x509_parse", $crt_file_null],
80    ["openssl_x509_read", $crt_file_null],
81    ["openssl_cms_encrypt", $infile_null, $outfile, $crt_file, $headers],
82    ["openssl_cms_encrypt", $infile, $outfile_null, $crt_file, $headers],
83    ["openssl_cms_encrypt", $infile, $outfile, $crt_file_null, $headers],
84    ["openssl_cms_encrypt", $infile, $outfile, $cainfo_null, $headers],
85    ["openssl_cms_decrypt", $infile_null, $outfile,  $crt_file, $priv_key_file],
86    ["openssl_cms_decrypt", $infile, $outfile_null, $crt_file, $priv_key_file],
87    ["openssl_cms_decrypt", $infile, $outfile, $crt_file_null, $priv_key_file],
88    ["openssl_cms_decrypt", $infile, $outfile, $crt_file, $priv_key_file_null],
89    ["openssl_cms_sign", $infile_null, "$outfile", $crt_file, $priv_key_file, $headers],
90    ["openssl_cms_sign", $infile, $outfile_null, $crt_file, $priv_key_file, $headers],
91    ["openssl_cms_sign", $infile, $outfile, $crt_file_null, $priv_key_file, $headers],
92    ["openssl_cms_sign", $infile, $outfile, $crt_file, $crt_file_null, $headers],
93    ["openssl_cms_sign", $infile, $outfile, $crt_file, $crt_file, $headers, 0, OPENSSL_ENCODING_DER, $crt_file_null],
94    ["openssl_cms_verify", $eml_null, OPENSSL_CMS_NOVERIFY, $outfile, $cainfo, $outfile, $outfile, $outfile],
95    ["openssl_cms_verify", $eml, OPENSSL_CMS_NOVERIFY, $outfile_null, $cainfo, $outfile, $outfile, $outfile],
96    ["openssl_cms_verify", $eml, OPENSSL_CMS_NOVERIFY, $outfile, $cainfo_null],
97    ["openssl_cms_verify", $eml, OPENSSL_CMS_NOVERIFY, $outfile, $cainfo, $outfile_null, $outfile, $outfile],
98    ["openssl_cms_verify", $eml, OPENSSL_CMS_NOVERIFY, $outfile, $cainfo, $outfile, $outfile_null, $outfile],
99    ["openssl_cms_verify", $eml, OPENSSL_CMS_NOVERIFY, $outfile, $cainfo, $outfile, $outfile, $outfile_null],
100    ["openssl_pkcs7_encrypt", $infile_null, $outfile, $crt_file, $headers],
101    ["openssl_pkcs7_encrypt", $infile, $outfile_null, $crt_file, $headers],
102    ["openssl_pkcs7_encrypt", $infile, $outfile, $crt_file_null, $headers],
103    ["openssl_pkcs7_encrypt", $infile, $outfile, $cainfo_null, $headers],
104    ["openssl_pkcs7_decrypt", $infile_null, $outfile,  $crt_file, $priv_key_file],
105    ["openssl_pkcs7_decrypt", $infile, $outfile_null, $crt_file, $priv_key_file],
106    ["openssl_pkcs7_decrypt", $infile, $outfile, $crt_file_null, $priv_key_file],
107    ["openssl_pkcs7_decrypt", $infile, $outfile, $crt_file, $priv_key_file_null],
108    ["openssl_pkcs7_sign", $infile_null, "$outfile", $crt_file, $priv_key_file, $headers],
109    ["openssl_pkcs7_sign", $infile, $outfile_null, $crt_file, $priv_key_file, $headers],
110    ["openssl_pkcs7_sign", $infile, $outfile, $crt_file_null, $priv_key_file, $headers],
111    ["openssl_pkcs7_sign", $infile, $outfile, $crt_file, $crt_file_null, $headers],
112    ["openssl_pkcs7_sign", $infile, $outfile, $crt_file, $crt_file, $headers, 0, $crt_file_null],
113    ["openssl_pkcs7_verify", $eml_null, 0, $outfile, $cainfo, $outfile, $outfile, $outfile],
114    ["openssl_pkcs7_verify", $eml, 0, $outfile_null, $cainfo, $outfile, $outfile, $outfile],
115    ["openssl_pkcs7_verify", $eml, 0, $outfile, $cainfo_null],
116    ["openssl_pkcs7_verify", $eml, 0, $outfile, $cainfo, $outfile_null, $outfile, $outfile],
117    ["openssl_pkcs7_verify", $eml, 0, $outfile, $cainfo, $outfile, $outfile_null, $outfile],
118    ["openssl_pkcs7_verify", $eml, 0, $outfile, $cainfo, $outfile, $outfile, $outfile_null],
119    ["openssl_pkcs12_export", $crt_file_null, &$out, $priv_key_file, "pwd"],
120    ["openssl_pkcs12_export", $crt_file, &$out, $priv_key_file_null, "pwd"],
121    ["openssl_pkcs12_export", $crt_file, &$out, $priv_key_file, "pwd", ["extracerts" => [$crt_file_null]]],
122    ["openssl_pkcs12_export_to_file", $crt_file_null, $outfile, $priv_key_file, "pwd"],
123    ["openssl_pkcs12_export_to_file", $crt_file, $outfile_null, $priv_key_file_null, "pwd"],
124    ["openssl_pkcs12_export_to_file", $crt_file, $outfile, $priv_key_file_null, "pwd"],
