archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-19 08:49:28 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

- #37820, add support for algorithm type in openssl_verify()

Browse source
This commit is contained in:
Pierre Joye 2006-07-29 21:54:46 +00:00
parent 317bedda3f
commit 1329f72f90
4 changed files with 99 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

55
ext/openssl/openssl.c
View file

@ -563,6 +563,30 @@ static int php_openssl_write_rand_file(const char * file, int egdsocket, int see
} }
return SUCCESS; return SUCCESS;
} }
static EVP_MD * php_openssl_get_evp_md_from_algo(long algo) { /* {{{ */
EVP_MD *mdtype;
switch (algo) {
case OPENSSL_ALGO_SHA1:
mdtype = (EVP_MD *) EVP_sha1();
break;
case OPENSSL_ALGO_MD5:
mdtype = (EVP_MD *) EVP_md5();
break;
case OPENSSL_ALGO_MD4:
mdtype = (EVP_MD *) EVP_md4();
break;
case OPENSSL_ALGO_MD2:
mdtype = (EVP_MD *) EVP_md2();
break;
default:
return NULL;
break;
}
return mdtype;
}
/* }}} */
/* }}} */ /* }}} */
/* {{{ PHP_MINIT_FUNCTION /* {{{ PHP_MINIT_FUNCTION
@ -2860,7 +2884,7 @@ PHP_FUNCTION(openssl_error_string)
} }
/* }}} */ /* }}} */
/* {{{ proto bool openssl_sign(string data, &string signature, mixed key) /* {{{ proto bool openssl_sign(string data, &string signature, mixed key[, int signature_alg])
Signs data */ Signs data */
PHP_FUNCTION(openssl_sign) PHP_FUNCTION(openssl_sign)
{ {
@ -2884,23 +2908,10 @@ PHP_FUNCTION(openssl_sign)
RETURN_FALSE; RETURN_FALSE;
} }
switch (signature_algo) { mdtype = php_openssl_get_evp_md_from_algo(signature_algo);
case OPENSSL_ALGO_SHA1: if (!mdtype) {
mdtype = (EVP_MD *) EVP_sha1();
break;
case OPENSSL_ALGO_MD5:
mdtype = (EVP_MD *) EVP_md5();
break;
case OPENSSL_ALGO_MD4:
mdtype = (EVP_MD *) EVP_md4();
break;
case OPENSSL_ALGO_MD2:
mdtype = (EVP_MD *) EVP_md2();
break;
default:
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm."); php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm.");
RETURN_FALSE; RETURN_FALSE;
break;
} }
siglen = EVP_PKEY_size(pkey); siglen = EVP_PKEY_size(pkey);
@ -2931,21 +2942,29 @@ PHP_FUNCTION(openssl_verify)
EVP_PKEY *pkey; EVP_PKEY *pkey;
int err; int err;
EVP_MD_CTX md_ctx; EVP_MD_CTX md_ctx;
EVP_MD *mdtype;
long keyresource = -1; long keyresource = -1;
char * data; int data_len; char * data; int data_len;
char * signature; int signature_len; char * signature; int signature_len;
long signature_algo = OPENSSL_ALGO_SHA1;
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssz", &data, &data_len, &signature, &signature_len, &key) == FAILURE) { if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssz|l", &data, &data_len, &signature, &signature_len, &key, &signature_algo) == FAILURE) {
return; return;
} }
mdtype = php_openssl_get_evp_md_from_algo(signature_algo);
if (!mdtype) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm.");
RETURN_FALSE;
}
pkey = php_openssl_evp_from_zval(&key, 1, NULL, 0, &keyresource TSRMLS_CC); pkey = php_openssl_evp_from_zval(&key, 1, NULL, 0, &keyresource TSRMLS_CC);
if (pkey == NULL) { if (pkey == NULL) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied key param cannot be coerced into a public key"); php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied key param cannot be coerced into a public key");
RETURN_FALSE; RETURN_FALSE;
} }
EVP_VerifyInit (&md_ctx, EVP_sha1()); EVP_VerifyInit (&md_ctx, mdtype);
EVP_VerifyUpdate (&md_ctx, data, data_len); EVP_VerifyUpdate (&md_ctx, data, data_len);
err = EVP_VerifyFinal (&md_ctx, signature, signature_len, pkey); err = EVP_VerifyFinal (&md_ctx, signature, signature_len, pkey);

35
ext/openssl/tests/bug37820.phpt Normal file
View file

@ -0,0 +1,35 @@
--TEST--
openssl_sign/verify: accept different algos
--SKIPIF--
<?php
if (!extension_loaded("openssl")) die("skip");
?>
--FILE--
<?php
$dir = dirname(__FILE__);
$file_pub = $dir . '/bug37820cert.pem';
$file_key = $dir . '/bug37820key.pem';
$priv_key = file_get_contents($file_key);
$priv_key_id = openssl_get_privatekey($priv_key);
$pub_key = file_get_contents($file_pub);
$pub_key_id = openssl_get_publickey($pub_key);
$data = "some custom data";
if (!openssl_sign($data, $signature, $priv_key_id, OPENSSL_ALGO_MD5)) {
echo "openssl_sign failed.";
}
$ok = openssl_verify($data, $signature, $pub_key_id, OPENSSL_ALGO_MD5);
if ($ok == 1) {
echo "Ok";
} elseif ($ok == 0) {
echo "openssl_verify failed.";
}
?>
--EXPECTF--
Ok

14
ext/openssl/tests/bug37820cert.pem Normal file
View file

@ -0,0 +1,14 @@
-----BEGIN CERTIFICATE-----
MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD
VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv
bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy
dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X
DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw
EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l
dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT
EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw
L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN
BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX
9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=
-----END CERTIFICATE-----

9
ext/openssl/tests/bug37820key.pem Normal file
View file

@ -0,0 +1,9 @@
-----BEGIN RSA PRIVATE KEY-----
MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ
2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF
oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr
8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc
a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7
WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA
6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=
-----END RSA PRIVATE KEY-----