remicollet
commented
1 year ago testGetFormattedDate, testGetPdfEncryptionObjTwo, testEncrypt128 and testEncrypt40 failures are new with v2
Closed remicollet closed 1 year ago
remicollet
commented
1 year ago testGetFormattedDate, testGetPdfEncryptionObjTwo, testEncrypt128 and testEncrypt40 failures are new with v2
nicolaasuni
commented
1 year ago @remicollet Thank you for reporting this. It looks like this is a specific issue with PHP 8.3.0? Isn't PHP 8.3 still experimental? I don't see it listed at: https://www.php.net/supported-versions.php
Tests with OpenSSL 3 and PHP 8.0, 8.1 and 8.2 are working fine. See https://github.com/tecnickcom/tc-lib-pdf-encrypt/actions/runs/6907337969.
Could it be the openssl module in your PHP 8.3 version is not installed correctly or missing cyphers? Or it is a bug or breaking change?
nicolaasuni
commented
1 year ago The test for PHP 8.3 is passing without issues: https://github.com/tecnickcom/tc-lib-pdf-encrypt/actions/runs/7017202136/job/19090012338
remicollet
commented
1 year ago Could it be the openssl module in your PHP 8.3 version is not installed correctly or missing cyphers? Or it is a bug or breaking change?
In linux distribution, old legacy cyphers are disabled as unsecure crypto policy allow to enable some old (LEGACY), of disable even more (FUTURE) but even with "LEGACY" config, test are failing
$ php -r 'print_r(openssl_get_cipher_methods());'
Array
(
[0] => aes-128-cbc
[1] => aes-128-cbc-cts
[2] => aes-128-cbc-hmac-sha1
[3] => aes-128-cbc-hmac-sha256
[4] => aes-128-ccm
[5] => aes-128-cfb
[6] => aes-128-cfb1
[7] => aes-128-cfb8
[8] => aes-128-ctr
[9] => aes-128-ecb
[10] => aes-128-gcm
[11] => aes-128-ocb
[12] => aes-128-ofb
[13] => aes-128-siv
[14] => aes-128-wrap
[15] => aes-128-wrap-inv
[16] => aes-128-wrap-pad
[17] => aes-128-wrap-pad-inv
[18] => aes-128-xts
[19] => aes-192-cbc
[20] => aes-192-cbc-cts
[21] => aes-192-ccm
[22] => aes-192-cfb
[23] => aes-192-cfb1
[24] => aes-192-cfb8
[25] => aes-192-ctr
[26] => aes-192-ecb
[27] => aes-192-gcm
[28] => aes-192-ocb
[29] => aes-192-ofb
[30] => aes-192-siv
[31] => aes-192-wrap
[32] => aes-192-wrap-inv
[33] => aes-192-wrap-pad
[34] => aes-192-wrap-pad-inv
[35] => aes-256-cbc
[36] => aes-256-cbc-cts
[37] => aes-256-cbc-hmac-sha1
[38] => aes-256-cbc-hmac-sha256
[39] => aes-256-ccm
[40] => aes-256-cfb
[41] => aes-256-cfb1
[42] => aes-256-cfb8
[43] => aes-256-ctr
[44] => aes-256-ecb
[45] => aes-256-gcm
[46] => aes-256-ocb
[47] => aes-256-ofb
[48] => aes-256-siv
[49] => aes-256-wrap
[50] => aes-256-wrap-inv
[51] => aes-256-wrap-pad
[52] => aes-256-wrap-pad-inv
[53] => aes-256-xts
[54] => aria-128-cbc
[55] => aria-128-ccm
[56] => aria-128-cfb
[57] => aria-128-cfb1
[58] => aria-128-cfb8
[59] => aria-128-ctr
[60] => aria-128-ecb
[61] => aria-128-gcm
[62] => aria-128-ofb
[63] => aria-192-cbc
[64] => aria-192-ccm
[65] => aria-192-cfb
[66] => aria-192-cfb1
[67] => aria-192-cfb8
[68] => aria-192-ctr
[69] => aria-192-ecb
[70] => aria-192-gcm
[71] => aria-192-ofb
[72] => aria-256-cbc
[73] => aria-256-ccm
[74] => aria-256-cfb
[75] => aria-256-cfb1
[76] => aria-256-cfb8
[77] => aria-256-ctr
[78] => aria-256-ecb
[79] => aria-256-gcm
[80] => aria-256-ofb
[81] => camellia-128-cbc
[82] => camellia-128-cbc-cts
[83] => camellia-128-cfb
[84] => camellia-128-cfb1
[85] => camellia-128-cfb8
[86] => camellia-128-ctr
[87] => camellia-128-ecb
[88] => camellia-128-ofb
[89] => camellia-192-cbc
[90] => camellia-192-cbc-cts
[91] => camellia-192-cfb
[92] => camellia-192-cfb1
[93] => camellia-192-cfb8
[94] => camellia-192-ctr
[95] => camellia-192-ecb
