cellog Sun Jun 1 04:21:27 2008 UTC Added files: (Branch: PHP_5_3) /php-src/ext/phar/tests/files openssl.phar openssl.phar.pubkey private.pem
Modified files: /php-src/ext/phar config.m4 phar.c phar_internal.h phar_object.c /php-src/ext/phar/tests phar_get_supported_signatures_001.phpt phar_get_supported_signatures_002.phpt phar_setsignaturealgo2.phpt test_signaturealgos.phpt Log: add openssl signing support. This adds an extra parameter for the contents of the exported private key to Phar->setSignatureAlgorithm, and expects the public key to be in a file named blah.phar.pubkey in the same directory as the phar blah.phar. This works with openssl static or shared and fails gracefully if openssl is not present without adding a dependency. config.w32 needs updating to match config.m4 [DOC]
http://cvs.php.net/viewvc.cgi/php-src/ext/phar/config.m4?r1=1.27.2.3&r2=1.27.2.4&diff_format=u Index: php-src/ext/phar/config.m4 diff -u php-src/ext/phar/config.m4:1.27.2.3 php-src/ext/phar/config.m4:1.27.2.4 --- php-src/ext/phar/config.m4:1.27.2.3 Sat May 17 20:07:22 2008 +++ php-src/ext/phar/config.m4 Sun Jun 1 04:21:26 2008 @@ -1,4 +1,4 @@ -dnl $Id: config.m4,v 1.27.2.3 2008/05/17 20:07:22 cellog Exp $ +dnl $Id: config.m4,v 1.27.2.4 2008/06/01 04:21:26 cellog Exp $ dnl config.m4 for extension phar PHP_ARG_ENABLE(phar, for phar archive support, @@ -8,6 +8,17 @@ PHP_NEW_EXTENSION(phar, util.c tar.c zip.c stream.c func_interceptors.c dirstream.c phar.c phar_object.c phar_path_check.c, $ext_shared) PHP_ADD_BUILD_DIR($ext_builddir/lib, 1) PHP_SUBST(PHAR_SHARED_LIBADD) + AC_MSG_CHECKING([for phar openssl support]) + if test "$PHP_OPENSSL_SHARED" = "yes"; then + AC_MSG_RESULT([no (shared openssl)]) + else + if test "$PHP_OPENSSL" = "yes"; then + AC_MSG_RESULT([yes]) + AC_DEFINE(PHAR_HAVE_OPENSSL,1,[ ]) + else + AC_MSG_RESULT([no]) + fi + fi PHP_ADD_EXTENSION_DEP(phar, spl, true) PHP_ADD_MAKEFILE_FRAGMENT fi http://cvs.php.net/viewvc.cgi/php-src/ext/phar/phar.c?r1=1.370.2.9&r2=1.370.2.10&diff_format=u Index: php-src/ext/phar/phar.c diff -u php-src/ext/phar/phar.c:1.370.2.9 php-src/ext/phar/phar.c:1.370.2.10 --- php-src/ext/phar/phar.c:1.370.2.9 Fri May 30 22:49:33 2008 +++ php-src/ext/phar/phar.c Sun Jun 1 04:21:26 2008 @@ -17,13 +17,31 @@ +----------------------------------------------------------------------+ */ -/* $Id: phar.c,v 1.370.2.9 2008/05/30 22:49:33 cellog Exp $ */ +/* $Id: phar.c,v 1.370.2.10 2008/06/01 04:21:26 cellog Exp $ */ #define PHAR_MAIN 1 #include "phar_internal.h" #include "SAPI.h" #include "func_interceptors.h" +#ifdef PHAR_HAVE_OPENSSL + +/* OpenSSL includes */ +#include <openssl/evp.h> +#include <openssl/x509.h> +#include <openssl/x509v3.h> +#include <openssl/crypto.h> +#include <openssl/pem.h> +#include <openssl/err.h> +#include <openssl/conf.h> +#include <openssl/rand.h> +#include <openssl/ssl.h> +#include <openssl/pkcs12.h> + +#endif + +static int phar_call_openssl_signverify(int is_sign, php_stream *fp, off_t end, char *key, int key_len, char **signature, int *signature_len TSRMLS_DC); + ZEND_DECLARE_MODULE_GLOBALS(phar) #if PHP_VERSION_ID >= 50300 char *(*phar_save_resolve_path)(const char *filename, int filename_len TSRMLS_DC); @@ -113,6 +131,7 @@ } if (phar->signature) { efree(phar->signature); + phar->signature = NULL; } if (phar->manifest.arBuckets) { zend_hash_destroy(&phar->manifest); @@ -592,6 +611,7 @@ int read_size, len; char sig_buf[8], *sig_ptr = sig_buf; off_t read_len; + size_t end_of_phar; if (-1 == php_stream_seek(fp, -8, SEEK_END) || (read_len = php_stream_tell(fp)) < 20 @@ -606,6 +626,149 @@ } PHAR_GET_32(sig_ptr, sig_flags); switch(sig_flags) { + case PHAR_SIG_OPENSSL: { +#ifdef PHAR_HAVE_OPENSSL + BIO *in; + EVP_PKEY *key; + EVP_MD *mdtype = (EVP_MD *) EVP_sha1(); + EVP_MD_CTX md_ctx; +#endif + php_uint32 signature_len, pubkey_len; + char *sig, *pubkey = NULL, *pfile; + off_t whence; + php_stream *pfp; + int tempsig; + + if (!zend_hash_exists(&module_registry, "openssl", sizeof("openssl"))) { + efree(savebuf); + php_stream_close(fp); + if (error) { + spprintf(error, 0, "phar \"%s\" openssl signature cannot be verified, openssl not loaded", fname); + } + return FAILURE; + } + /* we store the signature followed by the signature length */ + if (-1 == php_stream_seek(fp, -12, SEEK_CUR) + || 4 != php_stream_read(fp, sig_buf, 4)) { + efree(savebuf); + php_stream_close(fp); + if (error) { + spprintf(error, 0, "phar \"%s\" openssl signature length could not be read", fname); + } + return FAILURE; + } + + sig_ptr = sig_buf; + PHAR_GET_32(sig_ptr, signature_len); + + sig = (char *)emalloc(signature_len); + + whence = signature_len + 4; + whence = -whence; + if (-1 == php_stream_seek(fp, whence, SEEK_CUR) + || !(end_of_phar = php_stream_tell(fp)) + || signature_len != php_stream_read(fp, sig, signature_len)) { + efree(savebuf); + efree(sig); + php_stream_close(fp); + if (error) { + spprintf(error, 0, "phar \"%s\" openssl signature could not be read", fname); + } + return FAILURE; + } + + /* use __FILE__ . '.pubkey' for public key file */ + spprintf(&pfile, 0, "%s.pubkey", fname); + pfp = php_stream_open_wrapper(pfile, "rb", 0, NULL); + efree(pfile); + if (!pfp || !(pubkey_len = php_stream_copy_to_mem(pfp, &pubkey, PHP_STREAM_COPY_ALL, 0)) || !pubkey) { + efree(savebuf); + efree(sig); + if (pubkey) { + efree(pubkey); + } + php_stream_close(fp); + if (error) { + spprintf(error, 0, "phar \"%s\" openssl public key could not be read", fname); + } + return FAILURE; + } + php_stream_close(pfp); +#ifndef PHAR_HAVE_OPENSSL + tempsig = signature_len; + if (FAILURE == phar_call_openssl_signverify(0, fp, end_of_phar, pubkey, pubkey_len, &sig, &tempsig TSRMLS_CC)) { + efree(savebuf); + efree(sig); + if (pubkey) { + efree(pubkey); + } + php_stream_close(fp); + if (error) { + spprintf(error, 0, "phar \"%s\" openssl signature could not be verified", fname); + } + return FAILURE; + } + if (pubkey) { + efree(pubkey); + } + signature_len = tempsig; +#else + in = BIO_new_mem_buf(pubkey, pubkey_len); + if (NULL == in) { + efree(savebuf); + efree(sig); + efree(pubkey); + php_stream_close(fp); + if (error) { + spprintf(error, 0, "phar \"%s\" openssl signature could not be processed", fname); + } + return FAILURE; + } + key = PEM_read_bio_PUBKEY(in, NULL,NULL, NULL); + BIO_free(in); + efree(pubkey); + if (NULL == key) { + efree(savebuf); + efree(sig); + php_stream_close(fp); + if (error) { + spprintf(error, 0, "phar \"%s\" openssl signature could not be processed", fname); + } + return