PHP :: Bug #72336 :: openssl_pkey_new does not properly fail with ivalid DSA params

Bug #72336	openssl_pkey_new does not properly fail with ivalid DSA params
Submitted:	2016-06-05 14:44 UTC	Modified:	2016-06-05 14:48 UTC
From:	bukka@php.net	Assigned:	bukka (profile)
Status:	Closed	Package:	OpenSSL related
PHP Version:	5.6.22	OS:	Unrelated
Private report:	No	CVE-ID:	None

View Developer Edit

[2016-06-05 14:44 UTC] bukka@php.net

Description:
------------
There is an issue with failing openssl_pkey_new when DSA is invalid. The example below doesn't use bin2hex which means that the keys are invalid. However due to bug in OpenSSL the function creates a new key that however doesn't have a private part. The reason is that DSA_generate_key doesn't fail because the BN_mod_exp can also return -1 which is not checked.

Test script:
---------------
<?php
$p = '00f8000ae45b2dacb47dd977d58b719d097bdf07cb2c17660ad898518c08' .
	'1a61659a16daadfaa406a0a994c743df5eda07e36bd0adcad921b77432ff' .
	'24ccc31e782d647e66768122b578857e9293df78387dc8b44af2a4a3f305' .
	'1f236b1000a3e31da489c6681b0031f7ec37c2e1091bdb698e7660f135b6' .
	'996def90090303b7ad';

$q = '009b3734fc9f7a4a9d6437ec314e0a78c2889af64b';

$g = '00b320300a0bc55b8f0ec6edc218e2185250f38fbb8291db8a89227f6e41' .
	'00d47d6ccb9c7d42fc43280ecc2ed386e81ff65bc5d6a2ae78db7372f5dc' .
	'f780f4558e7ed3dd0c96a1b40727ac56c5165aed700a3b63997893a1fb21' .
	'4e882221f0dd9604820dc34e2725dd6901c93e0ca56f6d76d495c332edc5' .
	'b81747c4c447a941f3';

openssl_pkey_new(array('dsa' => array('p' => $p, 'q' => $q, 'g' => $g)));
var_dump($dsa === false);

Expected result:
----------------
bool(false)

Actual result:
--------------
bool(true)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2016-06-05 14:45 UTC] bukka@php.net

-Status: Open +Status: Assigned -Assigned To: +Assigned To: bukka

[2016-06-05 14:46 UTC] bukka@php.net

Expected result and actual result is actually opposite :)

[2016-06-05 14:48 UTC] bukka@php.net

And it should be

- openssl_pkey_new(array('dsa' => array('p' => $p, 'q' => $q, 'g' => $g)));
+ $dsa = openssl_pkey_new(array('dsa' => array('p' => $p, 'q' => $q, 'g' => $g)));

[2016-06-12 17:16 UTC] bukka@php.net

Automatic comment on behalf of bukka
Revision: http://git.php.net/?p=php-src.git;a=commit;h=54310d95f91bcd286e4bae67891402f782c1e767
Log: Fix bug #72336 (openssl_pkey_new does not fail for invalid DSA params)

[2016-06-12 17:16 UTC] bukka@php.net

-Status: Assigned +Status: Closed

[2016-06-12 17:39 UTC] bukka@php.net

Automatic comment on behalf of bukka
Revision: http://git.php.net/?p=php-src.git;a=commit;h=54310d95f91bcd286e4bae67891402f782c1e767
Log: Fix bug #72336 (openssl_pkey_new does not fail for invalid DSA params)

[2016-06-12 17:40 UTC] bukka@php.net

Automatic comment on behalf of bukka
Revision: http://git.php.net/?p=php-src.git;a=commit;h=54310d95f91bcd286e4bae67891402f782c1e767
Log: Fix bug #72336 (openssl_pkey_new does not fail for invalid DSA params)

[2016-06-22 05:58 UTC] krakjoe@php.net

Automatic comment on behalf of bukka
Revision: http://git.php.net/?p=php-src.git;a=commit;h=54310d95f91bcd286e4bae67891402f782c1e767
Log: Fix bug #72336 (openssl_pkey_new does not fail for invalid DSA params)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 08:01:29 2024 UTC