PHP :: Bug #73978 :: openssl_decrypt triggers bug in PDO

Bug #73978	openssl_decrypt triggers bug in PDO
Submitted:	2017-01-23 11:43 UTC	Modified:	2020-02-20 08:26 UTC
From:	schmittjoh at gmail dot com	Assigned:	bukka (profile)
Status:	Closed	Package:	OpenSSL related
PHP Version:	7.1.1	OS:	Ubuntu 16.04
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	schmittjoh at gmail dot com
New email:
PHP Version:		OS:

New Comment:

[2017-01-23 11:43 UTC] schmittjoh at gmail dot com

Description:
------------
We get an SSL error when connecting to a secure MySQL server for some queries:

Warning: PDOStatement::execute(): SSL operation failed with code 1. OpenSSL Error messages:
error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length
error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length

The error happens for the next query after we used the openssl_decrypt function in our code. It seems like this function is not properly encapsulated or leaves some state behind which then triggers the error in PDO.

I was not able to reproduce a test-case with values that would not expose our secret, but making a second call to openssl_decrypt with no meaningful values fixes it.

Test script:
---------------
// This query runs fine.
$con->prepare("SELECT 1")->execute()->fetchColumn();

// This call leaves some state behind that causes error on second query.
openssl_decrypt(/* real arguments here */);

// Adding a call like this works around the bug.
// openssl_decrypt('', 'AES-256-CBC', '', 0, '');

// Error on this query.
$con->prepare("SELECT 1")->execute()->fetchColumn();

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2017-01-23 11:48 UTC] requinix@php.net

-Status: Open +Status: Feedback

[2017-01-23 11:48 UTC] requinix@php.net

What happens if you do the problematic openssl_decrypt() *before* the connection?

[2017-01-23 12:01 UTC] schmittjoh at gmail dot com

If you run openssl_decrypt before the connection is created, the queries run through fine.

[2017-01-23 17:09 UTC] dz at heroku dot com

Interesting; does this also happen with 7.0?

[2017-01-24 12:22 UTC] bukka@php.net

-Status: Feedback +Status: Assigned -Assigned To: +Assigned To: bukka

[2017-01-24 12:22 UTC] bukka@php.net

Looks like I missed this one (meaning forgot to add error storing in there)... Will fix it as soon as I get chance. If you want to fix it before it's released just call openssl_error_string() after openssl_decrypt which will move errors from the error queue.

Btw. the reason for that that you pass key ($password) with size different that key lenght (for AES-256 it's 256bit = 32 bytes) which is either fill with zero bytes (if shorter) or trimmed (if longer) so you can also fix it by passing correct key... ;)

[2017-01-24 12:35 UTC] bukka@php.net

-Package: PDO MySQL +Package: OpenSSL related

[2017-01-25 07:37 UTC] requinix@php.net

Bug #69524 looks like the same issue.

[2017-01-25 19:55 UTC] bukka@php.net

Automatic comment on behalf of bukka
Revision: http://git.php.net/?p=php-src.git;a=commit;h=519b0dc886aed287e5c3472df9c879186f5112c2
Log: Fix bug #73978 (openssl_decrypt triggers bug in PDO)

[2017-01-25 19:55 UTC] bukka@php.net

-Status: Assigned +Status: Closed

[2017-01-25 19:56 UTC] bukka@php.net

Automatic comment on behalf of bukka
Revision: http://git.php.net/?p=php-src.git;a=commit;h=519b0dc886aed287e5c3472df9c879186f5112c2
Log: Fix bug #73978 (openssl_decrypt triggers bug in PDO)

[2017-05-08 16:04 UTC] requinix@php.net

Related To: Bug #74555

[2018-08-07 21:29 UTC] requinix@php.net

Related To: Bug #76714

[2020-02-20 06:10 UTC] liton10 at gmail dot com

PHP 7.3.9 still has this issue. And I had to do while(openssl_error_string() !== false); as there were multiple ssl error before the db query. I had to scrape some third party urls which had ssl issues.

[2020-02-20 08:26 UTC] nikic@php.net

@liton10 Probably your issue has been fixed as part of bug #78775. Please try a more recent version of PHP 7.3.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 11:01:29 2024 UTC