openssl_cipher_iv_length and FreeBSD

[wtps0n]

I'm a port maintainer of phpldapadmin at FreeBSD ports collection. After last update (1.2.6.5) I'm not able to login because of error:
E_WARNING: openssl_encrypt(): Setting of IV length for AEAD mode failed.

Well, on FreeBSD there is openssl 1.1.1 as default so last changes of lib/functions.php are not compatible with openssl 1.1.1t

I've found that there is new variable SESSION_CIPHER which is setup to new algoritms.

I think that this variable should be defined via configfile or maybe should be checked with 'openssl version'. It could be set as aes-256-gcm as default if user would not set it's value in config file.

I don't know yet which way is better :-)

Please remember that modyfing lib/functions.php manually I will lost changes during upgrade.

I can make a patch which, but I think it is good idea to choose in which way SESSION_CIPHER should be defined.

Or maybe you have better ideas?

[wtps0n]

I've found disscusion on Stack Overflow about openssl_encrypt:
https://stackoverflow.com/questions/52477247/trying-to-decrypt-with-aes-256-gcm-with-php

Maybe this URL will be helpful?
https://www.php.net/manual/en/function.openssl-encrypt.php

[nick-oconnor]

Same issue here with v1.2.6.5 containerized with php:8.1-apache.

[vpushkar]

What is your fix @wtps0n?

[wtps0n]

Well, I have no fix yet :-)

I have no unix box with openssl 3.x availabe so I don't know how to write checking 'openssl version' inside php (which number version will be returned).

So maybe it is much easier to define (pseudo code) config->session_cipher = ''. And inside lib/functions php set SESSION_CIPHER to aes-256-gcm as default or seeting from config.

If it is good, I will try to make patch till the end of week.

[vpushkar]

I made it work:

--- functions.php.bak   2023-03-01 12:14:14.142130000 +0200
+++ functions.php       2023-03-01 23:40:49.134927000 +0200
@@ -793,8 +793,10 @@
                return $data;

        if (! empty($data) && function_exists('openssl_encrypt') && in_array(SESSION_CIPHER, openssl_get_cipher_methods())) {
+               $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length(SESSION_CIPHER));
                $keylen = openssl_cipher_iv_length(SESSION_CIPHER) * 2;
-               return openssl_encrypt($data, SESSION_CIPHER, substr($secret,0,$keylen));
+               $encrypted = openssl_encrypt($data, SESSION_CIPHER, substr($secret,0,$keylen), $options=0, $iv, $tag);
+               return base64_encode($encrypted . '::' . $iv . '::' . $tag);
        }

        if (function_exists('mcrypt_module_open') && ! empty($data)) {
@@ -855,7 +857,8 @@

        if (! empty($encdata) && function_exists('openssl_encrypt') && in_array(SESSION_CIPHER, openssl_get_cipher_methods())) {
                $keylen = openssl_cipher_iv_length(SESSION_CIPHER) * 2;
-               return trim(openssl_decrypt($encdata, SESSION_CIPHER, substr($secret,0,$keylen)));
+               list($encryptedData, $iv, $tag) = explode('::', base64_decode($encdata), 3);
+               return trim(openssl_decrypt($encryptedData, SESSION_CIPHER, substr($secret,0,$keylen), $options=0, $iv, $tag));
        }

        if (function_exists('mcrypt_module_open') && ! empty($encdata)) {

[wtps0n]

Great work. Yes it is working with Openssl 1.1.1. I've just checked it. Thank you very much.

[el-piewie]

works with SLES 12SP5 (openssl-1.0.2p), too.
@vpushkar Thank you for the patch.

[vpushkar]

@wtps0n one more fix for php 8.1 is in #193

[brenard]

The @vpushkar solution works great. @leenooks do you need a PR for that?

[williamdes]

The @vpushkar solution works great. @leenooks do you need a PR for that?

Please open a PR for this.
You can see my patch for Debian on https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033163 (Fix-openssl-3-cipher-name-PHP-8.patch)

[leenooks]

Thanks @vpushkar fixed with 85f8c61.