125    ["openssl_pkcs12_export_to_file", $crt_file, $outfile, $priv_key_file, "pwd", ["extracerts" => [$crt_file_null]]],
126];
127foreach ($tests as $test) {
128    try {
129        $key = call_user_func_array($test[0], array_slice($test, 1));
130        var_dump($key);
131    }
132    catch (ValueError $e) {
133        echo $e->getMessage() . PHP_EOL;
134    }
135}
136?>
137--CLEAN--
138<?php
139$outfile = __DIR__ . '/bug81713.out';
140@unlink($outfile);
141?>
142--EXPECTF--
143object(OpenSSLAsymmetricKey)#1 (0) {
144}
145openssl_pkey_get_public(): Argument #1 ($public_key) must not contain any null bytes
146openssl_pkey_get_private(): Argument #1 ($private_key) must not contain any null bytes
147openssl_pkey_export_to_file(): Argument #1 ($key) must not contain any null bytes
148openssl_pkey_export_to_file(): Argument #2 ($output_filename) must not contain any null bytes
149openssl_pkey_export(): Argument #1 ($key) must not contain any null bytes
150openssl_pkey_derive(): Argument #1 ($public_key) must not contain any null bytes
151openssl_pkey_derive(): Argument #2 ($private_key) must not contain any null bytes
152openssl_private_encrypt(): Argument #3 ($private_key) must not contain any null bytes
153openssl_private_decrypt(): Argument #3 ($private_key) must not contain any null bytes
154openssl_public_encrypt(): Argument #3 ($public_key) must not contain any null bytes
155openssl_public_decrypt(): Argument #3 ($public_key) must not contain any null bytes
156openssl_sign(): Argument #3 ($private_key) must not contain any null bytes
157openssl_verify(): Argument #3 ($public_key) must not contain any null bytes
158openssl_seal(): Argument #4 ($public_key) must not contain any null bytes
159openssl_open(): Argument #4 ($private_key) must not contain any null bytes
160openssl_csr_new(): Argument #2 ($private_key) must not contain any null bytes
161openssl_csr_get_subject(): Argument #1 ($csr) must not contain any null bytes
162openssl_csr_get_public_key(): Argument #1 ($csr) must not contain any null bytes
163
164Warning: openssl_x509_fingerprint(): X.509 Certificate cannot be retrieved in %s on line %d
165openssl_x509_fingerprint(): Argument #1 ($certificate) must not contain any null bytes
166
167Warning: openssl_x509_export_to_file(): X.509 Certificate cannot be retrieved in %s on line %d
168openssl_x509_export_to_file(): Argument #1 ($certificate) must not contain any null bytes
169openssl_x509_export_to_file(): Argument #2 ($output_filename) must not contain any null bytes
170
171Warning: openssl_x509_export(): X.509 Certificate cannot be retrieved in %s on line %d
172openssl_x509_export(): Argument #1 ($certificate) must not contain any null bytes
173openssl_x509_checkpurpose(): Argument #1 ($certificate) must not contain any null bytes
174openssl_x509_checkpurpose(): Argument #3 ($ca_info) array item must not contain any null bytes
175openssl_x509_check_private_key(): Argument #1 ($certificate) must not contain any null bytes
176openssl_x509_check_private_key(): Argument #2 ($private_key) must not contain any null bytes
177openssl_x509_verify(): Argument #1 ($certificate) must not contain any null bytes
178openssl_x509_verify(): Argument #2 ($public_key) must not contain any null bytes
179openssl_x509_parse(): Argument #1 ($certificate) must not contain any null bytes
180
181Warning: openssl_x509_read(): X.509 Certificate cannot be retrieved in %s on line %d
182openssl_x509_read(): Argument #1 ($certificate) must not contain any null bytes
183openssl_cms_encrypt(): Argument #1 ($input_filename) must not contain any null bytes
184openssl_cms_encrypt(): Argument #2 ($output_filename) must not contain any null bytes
185openssl_cms_encrypt(): Argument #3 ($certificate) must not contain any null bytes
186openssl_cms_encrypt(): Argument #3 ($certificate) array item must not contain any null bytes
187openssl_cms_decrypt(): Argument #1 ($input_filename) must not contain any null bytes
188openssl_cms_decrypt(): Argument #2 ($output_filename) must not contain any null bytes
189
190Warning: openssl_cms_decrypt(): X.509 Certificate cannot be retrieved in %s on line %d
