php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74798 pkcs7_en/decrypt does not work if \x0a is used in content
Submitted: 2017-06-22 15:26 UTC Modified: 2017-06-27 14:35 UTC
From: jan dot slabon at setasign dot com Assigned: ab
Status: Closed Package: OpenSSL related
PHP Version: 7.2.0alpha2 OS: Windows 10 Pro
Private report: No CVE-ID:
 [2017-06-22 15:26 UTC] jan dot slabon at setasign dot com
Description:
------------
When using openssl_pkcs7_en/decrypt() with content "\x0a" the decrypted content is not the same as the original content.

Test script:
---------------
<?php

$cert = "-----BEGIN CERTIFICATE-----
MIIDXDCCAkSgAwIBAgIKq/f5U3FzthdKUzANBgkqhkiG9w0BAQUFADBcMRIwEAYD
VQQDEwlzZXRhcGRmLWExCTAHBgNVBAoTADEJMAcGA1UECxMAMSMwIQYJKoZIhvcN
AQkBFhRzdXBwb3J0QHNldGFzaWduLmNvbTELMAkGA1UEBhMCREUwHhcNMTUwOTA4
MDkzNDExWhcNMjAwOTA4MDkzNDExWjBcMRIwEAYDVQQDEwlzZXRhcGRmLWExCTAH
BgNVBAoTADEJMAcGA1UECxMAMSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QHNldGFz
aWduLmNvbTELMAkGA1UEBhMCREUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCkmTLvUIYfqAKC1CHVgABlemrFIVRm4JGeB0jIGofyrm3yVwR4YcK0eUmt
/0nbFfsFsU0/C9dXKZYD42t5YpLFsj666Z1EoU1CfSIW2bf0HaWVJ+oNT5twS3dv
RTzAcnPM44GxO4y6GUW6un0/bT/MZbFKbb3NI1L0mwY7EoqUXR68XxuHqWETaslm
Sbp1XvbLsJjgV9X3ihi7JC7A9kEzrKh+RBsXEXwlSv5JO2TUdwq9P4EbjqvgiaV1
vFNAArioX5pIUIm9ahAm8d7jjW6DFfV798rTzaQ3GJs0yC3UD6xhmbTbdC/D9Pot
8RGu89Fx6E+O5j4LwGH4kiYjgvYZAgMBAAGjIDAeMA8GCSqGSIb3LwEBCgQCBQAw
CwYDVR0PBAQDAgOYMA0GCSqGSIb3DQEBBQUAA4IBAQBCA8iXz7zxAmCWNZ0faiLm
aKw8u2PUq+EPKrGKc9Q70Ksw/e/EHvWrghFzmu5MOZRn/QIWq++sbbc8eOiaRDE8
lWCW596FLW4habXKw0sjDNcyEBArPgDp17O6NgHqI2U1KL1P2Y40e0YH2BWxNS+f
pmWZekjiC6jfId2JGsyPZUTX4USwthG4dFX0/BWYg+K7kXvQzMobes2NxW3Iqn8h
FUNgraCzlQMSfE2gwAMSUXTJubUGorj4LFYSiLIIJvf6KlmuR5uOIi5lSjSeZf5E
FLEHVhrz3o2icUeyb1K1BTAQRZ/H3GZ0QpgqSK5vmuV9C+rzezQMoy4/8UUnNPMt
-----END CERTIFICATE-----
";

$pkey = "-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCkmTLvUIYfqAKC
1CHVgABlemrFIVRm4JGeB0jIGofyrm3yVwR4YcK0eUmt/0nbFfsFsU0/C9dXKZYD
42t5YpLFsj666Z1EoU1CfSIW2bf0HaWVJ+oNT5twS3dvRTzAcnPM44GxO4y6GUW6
un0/bT/MZbFKbb3NI1L0mwY7EoqUXR68XxuHqWETaslmSbp1XvbLsJjgV9X3ihi7
JC7A9kEzrKh+RBsXEXwlSv5JO2TUdwq9P4EbjqvgiaV1vFNAArioX5pIUIm9ahAm
8d7jjW6DFfV798rTzaQ3GJs0yC3UD6xhmbTbdC/D9Pot8RGu89Fx6E+O5j4LwGH4
kiYjgvYZAgMBAAECggEABO4JOGF4KOvQanB11HYNXPy4BLA5Pc0RU3M6pvKjen1m
sdzRF5Vu/laJIkbchI0xm+Op8X7Wa+gFFBf8RLIS/QyYBCNh2Fe/74M9sYNDFxLJ
vjBIOm6VVF1QRhMD7SwoY303adJjpkHCRMPX4z3PjLzJfPYROpsJnaWkf8GwCJ4+
kufOhYcE8ekuLX7EzXFU74Uo0OnMEhMJgiAjlHhC21YLkgLoGq45sdktVgvD6sds
7BcmH6oUCDCJ8wxUVM1+Ks1D3vKHfeAhCFHvj9M/lf5OWylhmQh4CQf+NMDNsAc6
mXNIzUvZEgs/PJpd3SymHchf60m6faJtGv43GsdsgQKBgQDUx8t649O/vGRI26t4
4XrzVC2w5271UlhFaRiH03BrV+pECVoH4bw+ZIUuGke2xe+LrNkhMNJSGcbB0WDa
Jes+4Gf++AuSXRvMo+xHenfgUWQqYHJPkh5q6gknZ2YDfikFNLdqApXvp0m+FaVP
+F/2HMjQfTITQgkAiEn45s4agQKBgQDGCAZkIUcdyXQTplLE0Zx1/uiTBrQGyzsb
cDgAQIHt19wIRjoGOFatAj6TQ5gUj9Remn12v6d5Wi02i7hlu8V6O1VXLGqqeQ27
0MHBXzrFBVljOz96D7VP5Xx0DB1cGMbtg5ivjd91OUVrwC7fbXE9sfOI1FqlTb7p
6xi9Wl+fmQKBgGdzR/vUfqPOvVcq7gBUaAmb2KcUrj65rU753MJUy2h1EuHHRi1k
07fl+VZD0rALJf7bp6laajcebyLWYGdPXkNwqT8ua7naaOSiogLSiSvXhoKP56PG
H+HNLWwp+lAia2Erky0IWstsow62yWvLDyTCM+QhqlHwnh3TJVvNI1GBAoGAUl+y
MOJ6z5Ql2aqc0UwT1i1Tlxz5s73D93Tlho1Ovp3E5Bg6OK4kt9CwMNe0IhF2GGgQ
+l1cj6kIF6Fk8cR6r46QwDM0p3a1VMPQZNx0+NFxzkot7FsuY26lJyyG5fFUhiXw
VE4ifoN1Mg3+MWg3657jG66hihNd77WgU9uM3TkCgYEAypuvVrfFrrtXnbEUcBHq
mguKumn9miD9DPb6gi8ZaKOddGzw+qFPukiqi7rM3oRMg02evfK/VQC87Gmev663
RV9sQOlB9gNlMOOw/0R3ABEWDoSRCcrLhb6Z5Y72WVnZvpTPO0cDw2i1hyaEM6d+
2WR7c6FhRCLxG0DObEOfiO0=
-----END PRIVATE KEY-----
";

