@@ -6137,10 +6137,6 @@ PHP_FUNCTION(openssl_cms_decrypt)
6137
6137
PHP_FUNCTION (openssl_private_encrypt )
6138
6138
{
6139
6139
zval * key , * crypted ;
6140
- EVP_PKEY * pkey ;
6141
- int cryptedlen ;
6142
- zend_string * cryptedbuf = NULL ;
6143
- int successful = 0 ;
6144
6140
char * data ;
6145
6141
size_t data_len ;
6146
6142
zend_long padding = RSA_PKCS1_PADDING ;
@@ -6149,46 +6145,39 @@ PHP_FUNCTION(openssl_private_encrypt)
6149
6145
RETURN_THROWS ();
6150
6146
}
6151
6147
6152
- PHP_OPENSSL_CHECK_SIZE_T_TO_INT (data_len , data , 1 );
6153
-
6154
- RETVAL_FALSE ;
6155
-
6156
- pkey = php_openssl_pkey_from_zval (key , 0 , "" , 0 );
6157
-
6148
+ EVP_PKEY * pkey = php_openssl_pkey_from_zval (key , 0 , "" , 0 );
6158
6149
if (pkey == NULL ) {
6159
6150
if (!EG (exception )) {
6160
6151
php_error_docref (NULL , E_WARNING , "key param is not a valid private key" );
6161
6152
}
6162
6153
RETURN_FALSE ;
6163
6154
}
6164
6155
6165
- cryptedlen = EVP_PKEY_size (pkey );
6166
- cryptedbuf = zend_string_alloc (cryptedlen , 0 );
6167
-
6168
- switch (EVP_PKEY_id (pkey )) {
6169
- case EVP_PKEY_RSA :
6170
- case EVP_PKEY_RSA2 :
6171
- successful = (RSA_private_encrypt ((int )data_len ,
6172
- (unsigned char * )data ,
6173
- (unsigned char * )ZSTR_VAL (cryptedbuf ),
6174
- EVP_PKEY_get0_RSA (pkey ),
6175
- (int )padding ) == cryptedlen );
6176
- break ;
6177
- default :
6178
- php_error_docref (NULL , E_WARNING , "key type not supported in this PHP build!" );
6156
+ size_t out_len = 0 ;
6157
+ EVP_PKEY_CTX * ctx = EVP_PKEY_CTX_new (pkey , NULL );
6158
+ if (!ctx || EVP_PKEY_sign_init (ctx ) <= 0 ||
6159
+ EVP_PKEY_CTX_set_rsa_padding (ctx , padding ) <= 0 ||
6160
+ EVP_PKEY_sign (ctx , NULL , & out_len , (unsigned char * ) data , data_len ) <= 0 ) {
6161
+ php_openssl_store_errors ();
6162
+ RETVAL_FALSE ;
6163
+ goto cleanup ;
6179
6164
}
6180
6165
6181
- if (successful ) {
6182
- ZSTR_VAL (cryptedbuf )[cryptedlen ] = '\0' ;
6183
- ZEND_TRY_ASSIGN_REF_NEW_STR (crypted , cryptedbuf );
6184
- cryptedbuf = NULL ;
6185
- RETVAL_TRUE ;
6186
- } else {
6166
+ zend_string * out = zend_string_alloc (out_len , 0 );
6167
+ if (EVP_PKEY_sign (ctx , (unsigned char * ) ZSTR_VAL (out ), & out_len ,
6168
+ (unsigned char * ) data , data_len ) <= 0 ) {
6169
+ zend_string_release (out );
6187
6170
php_openssl_store_errors ();
6171
+ RETVAL_FALSE ;
6172
+ goto cleanup ;
6188
6173
}
6189
- if (cryptedbuf ) {
6190
- zend_string_release_ex (cryptedbuf , 0 );
6191
- }
6174
+
6175
+ ZSTR_VAL (out )[out_len ] = '\0' ;
6176
+ ZEND_TRY_ASSIGN_REF_NEW_STR (crypted , out );
6177
+ RETVAL_TRUE ;
6178
+
6179
+ cleanup :
6180
+ EVP_PKEY_CTX_free (ctx );
6192
6181
EVP_PKEY_free (pkey );
6193
6182
}
6194
6183
/* }}} */
@@ -6296,11 +6285,6 @@ PHP_FUNCTION(openssl_public_encrypt)
6296
6285
PHP_FUNCTION (openssl_public_decrypt )
6297
6286
{
6298
6287
zval * key , * crypted ;
6299
