archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-15 21:48:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge branch 'PHP-7.1' into PHP-7.2

Browse source
This commit is contained in:
Jakub Zelenka 2017-10-30 16:43:36 +00:00
commit 19c62e83fa
15 changed files with 209 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

9
ext/openssl/openssl.c
View file

@ -1676,10 +1676,11 @@ static X509 * php_openssl_x509_from_zval(zval * val, int makeresource, zend_reso
if (!what) {
return NULL;
}
/* this is so callers can decide if they should free the X509 */
if (resourceval) {
*resourceval = res;
Z_ADDREF_P(val);
if (makeresource) {
Z_ADDREF_P(val);
}
}
return (X509*)what;
}
@ -3225,7 +3226,9 @@ static X509_REQ * php_openssl_csr_from_zval(zval * val, int makeresource, zend_r
if (what) {
if (resourceval) {
*resourceval = res;
Z_ADDREF_P(val);
if (makeresource) {
Z_ADDREF_P(val);
}
}
return (X509_REQ*)what;
}

11
ext/openssl/tests/001.phpt
View file

@ -9,15 +9,6 @@ if (!@openssl_pkey_new()) die("skip cannot create private key");
<?php
echo "Creating private key\n";
/* stack up some entropy; performance is not critical,
* and being slow will most likely even help the test.
*/
for ($z = "", $i = 0; $i < 1024; $i++) {
$z .= $i * $i;
if (function_exists("usleep"))
usleep($i);
}
$conf = array('config' => dirname(__FILE__) . DIRECTORY_SEPARATOR . 'openssl.cnf');
$privkey = openssl_pkey_new($conf);
@ -32,6 +23,7 @@ if ($key_file_name === false)
echo "Export key to file\n";
openssl_pkey_export_to_file($privkey, $key_file_name, $passphrase, $conf) or die("failed to export to file $key_file_name");
var_dump(is_resource($privkey));
echo "Load key from file - array syntax\n";
@ -69,6 +61,7 @@ echo "OK!\n";
--EXPECT--
Creating private key
Export key to file
bool(true)
Load key from file - array syntax
Load key using direct syntax
Load key manually and use string syntax

