php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #74700 Faulty returned values openssl_pkey_get_details
Submitted: 2017-06-06 09:53 UTC Modified: 2017-06-11 16:49 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: nothingam at protonmail dot com Assigned: bukka (profile)
Status: Not a bug Package: OpenSSL related
PHP Version: 5.6.30 OS: Debian
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: nothingam at protonmail dot com
New email:
PHP Version: OS:

 

 [2017-06-06 09:53 UTC] nothingam at protonmail dot com 
Description:
------------
The 'openssl_pkey_get_details' function for OPENSSL_KEYTYPE_DH typed keys seems to return faulty 'pub_key's (probably 'priv_key's too).
If the last byte is zero byte (0x00), the returned value in the $ret['dh']['pub_key'] is shorter than expected (obviously with one byte in this case).

I've successfully reproduced the problem on:
- Windows: PHP 5.5.12 (cli) (built: Apr 30 2014 11:20:58)
- Debian: PHP 5.6.30-0+deb8u1 (cli) (built: Feb  8 2017 08:50:21)



---
From manual page: http://www.php.net/function.openssl-pkey-get-details
---


Test script:
---------------
$DH_DEFAULT_PRIME = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF";
$DH_DEFAULT_GENERATOR = '02';
for($i=0; $i < 500; $i++) {
	$details = array();
	$details['p'] = pack('H*', $DH_DEFAULT_PRIME);
	$details['g'] = pack('H*', $DH_DEFAULT_GENERATOR);
	$res = openssl_pkey_new(array("dh" => $details));
	$details = openssl_pkey_get_details($res);
	$privateKey = $details['dh']['priv_key'];
	$publicKey = $details['dh']['pub_key'];
	if (strlen($publicKey) != $details['bits']/8) {
		echo "Whooaa!";
	}
}

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-06-11 16:49 UTC] bukka@php.net
-Status: Open +Status: Not a bug -Assigned To: +Assigned To: bukka
 [2017-06-11 16:49 UTC] bukka@php.net 
This is expected and it's what we get from BN_bin2bn. Just to correct you, it won't happen for the last byte but the first byte.
 [2017-06-12 09:01 UTC] nothingam at protonmail dot com 
Thanks for the correction, i've tested it and really is the first byte missing. 
If i get it correctly, it happens because the highest bits are not always set, so the bit length of the bignum can differ from the key length. The BN_bn2bin stores the value in big endian format, hence the left most byte is the most significant one.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Tue Apr 16 15:01:29 2024 UTC