pajoye Sat Jul 29 21:54:45 2006 UTC Added files: /php-src/ext/openssl/tests bug37820key.pem bug37820cert.pem bug37820.phpt
Modified files: /php-src/ext/openssl openssl.c Log: - #37820, add support for algorithm type in openssl_verify() http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/openssl.c?r1=1.106&r2=1.107&diff_format=u Index: php-src/ext/openssl/openssl.c diff -u php-src/ext/openssl/openssl.c:1.106 php-src/ext/openssl/openssl.c:1.107 --- php-src/ext/openssl/openssl.c:1.106 Sun Apr 30 23:45:13 2006 +++ php-src/ext/openssl/openssl.c Sat Jul 29 21:54:45 2006 @@ -18,7 +18,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: openssl.c,v 1.106 2006/04/30 23:45:13 wez Exp $ */ +/* $Id: openssl.c,v 1.107 2006/07/29 21:54:45 pajoye Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -563,6 +563,30 @@ } return SUCCESS; } + +static EVP_MD * php_openssl_get_evp_md_from_algo(long algo) { /* {{{ */ + EVP_MD *mdtype; + + switch (algo) { + case OPENSSL_ALGO_SHA1: + mdtype = (EVP_MD *) EVP_sha1(); + break; + case OPENSSL_ALGO_MD5: + mdtype = (EVP_MD *) EVP_md5(); + break; + case OPENSSL_ALGO_MD4: + mdtype = (EVP_MD *) EVP_md4(); + break; + case OPENSSL_ALGO_MD2: + mdtype = (EVP_MD *) EVP_md2(); + break; + default: + return NULL; + break; + } + return mdtype; +} +/* }}} */ /* }}} */ /* {{{ PHP_MINIT_FUNCTION @@ -2860,7 +2884,7 @@ } /* }}} */ -/* {{{ proto bool openssl_sign(string data, &string signature, mixed key) +/* {{{ proto bool openssl_sign(string data, &string signature, mixed key[, int signature_alg]) Signs data */ PHP_FUNCTION(openssl_sign) { @@ -2884,23 +2908,10 @@ RETURN_FALSE; } - switch (signature_algo) { - case OPENSSL_ALGO_SHA1: - mdtype = (EVP_MD *) EVP_sha1(); - break; - case OPENSSL_ALGO_MD5: - mdtype = (EVP_MD *) EVP_md5(); - break; - case OPENSSL_ALGO_MD4: - mdtype = (EVP_MD *) EVP_md4(); - break; - case OPENSSL_ALGO_MD2: - mdtype = (EVP_MD *) EVP_md2(); - break; - default: - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm."); - RETURN_FALSE; - break; + mdtype = php_openssl_get_evp_md_from_algo(signature_algo); + if (!mdtype) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm."); + RETURN_FALSE; } siglen = EVP_PKEY_size(pkey); @@ -2931,21 +2942,29 @@ EVP_PKEY *pkey; int err; EVP_MD_CTX md_ctx; + EVP_MD *mdtype; long keyresource = -1; char * data; int data_len; char * signature; int signature_len; - - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssz", &data, &data_len, &signature, &signature_len, &key) == FAILURE) { + long signature_algo = OPENSSL_ALGO_SHA1; + + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssz|l", &data, &data_len, &signature, &signature_len, &key, &signature_algo) == FAILURE) { return; } - + + mdtype = php_openssl_get_evp_md_from_algo(signature_algo); + if (!mdtype) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm."); + RETURN_FALSE; + } + pkey = php_openssl_evp_from_zval(&key, 1, NULL, 0, &keyresource TSRMLS_CC); if (pkey == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied key param cannot be coerced into a public key"); RETURN_FALSE; } - EVP_VerifyInit (&md_ctx, EVP_sha1()); + EVP_VerifyInit (&md_ctx, mdtype); EVP_VerifyUpdate (&md_ctx, data, data_len); err = EVP_VerifyFinal (&md_ctx, signature, signature_len, pkey); http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug37820key.pem?view=markup&rev=1.1 Index: php-src/ext/openssl/tests/bug37820key.pem +++ php-src/ext/openssl/tests/bug37820key.pem -----BEGIN RSA PRIVATE KEY----- MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ 2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr 8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7 WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA 6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg= -----END RSA PRIVATE KEY----- http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug37820cert.pem?view=markup&rev=1.1 Index: php-src/ext/openssl/tests/bug37820cert.pem +++ php-src/ext/openssl/tests/bug37820cert.pem -----BEGIN CERTIFICATE----- MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX 9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4= -----END CERTIFICATE----- http://cvs.php.net/viewvc.cgi/php-src/ext/openssl/tests/bug37820.phpt?view=markup&rev=1.1 Index: php-src/ext/openssl/tests/bug37820.phpt +++ php-src/ext/openssl/tests/bug37820.phpt --TEST-- openssl_sign/verify: accept different algos --SKIPIF-- <?php if (!extension_loaded("openssl")) die("skip"); ?> --FILE-- <?php $dir = dirname(__FILE__); $file_pub = $dir . '/bug37820cert.pem'; $file_key = $dir . '/bug37820key.pem'; $priv_key = file_get_contents($file_key); $priv_key_id = openssl_get_privatekey($priv_key); $pub_key = file_get_contents($file_pub); $pub_key_id = openssl_get_publickey($pub_key); $data = "some custom data"; if (!openssl_sign($data, $signature, $priv_key_id, OPENSSL_ALGO_MD5)) { echo "openssl_sign failed."; } $ok = openssl_verify($data, $signature, $pub_key_id, OPENSSL_ALGO_MD5); if ($ok == 1) { echo "Ok"; } elseif ($ok == 0) { echo "openssl_verify failed."; } ?> --EXPECTF-- Ok -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php