php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #78444 openssl_pkey_new generates OpenSSL errors with OpenSSL 1.1.1
Submitted: 2019-08-22 14:38 UTC Modified: 2019-10-20 16:54 UTC
From: jmaguire at duo dot com Assigned:
Status: Open Package: OpenSSL related
PHP Version: 7.3.8 OS: Linux/Windows
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: jmaguire at duo dot com
New email:
PHP Version: OS:

 

 [2019-08-22 14:38 UTC] jmaguire at duo dot com
Description:
------------
If a .rnd file does not exist in the user's directory, openssl_pkey_new will generate an error: error:2406F079:random number generator:RAND_load_file:Cannot open file

The .rnd file will be created, and the operation appears to work, but this causes issues when trying to detect errors in the OpenSSL pkey creation.

Subsequent calls to openssl_pkey_new succeed, as the .rnd file is created successfully.

It seems that running, e.g. `openssl genrsa -des3 -out private.pem 2048` at the command line does not create or need this .rnd file anymore.

Test script:
---------------
<?php

unlink(getenv('HOME') . '/.rnd');
openssl_pkey_new();

while ($err = openssl_error_string()) {
  echo $err . PHP_EOL;
}

Expected result:
----------------
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value


Actual result:
--------------
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:0E06D06C:configuration file routines:NCONF_get_string:no value
error:2406F079:random number generator:RAND_load_file:Cannot open file


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2019-08-22 14:45 UTC] jmaguire at duo dot com
Looking at the code around here, I find it surprising that neither the return value nor the value of seeded are checked after calling php_openssl_load_rand_file(): https://github.com/php/php-src/blob/31d7f9763b4825e667eb34437f2bd7fbef5067e6/ext/openssl/openssl.c#L3964-L3968

Has the RNG been seeded in this case?
 [2019-08-22 16:20 UTC] jmaguire at duo dot com
I appears that OpenSSL 1.1.1 adds an error to the error queue when calling RAND_load_file when the file does not exist, while OpenSSL 1.02 does not.

https://gist.github.com/JohnMaguire/d905b3b645c610457e541d27e2462a1d
 [2019-08-22 17:15 UTC] jmaguire at duo dot com
I think the preferred resolution would be to not use the RANDFILE at all...
 [2019-10-20 16:54 UTC] bukka@php.net
Yeah I guess it probably doesn't make much sense to use RAND_load_file as PHP is not usually run on the low entropy systems. I guess we could also use stat but I don't see this as a big priority to be honest. The error strings from OpenSSL are not part of BC and one shouldn't really relay on their order when updating OpenSSL.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Thu Dec 05 14:01:23 2019 UTC