- EVP_PKEY * pkey ;
6300
- int cryptedlen ;
6301
- zend_string * cryptedbuf = NULL ;
6302
- unsigned char * crypttemp ;
6303
- int successful = 0 ;
6304
6288
zend_long padding = RSA_PKCS1_PADDING ;
6305
6289
char * data ;
6306
6290
size_t data_len ;
@@ -6309,55 +6293,40 @@ PHP_FUNCTION(openssl_public_decrypt)
6309
6293
RETURN_THROWS ();
6310
6294
}
6311
6295
6312
- PHP_OPENSSL_CHECK_SIZE_T_TO_INT (data_len , data , 1 );
6313
-
6314
- RETVAL_FALSE ;
6315
-
6316
- pkey = php_openssl_pkey_from_zval (key , 1 , NULL , 0 );
6296
+ EVP_PKEY * pkey = php_openssl_pkey_from_zval (key , 1 , NULL , 0 );
6317
6297
if (pkey == NULL ) {
6318
6298
if (!EG (exception )) {
6319
6299
php_error_docref (NULL , E_WARNING , "key parameter is not a valid public key" );
6320
6300
}
6321
6301
RETURN_FALSE ;
6322
6302
}
6323
6303
6324
- cryptedlen = EVP_PKEY_size (pkey );
6325
- crypttemp = emalloc (cryptedlen + 1 );
6326
-
6327
- switch (EVP_PKEY_id (pkey )) {
6328
- case EVP_PKEY_RSA :
6329
- case EVP_PKEY_RSA2 :
6330
- cryptedlen = RSA_public_decrypt ((int )data_len ,
6331
- (unsigned char * )data ,
6332
- crypttemp ,
6333
- EVP_PKEY_get0_RSA (pkey ),
6334
- (int )padding );
6335
- if (cryptedlen != -1 ) {
6336
- cryptedbuf = zend_string_alloc (cryptedlen , 0 );
6337
- memcpy (ZSTR_VAL (cryptedbuf ), crypttemp , cryptedlen );
6338
- successful = 1 ;
6339
- }
6340
- break ;
6341
-
6342
- default :
6343
- php_error_docref (NULL , E_WARNING , "key type not supported in this PHP build!" );
6344
-
6304
+ size_t out_len = 0 ;
6305
+ EVP_PKEY_CTX * ctx = EVP_PKEY_CTX_new (pkey , NULL );
6306
+ if (!ctx || EVP_PKEY_verify_recover_init (ctx ) <= 0 ||
6307
+ EVP_PKEY_CTX_set_rsa_padding (ctx , padding ) <= 0 ||
6308
+ EVP_PKEY_verify_recover (ctx , NULL , & out_len , (unsigned char * ) data , data_len ) <= 0 ) {
6309
+ php_openssl_store_errors ();
6310
+ RETVAL_FALSE ;
6311
+ goto cleanup ;
6345
6312
}
6346
6313
6347
- efree (crypttemp );
6348
-
6349
- if (successful ) {
6350
- ZSTR_VAL (cryptedbuf )[cryptedlen ] = '\0' ;
6351
- ZEND_TRY_ASSIGN_REF_NEW_STR (crypted , cryptedbuf );
6352
- cryptedbuf = NULL ;
6353
- RETVAL_TRUE ;
6354
- } else {
6314
+ zend_string * out = zend_string_alloc (out_len , 0 );
6315
+ if (EVP_PKEY_verify_recover (ctx , (unsigned char * ) ZSTR_VAL (out ), & out_len ,
6316
+ (unsigned char * ) data , data_len ) <= 0 ) {
6317
+ zend_string_release (out );
6355
6318
php_openssl_store_errors ();
6319
+ RETVAL_FALSE ;
6320
+ goto cleanup ;
6356
6321
}
6357
6322
6358
- if (cryptedbuf ) {
6359
- zend_string_release_ex (cryptedbuf , 0 );
6360
- }
6323
+ out = zend_string_truncate (out , out_len , 0 );
6324
+ ZSTR_VAL (out )[out_len ] = '\0' ;
6325
+ ZEND_TRY_ASSIGN_REF_NEW_STR (crypted , out );
6326
+ RETVAL_TRUE ;
6327
+
6328
+ cleanup :
6329
+ EVP_PKEY_CTX_free (ctx );
6361
6330
EVP_PKEY_free (pkey );
6362
6331
}
6363
6332
/* }}} */
0 commit comments