$originalEnvelopeData = "String with \x0a will end in one byte more.";

$tmpFileIn = tempnam(sys_get_temp_dir(), 'test');
$tmpFileOut = tempnam(sys_get_temp_dir(), 'test');
file_put_contents($tmpFileIn, $originalEnvelopeData);

var_dump(filesize($tmpFileIn) === strlen($originalEnvelopeData));

openssl_pkcs7_encrypt($tmpFileIn, $tmpFileOut, [$cert], array(), PKCS7_BINARY, OPENSSL_CIPHER_AES_128_CBC);

$tmpFileOut2 = tempnam(sys_get_temp_dir(), 'test');
openssl_pkcs7_decrypt($tmpFileOut, $tmpFileOut2, $cert, $pkey);

$envelopeData = file_get_contents($tmpFileOut2);
var_dump($originalEnvelopeData === $envelopeData); // need to be true
var_dump(strlen($originalEnvelopeData), strlen($envelopeData), filesize($tmpFileOut2));

var_dump(unpack('H*', $originalEnvelopeData)[1], unpack('H*', $envelopeData)[1]);


Expected result:
----------------
bool(true)
bool(true)
int(40)
int(40)
int(40)
string(80) "537472696e672077697468200a2077696c6c20656e6420696e206f6e652062797465206d6f72652e"
string(80) "537472696e672077697468200a2077696c6c20656e6420696e206f6e652062797465206d6f72652e"

Actual result:
--------------
bool(true)
bool(false)
int(40)
int(41)
int(41)
string(80) "537472696e672077697468200a2077696c6c20656e6420696e206f6e652062797465206d6f72652e"
string(82) "537472696e672077697468200d0a2077696c6c20656e6420696e206f6e652062797465206d6f72652e"

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-06-22 15:48 UTC] danack@php.net
-Status: Open +Status: Feedback
 [2017-06-22 15:48 UTC] danack@php.net
Hi,

I can't reproduce your issue on a Mac.

Please could you say what `ini_get("auto_detect_line_endings");` returns, and also test if setting `ini_set("auto_detect_line_endings", false);` - affects the behaviour?


The character being converted is going from 0a => 0d0a, which is \n to \r\n, which is highly suspicious.
 [2017-06-22 15:59 UTC] jan dot slabon at setasign dot com
-Status: Feedback +Status: Open
 [2017-06-22 15:59 UTC] jan dot slabon at setasign dot com
ini_get("auto_detect_line_endings") -> string(1) "0"

Setting ´ini_set("auto_detect_line_endings", false);´ at the top of the script doesn't change anything.

I just tried 0d which will not be converted to 0d0a and will work without problems.
 [2017-06-23 22:26 UTC] ab@php.net
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=b714309056cb97c52cf5d859b4ada9b8f5715b27
Log: Fix bug #74798 pkcs7_en/decrypt does not work if \x0a is used in content
 [2017-06-23 22:26 UTC] ab@php.net
-Status: Open +Status: Closed
 [2017-06-23 23:08 UTC] ab@php.net
-Assigned To: +Assigned To: ab
 [2017-06-23 23:08 UTC] ab@php.net
Jan,

thanks for the further checks. This is a follow up on bug #74720 and indeed is a trivial bug conditioned by the binary/text mode output in the upgraded OpenSSL version. There are several other places that might be affected, I would ask for further tests on ext/openssl to clean those out.

Thanks.
 [2017-06-25 09:05 UTC] jan dot slabon at setasign dot com
Hi Anatol,

I will see what we can find. These two issues had broken our test-suite and were not fixable by our own -> bug report.

Another one was that the line endings were changed from \n to \r\n. We fixed this in userland for now... should I create a bug report for this too? It's definitaley a behaviour change as all versions before used \n as a line ending.
 [2017-06-27 14:35 UTC] ab@php.net
Hi Jan,

the EOL change, as well as this issue, is what we observe after upgrading to OpenSSL 1.1. For lower branches we stick to 1.0.2, so that's the diff. Please open another ticket for the EOL issues with your current use case.

Thanks.
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sat Aug 19 14:01:35 2017 UTC