[96] => camellia-192-ofb
[97] => camellia-256-cbc
[98] => camellia-256-cbc-cts
[99] => camellia-256-cfb
[100] => camellia-256-cfb1
[101] => camellia-256-cfb8
[102] => camellia-256-ctr
[103] => camellia-256-ecb
[104] => camellia-256-ofb
[105] => chacha20
[106] => chacha20-poly1305
[107] => des-ede-cbc
[108] => des-ede-cfb
[109] => des-ede-ecb
[110] => des-ede-ofb
[111] => des-ede3-cbc
[112] => des-ede3-cfb
[113] => des-ede3-cfb1
[114] => des-ede3-cfb8
[115] => des-ede3-ecb
[116] => des-ede3-ofb
[117] => des3-wrap
[118] => null
)
And this is not related with PHP 8.3, same failure with all versions (8.1, 8.2...)
remicollet
commented
1 year ago Example of openssl config
LEGACY: SECLEVEL=1:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:kRSAPSK:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8
CURRENT: @SECLEVEL=2:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:kRSAPSK:-aDSS:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8
FUTURE: @SECLEVEL=3:kEECDH:kEDH:kPSK:kDHEPSK:kECDHEPSK:-kRSAPSK:-kRSA:-aDSS:-AES128:-SHA256:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:-SHA1:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8
nicolaasuni
commented
1 year ago Does his means the default OPENSSL 3 configuration in the Ubuntu 22.04 images used by GitHub are set to allow ALL legacy cyphers?
remicollet
commented
1 year ago I know nothing (and don't want to) about Ubuntu (and CI is not a real distro)
remicollet
commented
1 year ago It is possible to enable old legacy providers in the configuration
...
# Uncomment the sections that start with ## below to enable the legacy provider.
# Loading the legacy provider enables support for the following algorithms:
# Hashing Algorithms / Message Digests: MD2, MD4, MDC2, WHIRLPOOL, RIPEMD160
# Symmetric Ciphers: Blowfish, CAST, DES, IDEA, RC2, RC4,RC5, SEED
# Key Derivation Function (KDF): PBKDF1
# In general it is not recommended to use the above mentioned algorithms for
# security critical operations, as they are cryptographically weak or vulnerable
# to side-channel attacks and as such have been deprecated.
[provider_sect]
default = default_sect
##legacy = legacy_sect
##
[default_sect]
activate = 1
##[legacy_sect]
##activate = 1
...So
$ php -r 'print_r(openssl_get_cipher_methods(true));' | grep -i rc4
$ OPENSSL_CONF=$PWD/openssl.cnf php -r 'print_r(openssl_get_cipher_methods(true));' | grep -i rc4
[273] => rc4
[274] => rc4-40
[275] => rc4-hmac-md5BTW this sounds terrible for security
I really think, missing cypher should be detected at runtime
} elseif (! in_array($mode, ['RC4', 'RC4-40'])) {
throw new EncException('unknown chipher: ' . $mode);
+ } elseif (! in_array(strtolower($mode), openssl_get_cipher_methods())) {
+ throw new EncException('unavailable chipher: ' . $mode);
}And of course handle in test suite to skip related tests
remicollet
commented
1 year ago Another way is to stop using insecure RC4 methods, at least deprecate them
nicolaasuni
commented
1 year ago I will investigate this further and try to put a fix in place. Thank you very much for your help.
nicolaasuni
commented
1 year ago I believe this is now fixed in https://github.com/tecnickcom/tc-lib-pdf-encrypt/tree/2.1.1 I provided an alternative RC4 implementation in case the openSSL one is not available. @remicollet Can you please check on your side so I can close this?
remicollet
commented
1 year ago I confirm, test suite passes for 2.1.1
BTW providing RC4 is encouraging usage of deprecated and unsecure thing
Version 2.0.7 Using OpenSSL 3.1.1 Even with crypto policies set to "legacy"