83
ext/openssl/tests/openssl_csr_export_to_file_basic.phpt Normal file
View file

@ -0,0 +1,83 @@
--TEST--
openssl_csr_export_to_file() tests
--SKIPIF--
<?php if (!extension_loaded("openssl")) print "skip"; ?>
--FILE--
<?php
$csrfile = dirname(__FILE__) . "/openssl_csr_export_to_file_csr.tmp";
$wrong = "wrong";
$config = __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf';
$phex = 'dcf93a0b883972ec0e19989ac5a2ce310e1d37717e8d9571bb7623731866e61e' .
'f75a2e27898b057f9891c2e27a639c3f29b60814581cd3b2ca3986d268370557' .
'7d45c2e7e52dc81c7a171876e5cea74b1448bfdfaf18828efd2519f14e45e382' .
'6634af1949e5b535cc829a483b8a76223e5d490a257f05bdff16f2fb22c583ab';
$dh_details = array('p' => $phex, 'g' => '2');
$dh = openssl_pkey_new(array(
'dh'=> array('p' => hex2bin($phex), 'g' => '2'))
);
$dn = array(
"countryName" => "BR",
"stateOrProvinceName" => "Rio Grande do Sul",
"localityName" => "Porto Alegre",
"commonName" => "Henrique do N. Angelo",
"emailAddress" => "hnangelo@php.net"
);
$args = array(
"digest_alg" => "sha1",
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_DSA,
"encrypt_key" => true,
"config" => $config,
);
$privkey_file = 'file://' . dirname(__FILE__) . '/private_rsa_2048.key';
$csr = openssl_csr_new($dn, $privkey_file, $args);
var_dump(openssl_csr_export_to_file($csr, $csrfile));
var_dump(file_get_contents($csrfile));
var_dump(openssl_csr_export_to_file($wrong, $csrfile));
var_dump(openssl_csr_export_to_file($dh, $csrfile));
var_dump(openssl_csr_export_to_file(array(), $csrfile));
var_dump(openssl_csr_export_to_file($csr, $csrfile, false));
?>
--CLEAN--
<?php
$csrfile = dirname(__FILE__) . "/openssl_csr_export_to_file_csr.tmp";
if (file_exists($csrfile)) {
unlink($csrfile);
}
?>
--EXPECTF--
bool(true)
string(1086) "-----BEGIN CERTIFICATE REQUEST-----
MIIC6jCCAdICAQAwgaQxCzAJBgNVBAYTAkJSMRowGAYDVQQIExFSaW8gR3JhbmRl
IGRvIFN1bDEVMBMGA1UEBxMMUG9ydG8gQWxlZ3JlMR4wHAYDVQQDExVIZW5yaXF1
ZSBkbyBOLiBBbmdlbG8xHzAdBgkqhkiG9w0BCQEWEGhuYW5nZWxvQHBocC5uZXQx
ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAK21JlVtWPqyc2UQtw2AdJHSIL5OzAHWsu/Mmxjz
w4VZWwG+Ao1m2j7OJ8lAkxLfSlRtB+6Vx8Q21krAtve+M3b6pT9C9qKdfzNkrXk3
BggTncBh9ozkVQGS/P1m0zn/SKSgDO+6DdeLHLMjpUASaoYfsay4PJLAdnTqLOeM
g6qNE6u0ebZXVfmpSmV1pSZ6kQnxbsb6rX1iOZxkwHnVWYb40Hy0EILo31x6BVqB
m159m7s38ChiRHqlj20DmRfxXjiT5YDgYYQ29wQBTVQrTN5O9UW5Y+eKTXd8r6te
dsbIBXdKN7NeX7ksGYHq1I3hLsP8EyvZO78qfjKyEB0Jj3UCAwEAAaAAMA0GCSqG
SIb3DQEBBQUAA4IBAQCamzVmIbElkiDQKzQpkfU5tHjrWPrHDSB186NI0sQ8i6GQ
1YT6yPAXBPTQ1aER/6uAZJL5HfWEX8V1rKbe8GkPAPCHHQzmHyWlaO2EHS57zJhk
sRrhqkhhkSNiDg4OrsguhRtbB2VMGeDbqHGI89uGqqGHUiZc/Bh8N7WFXZkUU/A0
sfBgVeqg0P4SWez5fHXqBNcjMdMI5f0bikcDZSIfTHS8FX+PMurLBC8UPB0YNIOl
1r2Lvo+6YUHOziG1OwQd3K0xxu/JzzOE+lMB73ynz4V6DY5Qv3qVno1GpupvgmQA
JViHkCA9x6m8RJXAFvqmgLlWlUzbDv/cRrDfjWjR
-----END CERTIFICATE REQUEST-----
"
Warning: openssl_csr_export_to_file() expects parameter 1 to be resource, string given in %s on line %d
NULL
Warning: openssl_csr_export_to_file(): supplied resource is not a valid OpenSSL X.509 CSR resource in %s on line %d
Warning: openssl_csr_export_to_file(): cannot get CSR from parameter 1 in %s on line %d
bool(false)
Warning: openssl_csr_export_to_file() expects parameter 1 to be resource, array given in %s on line %d
NULL
bool(true)

44
ext/openssl/tests/openssl_csr_get_public_key_basic.phpt Normal file
View file

@ -0,0 +1,44 @@
--TEST--
openssl_csr_get_public_key() tests
--SKIPIF--
<?php
if (!extension_loaded("openssl")) die("skip");
?>
--FILE--
<?php
$config = __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf';
$phex = 'dcf93a0b883972ec0e19989ac5a2ce310e1d37717e8d9571bb7623731866e61e' .
'f75a2e27898b057f9891c2e27a639c3f29b60814581cd3b2ca3986d268370557' .
'7d45c2e7e52dc81c7a171876e5cea74b1448bfdfaf18828efd2519f14e45e382' .
'6634af1949e5b535cc829a483b8a76223e5d490a257f05bdff16f2fb22c583ab';
$dh_details = array('p' => $phex, 'g' => '2');
$dh = openssl_pkey_new(array(
'dh'=> array('p' => hex2bin($phex), 'g' => '2'))
);
$dn = array(
"countryName" => "BR",
"stateOrProvinceName" => "Rio Grande do Sul",
"localityName" => "Porto Alegre",
"commonName" => "Henrique do N. Angelo",
"emailAddress" => "hnangelo@php.net"
);
$args = array(
"digest_alg" => "sha1",
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_DSA,
"encrypt_key" => true,
"config" => $config,
);
$privkey_file = 'file://' . dirname(__FILE__) . '/private_rsa_2048.key';
$csr = openssl_csr_new($dn, $privkey_file, $args);
$csr_file = file_get_contents(dirname(__FILE__) . '/cert.csr');
var_dump(openssl_csr_get_public_key($csr));
var_dump(openssl_csr_get_public_key($csr_file));
?>
--EXPECTF--
resource(%d) of type (OpenSSL key)
resource(%d) of type (OpenSSL key)

