php · bukka · Aug 18, 2022
@@ -7600,44 +7600,76 @@ PHP_FUNCTION(openssl_decrypt)
 }
 /* }}} */
 
-PHP_OPENSSL_API zend_long php_openssl_cipher_iv_length(const char *method)
+static inline const EVP_CIPHER *php_openssl_get_evp_cipher_by_name(const char *method)
 {
 	const EVP_CIPHER *cipher_type;
 
 	cipher_type = EVP_get_cipherbyname(method);
 	if (!cipher_type) {
 		php_error_docref(NULL, E_WARNING, "Unknown cipher algorithm");
-		return -1;
+		return NULL;
 	}
 
-	return EVP_CIPHER_iv_length(cipher_type);
+	return cipher_type;
+}
+
+PHP_OPENSSL_API zend_long php_openssl_cipher_iv_length(const char *method)
+{
+	const EVP_CIPHER *cipher_type = php_openssl_get_evp_cipher_by_name(method);
+
+	return cipher_type == NULL ? -1 : EVP_CIPHER_iv_length(cipher_type);
 }
 
-/* {{{ */
 PHP_FUNCTION(openssl_cipher_iv_length)
 {
-	char *method;
-	size_t method_len;
+	zend_string *method;
 	zend_long ret;
 
-	if (zend_parse_parameters(ZEND_NUM_ARGS(), "s", &method, &method_len) == FAILURE) {
+	if (zend_parse_parameters(ZEND_NUM_ARGS(), "S", &method) == FAILURE) {
 		RETURN_THROWS();
 	}
 
-	if (!method_len) {
+	if (ZSTR_LEN(method) == 0) {
 		zend_argument_value_error(1, "cannot be empty");
 		RETURN_THROWS();
 	}
 
 	/* Warning is emitted in php_openssl_cipher_iv_length */
-	if ((ret = php_openssl_cipher_iv_length(method)) == -1) {
+	if ((ret = php_openssl_cipher_iv_length(ZSTR_VAL(method))) == -1) {
 		RETURN_FALSE;
 	}
 
 	RETURN_LONG(ret);
 }
-/* }}} */
 
+PHP_OPENSSL_API zend_long php_openssl_cipher_key_length(const char *method)
+{
+	const EVP_CIPHER *cipher_type = php_openssl_get_evp_cipher_by_name(method);
+
+	return cipher_type == NULL ? -1 : EVP_CIPHER_key_length(cipher_type);
+}
+
+PHP_FUNCTION(openssl_cipher_key_length)
+{
+	zend_string *method;
+	zend_long ret;
+
+	if (zend_parse_parameters(ZEND_NUM_ARGS(), "S", &method) == FAILURE) {
+		RETURN_THROWS();
+	}
+
+	if (ZSTR_LEN(method) == 0) {
+		zend_argument_value_error(1, "cannot be empty");
+		RETURN_THROWS();
+	}
+
+	/* Warning is emitted in php_openssl_cipher_key_length */
+	if ((ret = php_openssl_cipher_key_length(ZSTR_VAL(method))) == -1) {
+		RETURN_FALSE;
+	}
+
+	RETURN_LONG(ret);
+}
 
 PHP_OPENSSL_API zend_string* php_openssl_random_pseudo_bytes(zend_long buffer_length)
 {

@@ -610,6 +610,8 @@ function openssl_decrypt(string $data, string $cipher_algo, #[\SensitiveParamete
 
 function openssl_cipher_iv_length(string $cipher_algo): int|false {}
 
+function openssl_cipher_key_length(string $cipher_algo): int|false {}
+
 function openssl_dh_compute_key(string $public_key, #[\SensitiveParameter] OpenSSLAsymmetricKey $private_key): string|false {}
 
 /**

@@ -93,6 +93,7 @@ php_stream_transport_factory_func php_openssl_ssl_socket_factory;
 void php_openssl_store_errors(void);
 
 PHP_OPENSSL_API zend_long php_openssl_cipher_iv_length(const char *method);
+PHP_OPENSSL_API zend_long php_openssl_cipher_key_length(const char *method);
 PHP_OPENSSL_API zend_string* php_openssl_random_pseudo_bytes(zend_long length);
 PHP_OPENSSL_API zend_string* php_openssl_encrypt(
 	const char *data, size_t data_len,

@@ -0,0 +1,12 @@
+--TEST--
+openssl_cipher_iv_length() basic test
+--EXTENSIONS--
+openssl
+--FILE--
+<?php
+
+var_dump(openssl_cipher_iv_length('AES-128-CBC'));
+
+?>
+--EXPECT--
+int(16)
@@ -0,0 +1,21 @@
+--TEST--
+openssl_cipher_iv_length() error test
+--EXTENSIONS--
+openssl
+--FILE--
+<?php
+
+var_dump(openssl_cipher_iv_length('unknown'));
+
+try {
+    var_dump(openssl_cipher_iv_length(''));
+} catch (ValueError $e) {
+    echo $e->getMessage() . "\n";
+}
+
+?>
+--EXPECTF--
+
+Warning: openssl_cipher_iv_length(): Unknown cipher algorithm in %s on line %d
+bool(false)
+openssl_cipher_iv_length(): Argument #1 ($cipher_algo) cannot be empty
@@ -0,0 +1,14 @@
+--TEST--
+openssl_cipher_key_length() basic test
+--EXTENSIONS--
+openssl
+--FILE--
+<?php
+
+var_dump(openssl_cipher_key_length('AES-128-CBC'));
+var_dump(openssl_cipher_key_length('AES-256-CBC'));
+
+?>
+--EXPECT--
+int(16)
+int(32)
@@ -0,0 +1,21 @@
+--TEST--
+openssl_cipher_key_length() error test
+--EXTENSIONS--
+openssl
+--FILE--
+<?php
+
+var_dump(openssl_cipher_key_length('unknown'));
+
+try {
+    var_dump(openssl_cipher_key_length(''));
+} catch (ValueError $e) {
+    echo $e->getMessage() . "\n";
+}
+
+?>
+--EXPECTF--
+
+Warning: openssl_cipher_key_length(): Unknown cipher algorithm in %s on line %d
+bool(false)
+openssl_cipher_key_length(): Argument #1 ($cipher_algo) cannot be empty
-Original file line number
+Diff line change
@@ Expand Up @@
     function openssl_cipher_iv_length(string $cipher_algo): int|false {}
+    function openssl_cipher_key_length(string $cipher_algo): int|false {}
     function openssl_dh_compute_key(string $public_key, #[\SensitiveParameter] OpenSSLAsymmetricKey $private_key): string|false {}
     /**
@@ Expand Down @@