PHP openssl_pkcs7_* needs files, security issue

Question

I want to use these openssl_pkcs7_* functions to verify, sign, encrypt and decrypt mails. I realized that these functions only accept filenames for the "keyfile", the certificate or the "mail" itself.

Imho thats a big security issue since there could be issues causing temporary files created for these files not being deleted. In that case, system operators, e.g. could read the encrypted message because its somewhere in the filesystem temporarily.

Now, I just want you guys to ask if any of you has an idea how I could "fake" a file on linux. e.g. using some /dev/ device like /dev/stdin or something like that. Any idea? Would be awesome.

These "files" should be read- and writable by "www-data".

Hope you guys have some amazing ideas for me.

With best regards, Max

EDIT: "tmpfile" is a physically located file, there is no 100% guarantee of deletion tho.

EDIT2: Well, I am actually thinking about creating a socket (AF_UNIX and a socket-File) and let openssl write to it since its executed from the same process. But I dont get this to work, any suggestions?

Answer 1

I want to use these openssl_pkcs7_* functions to verify, sign, encrypt and decrypt mails.

The problem seems to be the choice of PHP's functions (or PHP's OpenSSL offerings). Perhaps you should use something else, like a library that provides what you need.

---

Here's what is really available from OpenSSL. From PKCS7_encrypt(3):

PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags);

You use a BIO for the in-data, and that can be a memory BIO. There's no reason to write a disk file.

You have similar for PKCS7_decrypt(3):

int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);

Now, for the keys. The keys can be read (and written) using BIOs too. That means they can use a memory bio. But I'm not sure how useful that would be since the keys have to be stored somewhere.

For the reference, see pem(3). There's almost too many functions to list:

PEM, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE

---

If you find something that offers more of OpenSSL, you might look into the CMS_* functions, too. They are easy to work with, too.

You can see examples of how to use them in <openssl dir>/demos/cms_enc.c, <openssl dir>/demos/cms_dec.c, <openssl dir>/demos/cms_sign.c and <openssl dir>/demos/cms_verify.c.

Two of the functions of interest are:

CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, unsigned int flags);

and

int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert, BIO *dcont, BIO *out, unsigned int flags);

Answer 2

It's not very elegant, but you could use ob_start and stream wrappers to trick openssl_pkcs7_decrypt to not output a file.

function pkcs7_decrypt_in_mem($infile, $cert, $key) {
    ob_start();
    $rtn = openssl_pkcs7_decrypt($infile, 'php://stdout', $cert, $key);
    $decrypted = ob_get_contents();
    ob_end_clean();

    if (!$rtn) { return FALSE; }
    return $decrypted;
}

The only file required to exist is $infile. Both $cert and $key as passed by value, not by file name.