58
ext/openssl/tests/openssl_csr_get_subject_basic.phpt
View file

@ -2,19 +2,43 @@
openssl_csr_get_subject() tests
--SKIPIF--
<?php
if (!extension_loaded("openssl")) die("skip");
if (!function_exists("utf8_decode")) die("skip");
if (!extension_loaded("openssl")) die("skip");
?>
--FILE--
<?php
$config = __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf';
$phex = 'dcf93a0b883972ec0e19989ac5a2ce310e1d37717e8d9571bb7623731866e61e' .
'f75a2e27898b057f9891c2e27a639c3f29b60814581cd3b2ca3986d268370557' .
'7d45c2e7e52dc81c7a171876e5cea74b1448bfdfaf18828efd2519f14e45e382' .
'6634af1949e5b535cc829a483b8a76223e5d490a257f05bdff16f2fb22c583ab';
$dh_details = array('p' => $phex, 'g' => '2');
$dh = openssl_pkey_new(array(
'dh'=> array('p' => hex2bin($phex), 'g' => '2'))
);
$csr = file_get_contents(dirname(__FILE__) . '/cert.csr');
if ($out = openssl_csr_get_subject($csr, 1)) {
var_dump($out);
}
echo "\n";
$cn = utf8_decode($out['CN']);
var_dump($cn);
$dn = array(
"countryName" => "BR",
"stateOrProvinceName" => "Rio Grande do Sul",
"localityName" => "Porto Alegre",
"commonName" => "Henrique do N. Angelo",
"emailAddress" => "hnangelo@php.net"
);
$args = array(
"digest_alg" => "sha1",
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_DSA,
"encrypt_key" => true,
"config" => $config,
);
$privkey_file = 'file://' . dirname(__FILE__) . '/private_rsa_2048.key';
$csr = openssl_csr_new($dn, $privkey_file, $args);
$csr_file = file_get_contents(dirname(__FILE__) . '/cert.csr');
var_dump(openssl_csr_get_subject($csr_file));
var_dump(openssl_csr_get_subject($csr, false));
?>
--EXPECTF--
array(6) {
["C"]=>
@ -30,5 +54,17 @@ array(6) {
["CN"]=>
string(15) "*.triconnect.nl"
}
string(15) "*.triconnect.nl"
array(6) {
["countryName"]=>
string(2) "BR"
["stateOrProvinceName"]=>
string(17) "Rio Grande do Sul"
["localityName"]=>
string(12) "Porto Alegre"
["commonName"]=>
string(21) "Henrique do N. Angelo"
["emailAddress"]=>
string(16) "hnangelo@php.net"
["organizationName"]=>
string(24) "Internet Widgits Pty Ltd"
}

2
ext/openssl/tests/openssl_csr_sign_basic.phpt
View file

@ -32,6 +32,7 @@ $csr = openssl_csr_new($dn, $privkey, $args);
var_dump(openssl_csr_sign($csr, null, $privkey, 365, $args));
var_dump(openssl_csr_sign($csr, null, $privkey, 365, $config_arg));
var_dump(openssl_csr_sign($csr, $cert, $priv, 365, $config_arg));
var_dump(openssl_csr_sign($csr, openssl_x509_read($cert), $priv, 365, $config_arg));
var_dump(openssl_csr_sign($csr, $wrong, $privkey, 365));
var_dump(openssl_csr_sign($csr, null, $wrong, 365));
var_dump(openssl_csr_sign($csr, null, $privkey, $wrong));
@ -47,6 +48,7 @@ var_dump(openssl_csr_sign($csr, null, $privkey, 365, $config_arg));
resource(%d) of type (OpenSSL X.509)
resource(%d) of type (OpenSSL X.509)
resource(%d) of type (OpenSSL X.509)
resource(%d) of type (OpenSSL X.509)
Warning: openssl_csr_sign(): cannot get cert from parameter 2 in %s on line %d
bool(false)

