This commit adds a seventh parameter to both two OpenSSL functions:
* openssl_seal(): The new parameter is by-ref and is populated with the computed tag.
* openssl_open(): The new parameter is by-value to provide the computed tag.
Closes GH-7737
The allows cipher_algo to be specified as a string. It means the not
only predefined ID ciphers are available which means that also auth
enveloped data can be created using AES GCM.
Closes GH-19459
This adds PKCS7_NOSMIMECAP, PKCS7_CRLFEOL, PKCS7_NOCRL and
PKCS7_NO_DUAL_CONTENT constants. They might be potentially useful
in some scenarious.
Test is not added as it is not clear if there is much need for those and
it would require much bigger effort just to test OpenSSL functionality.
Closes GH-19450
Specifically, it is added to openssl_public_encrypt() and
openssl_private_decrypt() functions. The purpose is to specify digest
algorithm for OEAP padding. It currently defaults to SHA1 for some
OpenSSL versions which is not preferred for modern setup and causes
problems in compatibility with web crypto.
Closes GH-19223
For openssl_pkey_get_details we export the priv+pub parameters.
ED25519/ED448 do not support streaming, so we need to use
EVP_Digest{Sign,Verify} instead. In general the older EVP_{Sign,Verify}
interface should be avoided as the key is passed very late.
See BUGS section in OpenSSL manpages of EVP_{Sign,Verify}Final
Additionally per requirement we need to allow sign/verify without
digest. So we need to allow passing 0 as digest. In OpenSSL 3.0+ this also
corresponds to the default digest (see EVP_PKEY_get_default_digest_name).
For CSR creation we need to allow "null" as digest_alg option.
Closes GH-14052
This function works in exactly the same way as openssl_cipher_iv_length
but for a key length. This is especially useful to make sure that the
right key length is provided to openssl_encrypt and openssl_decrypt.
In addtion the change also updates implementation of
openssl_cipher_iv_length and adds a test for it.
Allow $tag to be null. This is the value that openssl_encrypt()
sets it to for non-AEAD ciphers, so we should also accept this
as an input to openssl_decrypt().
Prior to PHP 8.1, null was accepted in weak mode due to the special
treatment of null arguments to internal functions.
Switch default cipher for openssl_pkcs7_encrypt() and
openssl_cms_encrypt() from RC2-40 to AES-128-CBC.
The RC2-40 cipher is considered insecure and is not loaded by
default in OpenSSL 3, which means that these functions will
always fail with default arguments.
As the used algorithm is embedded in the result (which makes this
different from the openssl_encrypt() case) changing the default
algorithm should be safe.
Closes GH-7357.
RC4 is considered insecure, and it's not possible to change the
default of these functions. As such, require the method to be
passed explicitly.
Closes GH-6093.
It add CMS (RFC 5652) support, which is an update to PKCS7. The functions
are analogous BUT NOT IDENTICAL to openssl_pkcs7*. In particular, support for
different encodings (PEM, DER, SMIME) is now available.
Jordi Kroon