Switch default PKCS7/CMS cipher to AES-128-CBC

Switch default cipher for openssl_pkcs7_encrypt() and openssl_cms_encrypt() from RC2-40 to AES-128-CBC. The RC2-40 cipher is considered insecure and is not loaded by default in OpenSSL 3, which means that these functions will always fail with default arguments. As the used algorithm is embedded in the result (which makes this different from the openssl_encrypt() case) changing the default algorithm should be safe. Closes GH-7357.
php · Aug 16, 2021 · 7b34db0 · 7b34db0
1 parent 8755976
commit 7b34db0
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 6 deletions.
diff --git a/UPGRADING b/UPGRADING
@@ -115,6 +115,9 @@ PHP 8.1 UPGRADE NOTES
 - OpenSSL:
   . EC private keys will now be exported in PKCS#8 format rather than
     traditional format, just like all other keys.
+  . openssl_pkcs7_encrypt() and openssl_cms_encrypt() will now default to
+    using AES-128-CBC rather than RC2-40. The RC2-40 cipher is considered
+    insecure and not enabled by default in OpenSSL 3.
 
 - PDO:
   . PDO::ATTR_STRINGIFY_FETCHES now also stringifies values of type bool to
@@ -573,6 +576,9 @@ PHP 8.1 UPGRADE NOTES
 
 - OpenSSL:
   . The OpenSSL extension now requires at least OpenSSL version 1.0.2.
+  . OpenSSL 3.0 is now supported. Be aware that many ciphers are no longer
+    enabled by default (part of the legacy provider), and that parameter
+    validation (e.g. minimum key sizes) is stricter now.
 
 - Phar:
   . Use SHA256 by default for signature.

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
@@ -119,7 +119,7 @@ enum php_openssl_cipher_type {
 	PHP_OPENSSL_CIPHER_AES_192_CBC,
 	PHP_OPENSSL_CIPHER_AES_256_CBC,
 
-	PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_RC2_40
+	PHP_OPENSSL_CIPHER_DEFAULT = PHP_OPENSSL_CIPHER_AES_128_CBC
 };
 
 /* Add some encoding rules.  This is normally handled through filters

diff --git a/ext/openssl/openssl.stub.php b/ext/openssl/openssl.stub.php
@@ -120,7 +120,7 @@ function openssl_pbkdf2(string $password, string $salt, int $key_length, int $it
 function openssl_pkcs7_verify(string $input_filename, int $flags, ?string $signers_certificates_filename = null, array $ca_info = [], ?string $untrusted_certificates_filename = null, ?string $content = null, ?string $output_filename = null): bool|int {}
 
 /** @param OpenSSLCertificate|array|string $certificate */
-function openssl_pkcs7_encrypt(string $input_filename, string $output_filename, $certificate, ?array $headers, int $flags = 0, int $cipher_algo = OPENSSL_CIPHER_RC2_40): bool {}
+function openssl_pkcs7_encrypt(string $input_filename, string $output_filename, $certificate, ?array $headers, int $flags = 0, int $cipher_algo = OPENSSL_CIPHER_AES_128_CBC): bool {}
 
 /** @param OpenSSLAsymmetricKey|OpenSSLCertificate|array|string $private_key */
 function openssl_pkcs7_sign(string $input_filename, string $output_filename, OpenSSLCertificate|string $certificate, $private_key, ?array $headers, int $flags = PKCS7_DETACHED, ?string $untrusted_certificates_filename = null): bool {}
@@ -137,7 +137,7 @@ function openssl_pkcs7_read(string $data, &$certificates): bool {}
 function openssl_cms_verify(string $input_filename, int $flags = 0, ?string $certificates = null, array $ca_info = [], ?string $untrusted_certificates_filename = null, ?string $content = null, ?string $pk7 = null, ?string $sigfile = null, int $encoding = OPENSSL_ENCODING_SMIME): bool {}
 
 /** @param OpenSSLCertificate|array|string $certificate */
-function openssl_cms_encrypt(string $input_filename, string $output_filename, $certificate, ?array $headers, int $flags = 0, int $encoding = OPENSSL_ENCODING_SMIME, int $cipher_algo = OPENSSL_CIPHER_RC2_40): bool {}
+function openssl_cms_encrypt(string $input_filename, string $output_filename, $certificate, ?array $headers, int $flags = 0, int $encoding = OPENSSL_ENCODING_SMIME, int $cipher_algo = OPENSSL_CIPHER_AES_128_CBC): bool {}
 
 /** @param OpenSSLAsymmetricKey|OpenSSLCertificate|array|string $private_key */
 function openssl_cms_sign(string $input_filename, string $output_filename, OpenSSLCertificate|string $certificate, $private_key, ?array $headers, int $flags = 0, int $encoding = OPENSSL_ENCODING_SMIME, ?string $untrusted_certificates_filename = null): bool {}

diff --git a/ext/openssl/openssl_arginfo.h b/ext/openssl/openssl_arginfo.h
@@ -1,5 +1,5 @@
 /* This is a generated file, edit the .stub.php file instead.
- * Stub hash: 1eac784acca52fab0a38852b18503b072f780ff4 */
+ * Stub hash: b0d7811060ba2499a0c2908aad8ab160cd604043 */
 
 ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_openssl_x509_export_to_file, 0, 2, _IS_BOOL, 0)
 	ZEND_ARG_OBJ_TYPE_MASK(0, certificate, OpenSSLCertificate, MAY_BE_STRING, NULL)
@@ -174,7 +174,7 @@ ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_openssl_pkcs7_encrypt, 0, 4, _IS
 	ZEND_ARG_INFO(0, certificate)
 	ZEND_ARG_TYPE_INFO(0, headers, IS_ARRAY, 1)
 	ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, flags, IS_LONG, 0, "0")
-	ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, cipher_algo, IS_LONG, 0, "OPENSSL_CIPHER_RC2_40")
+	ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, cipher_algo, IS_LONG, 0, "OPENSSL_CIPHER_AES_128_CBC")
 ZEND_END_ARG_INFO()
 
 ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_openssl_pkcs7_sign, 0, 5, _IS_BOOL, 0)
@@ -218,7 +218,7 @@ ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_openssl_cms_encrypt, 0, 4, _IS_B
 	ZEND_ARG_TYPE_INFO(0, headers, IS_ARRAY, 1)
 	ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, flags, IS_LONG, 0, "0")
 	ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, encoding, IS_LONG, 0, "OPENSSL_ENCODING_SMIME")
-	ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, cipher_algo, IS_LONG, 0, "OPENSSL_CIPHER_RC2_40")
+	ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE(0, cipher_algo, IS_LONG, 0, "OPENSSL_CIPHER_AES_128_CBC")
 ZEND_END_ARG_INFO()
 
 ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX(arginfo_openssl_cms_sign, 0, 5, _IS_BOOL, 0)