2
ext/openssl/tests/openssl_pkcs12_export_basic.phpt
View file

@ -14,7 +14,7 @@ $cert_res = openssl_x509_read($cert);
$priv_res = openssl_pkey_get_private($priv);
$pass = "test";
$invalid = "";
$invalid_path = "file:///tmp/php";
$invalid_path = dirname(__FILE__) . "/invalid_path";
$opts = [];
var_dump(openssl_pkcs12_export($cert, $output, $priv, $pass)); // read certs as a string

2
ext/openssl/tests/openssl_pkcs7_decrypt_basic.phpt
View file

@ -22,6 +22,7 @@ $empty = "";
openssl_pkcs7_encrypt($infile, $encrypted, $single_cert, $headers);
var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $single_cert, $privkey));
var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, openssl_x509_read($single_cert), $privkey));
var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $single_cert, $wrong));
var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $wrong, $privkey));
var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, null, $privkey));
@ -42,6 +43,7 @@ if (file_exists($outfile)) {
?>
--EXPECTF--
bool(true)
bool(true)
Warning: openssl_pkcs7_decrypt(): unable to get private key in %s on line %d
bool(false)

4
ext/openssl/tests/openssl_pkcs7_encrypt_basic.phpt
View file

@ -22,6 +22,7 @@ $wrong = "wrong";
$empty = "";
var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $headers));
var_dump(openssl_pkcs7_encrypt($infile, $outfile, openssl_x509_read($single_cert), $headers));
var_dump(openssl_pkcs7_decrypt($outfile, $outfile2, $single_cert, $privkey));
var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $assoc_headers));
var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $empty_headers));
@ -33,6 +34,7 @@ var_dump(openssl_pkcs7_encrypt($infile, $outfile, $wrong, $headers));
var_dump(openssl_pkcs7_encrypt($infile, $outfile, $empty, $headers));
var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $empty));
var_dump(openssl_pkcs7_encrypt($infile, $outfile, $multi_certs, $headers));
var_dump(openssl_pkcs7_encrypt($infile, $outfile, array_map('openssl_x509_read', $multi_certs) , $headers));
if (file_exists($outfile)) {
echo "true\n";
@ -48,6 +50,7 @@ bool(true)
bool(true)
bool(true)
bool(true)
bool(true)
Warning: openssl_pkcs7_encrypt() expects parameter 4 to be array, string given in %s on line %d
bool(false)
@ -60,5 +63,6 @@ bool(false)
Warning: openssl_pkcs7_encrypt() expects parameter 4 to be array, string given in %s on line %d
bool(false)
bool(true)
bool(true)
true
true

2
ext/openssl/tests/openssl_pkcs7_sign_basic.phpt
View file

@ -18,6 +18,7 @@ $empty_headers = array();
$wrong = "wrong";
$empty = "";
var_dump(openssl_pkcs7_sign($infile, $outfile, openssl_x509_read($single_cert), $privkey, $headers));
var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $headers));
var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $assoc_headers));
var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $empty_headers));
@ -39,6 +40,7 @@ if (file_exists($outfile)) {
bool(true)
bool(true)
bool(true)
bool(true)
Warning: openssl_pkcs7_sign() expects parameter 5 to be array, string given in %s on line %d
NULL

3
ext/openssl/tests/openssl_pkey_export_basic.phpt
View file

@ -39,7 +39,7 @@ $tempname = tempnam(sys_get_temp_dir(), 'openssl_ec');
var_dump(openssl_pkey_export_to_file($key, $tempname, NULL, $config_arg));
$details = openssl_pkey_get_details(openssl_pkey_get_private('file://' . $tempname));
var_dump(OPENSSL_KEYTYPE_EC === $details['type']);
var_dump(is_resource($key));
// Clean the temporary file
@unlink($tempname);
?>
@ -56,3 +56,4 @@ array(1) {
}
bool(true)
bool(true)
bool(true)