191openssl_cms_decrypt(): Argument #3 ($certificate) must not contain any null bytes
192openssl_cms_decrypt(): Argument #4 ($private_key) must not contain any null bytes
193openssl_cms_sign(): Argument #1 ($input_filename) must not contain any null bytes
194openssl_cms_sign(): Argument #2 ($output_filename) must not contain any null bytes
195
196Warning: openssl_cms_sign(): X.509 Certificate cannot be retrieved in %s on line %d
197openssl_cms_sign(): Argument #3 ($certificate) must not contain any null bytes
198openssl_cms_sign(): Argument #4 ($private_key) must not contain any null bytes
199openssl_cms_sign(): Argument #8 ($untrusted_certificates_filename) must not contain any null bytes
200openssl_cms_verify(): Argument #1 ($input_filename) must not contain any null bytes
201openssl_cms_verify(): Argument #3 ($certificates) must not contain any null bytes
202openssl_cms_verify(): Argument #4 ($ca_info) array item must not contain any null bytes
203openssl_cms_verify(): Argument #5 ($untrusted_certificates_filename) must not contain any null bytes
204openssl_cms_verify(): Argument #6 ($content) must not contain any null bytes
205openssl_cms_verify(): Argument #7 ($pk7) must not contain any null bytes
206openssl_pkcs7_encrypt(): Argument #1 ($input_filename) must not contain any null bytes
207openssl_pkcs7_encrypt(): Argument #2 ($output_filename) must not contain any null bytes
208openssl_pkcs7_encrypt(): Argument #3 ($certificate) must not contain any null bytes
209openssl_pkcs7_encrypt(): Argument #3 ($certificate) array item must not contain any null bytes
210openssl_pkcs7_decrypt(): Argument #1 ($input_filename) must not contain any null bytes
211openssl_pkcs7_decrypt(): Argument #2 ($output_filename) must not contain any null bytes
212
213Warning: openssl_pkcs7_decrypt(): X.509 Certificate cannot be retrieved in %s on line %d
214openssl_pkcs7_decrypt(): Argument #3 ($certificate) must not contain any null bytes
215openssl_pkcs7_decrypt(): Argument #4 ($private_key) must not contain any null bytes
216openssl_pkcs7_sign(): Argument #1 ($input_filename) must not contain any null bytes
217openssl_pkcs7_sign(): Argument #2 ($output_filename) must not contain any null bytes
218
219Warning: openssl_pkcs7_sign(): X.509 Certificate cannot be retrieved in %s on line %d
220openssl_pkcs7_sign(): Argument #3 ($certificate) must not contain any null bytes
221openssl_pkcs7_sign(): Argument #4 ($private_key) must not contain any null bytes
222openssl_pkcs7_sign(): Argument #7 ($untrusted_certificates_filename) must not contain any null bytes
223openssl_pkcs7_verify(): Argument #1 ($input_filename) must not contain any null bytes
224openssl_pkcs7_verify(): Argument #3 ($signers_certificates_filename) must not contain any null bytes
225openssl_pkcs7_verify(): Argument #4 ($ca_info) array item must not contain any null bytes
226openssl_pkcs7_verify(): Argument #5 ($untrusted_certificates_filename) must not contain any null bytes
227openssl_pkcs7_verify(): Argument #6 ($content) must not contain any null bytes
228openssl_pkcs7_verify(): Argument #7 ($output_filename) must not contain any null bytes
229
230Warning: openssl_pkcs12_export(): X.509 Certificate cannot be retrieved in %s on line %d
231openssl_pkcs12_export(): Argument #1 ($certificate) must not contain any null bytes
232openssl_pkcs12_export(): Argument #3 ($private_key) must not contain any null bytes
233openssl_pkcs12_export(): Argument #5 ($options) option extracerts array item must not contain any null bytes
234
235Warning: openssl_pkcs12_export_to_file(): X.509 Certificate cannot be retrieved in %s on line %d
236openssl_pkcs12_export_to_file(): Argument #1 ($certificate) must not contain any null bytes
237openssl_pkcs12_export_to_file(): Argument #2 ($output_filename) must not contain any null bytes
238openssl_pkcs12_export_to_file(): Argument #3 ($private_key) must not contain any null bytes
239openssl_pkcs12_export_to_file(): Argument #5 ($options) option extracerts array item must not contain any null bytes
240