2
ext/openssl/tests/openssl_x509_check_private_key_basic.phpt
View file

@ -19,7 +19,7 @@ var_dump(openssl_x509_check_private_key($cert, $key));
var_dump(openssl_x509_check_private_key("", $key));
var_dump(openssl_x509_check_private_key($cert, ""));
var_dump(openssl_x509_check_private_key("", ""));
var_dump(openssl_x509_check_private_key($a, $b));
var_dump(openssl_x509_check_private_key(openssl_x509_read($a), $b));
?>
--EXPECT--
bool(true)

3
ext/openssl/tests/openssl_x509_checkpurpose.phpt → ext/openssl/tests/openssl_x509_checkpurpose_basic.phpt
View file

@ -13,6 +13,7 @@ $bert = "file://" . dirname(__FILE__) . "/bug41033.pem";
$sert = "file://" . dirname(__FILE__) . "/san-cert.pem";
$cpca = dirname(__FILE__) . "/san-ca.pem";
$utfl = dirname(__FILE__) . "/sni_server_domain1.pem";
$rcrt = openssl_x509_read($cert);
/* int openssl_x509_checkpurpose ( mixed $x509cert , int $purpose); */
var_dump(openssl_x509_checkpurpose($cert, X509_PURPOSE_SSL_CLIENT));
@ -44,7 +45,7 @@ var_dump(openssl_x509_checkpurpose($cert, X509_PURPOSE_NS_SSL_SERVER, array($cpc
var_dump(openssl_x509_checkpurpose($cert, X509_PURPOSE_SMIME_SIGN, array($cpca)));
var_dump(openssl_x509_checkpurpose($cert, X509_PURPOSE_SMIME_ENCRYPT, array($cpca)));
var_dump(openssl_x509_checkpurpose($cert, X509_PURPOSE_CRL_SIGN, array($cpca)));
var_dump(openssl_x509_checkpurpose($cert, X509_PURPOSE_ANY, array($cpca)));
var_dump(openssl_x509_checkpurpose($rcrt, X509_PURPOSE_ANY, array($cpca)));
var_dump(openssl_x509_checkpurpose($bert, X509_PURPOSE_SSL_CLIENT, array($cpca)));
var_dump(openssl_x509_checkpurpose($bert, X509_PURPOSE_SSL_SERVER, array($cpca)));
var_dump(openssl_x509_checkpurpose($bert, X509_PURPOSE_NS_SSL_SERVER, array($cpca)));

7
ext/openssl/tests/openssl_x509_fingerprint_basic.phpt
View file

@ -21,10 +21,15 @@ var_dump(openssl_x509_fingerprint($cert, 'md5'));
echo "**Testing raw output md5 **\n";
var_dump(bin2hex(openssl_x509_fingerprint($cert, 'md5', true)));
echo "** Testing hash method sha1 with resource **\n";
$r = openssl_x509_read($cert);
var_dump(openssl_x509_fingerprint($r, 'sha1'));
echo "** Testing bad certification **\n";
var_dump(openssl_x509_fingerprint('123'));
echo "** Testing bad hash method **\n";
var_dump(openssl_x509_fingerprint($cert, 'xx45'));
?>
--EXPECTF--
** Testing with no parameters **
@ -36,6 +41,8 @@ string(40) "6e6fd1ea10a5a23071d61c728ee9b40df6dbc33c"
string(32) "ac77008e172897e06c0b065294487a67"
**Testing raw output md5 **
string(32) "ac77008e172897e06c0b065294487a67"
** Testing hash method sha1 with resource **
string(40) "6e6fd1ea10a5a23071d61c728ee9b40df6dbc33c"
** Testing bad certification **
Warning: openssl_x509_fingerprint(): cannot get cert from parameter 1 in %s on line %d

5
ext/openssl/tests/openssl_x509_parse_basic.phpt
View file

@ -8,10 +8,13 @@ if (OPENSSL_VERSION_NUMBER < 0x10000000) die("skip Output requires OpenSSL 1.0")
<?php
$cert = "file://" . dirname(__FILE__) . "/cert.crt";
var_dump(openssl_x509_parse($cert));
$parsedCert = openssl_x509_parse($cert);
var_dump($parsedCert === openssl_x509_parse(openssl_x509_read($cert)));
var_dump($parsedCert);
var_dump(openssl_x509_parse($cert, false));
?>
--EXPECTF--
bool(true)
array(16) {
["name"]=>
string(96) "/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net"