FAILURE; + } + + EVP_VerifyInit(&md_ctx, mdtype); + + read_len -= signature_len + 4; + if (read_len > sizeof(buf)) { + read_size = sizeof(buf); + } else { + read_size = (int)read_len; + } + php_stream_seek(fp, 0, SEEK_SET); + while (read_size && (len = php_stream_read(fp, (char*)buf, read_size)) > 0) { + EVP_VerifyUpdate (&md_ctx, buf, len); + read_len -= (off_t)len; + if (read_len < read_size) { + read_size = (int)read_len; + } + } + if (!EVP_VerifyFinal (&md_ctx, (unsigned char *)sig, signature_len, key)) { + EVP_MD_CTX_cleanup(&md_ctx); + efree(sig); + efree(savebuf); + php_stream_close(fp); + if (error) { + spprintf(error, 0, "phar \"%s\" has a broken signature", fname); + } + return FAILURE; + } + EVP_MD_CTX_cleanup(&md_ctx); +#endif + sig_len = phar_hex_str((const char*)sig, sig_len, &signature); + efree(sig); + } + break; #if HAVE_HASH_EXT case PHAR_SIG_SHA512: { unsigned char digest[64], saved[64]; @@ -2078,6 +2241,116 @@ return stub; } +static int phar_call_openssl_signverify(int is_sign, php_stream *fp, off_t end, char *key, int key_len, char **signature, int *signature_len TSRMLS_DC) +{ + zend_fcall_info fci; + zend_fcall_info_cache fcc; + zval *zdata, *zsig, *zkey, *retval_ptr, **zp[3], *openssl; + + MAKE_STD_ZVAL(zdata); + MAKE_STD_ZVAL(openssl); + ZVAL_STRINGL(openssl, is_sign ? "openssl_sign" : "openssl_verify", is_sign ? sizeof("openssl_sign")-1 : sizeof("openssl_verify")-1, 1); + MAKE_STD_ZVAL(zsig); + ZVAL_STRINGL(zsig, *signature, *signature_len, 1); + MAKE_STD_ZVAL(zkey); + ZVAL_STRINGL(zkey, key, key_len, 1); + zp[0] = &zdata; + zp[1] = &zsig; + zp[2] = &zkey; + + php_stream_rewind(fp); + Z_TYPE_P(zdata) = IS_STRING; + Z_STRLEN_P(zdata) = end; + if (end != (off_t) php_stream_copy_to_mem(fp, &(Z_STRVAL_P(zdata)), (size_t) end, 0)) { + zval_dtor(zdata); + zval_dtor(zsig); + zval_dtor(zkey); + return FAILURE; + } + +#if PHP_VERSION_ID < 50300 + if (FAILURE == zend_fcall_info_init(openssl, &fci, &fcc TSRMLS_CC)) { +#else + if (FAILURE == zend_fcall_info_init(openssl, 0, &fci, &fcc, NULL, NULL TSRMLS_CC)) { +#endif + zval_dtor(zdata); + zval_dtor(zsig); + zval_dtor(zkey); + zval_dtor(openssl); + return FAILURE; + } + zval_dtor(openssl); + efree(openssl); + + fci.param_count = 3; + fci.params = zp; +#if PHP_VERSION_ID < 50300 + ++(zdata->refcount); + ++(zsig->refcount); + ++(zkey->refcount); +#else + Z_ADDREF_P(zdata); + if (is_sign) { + Z_SET_ISREF_P(zsig); + } else { + Z_ADDREF_P(zsig); + } + Z_ADDREF_P(zkey); +#endif + fci.retval_ptr_ptr = &retval_ptr; + + if (FAILURE == zend_call_function(&fci, &fcc TSRMLS_CC)) { + zval_dtor(zdata); + zval_dtor(zsig); + zval_dtor(zkey); + efree(zdata); + efree(zkey); + efree(zsig); + return FAILURE; + } +#if PHP_VERSION_ID < 50300 + --(zdata->refcount); + --(zsig->refcount); + --(zkey->refcount); +#else + Z_DELREF_P(zdata); + if (is_sign) { + Z_UNSET_ISREF_P(zsig); + } else { + Z_DELREF_P(zsig); + } + Z_DELREF_P(zkey); +#endif + zval_dtor(zdata); + efree(zdata); + zval_dtor(zkey); + efree(zkey); + switch (Z_TYPE_P(retval_ptr)) { + default: + case IS_LONG : + zval_dtor(zsig); + efree(zsig); + if (1 == Z_LVAL_P(retval_ptr)) { + efree(retval_ptr); + return SUCCESS; + } + efree(retval_ptr); + return FAILURE; + case IS_BOOL : + efree(retval_ptr); + if (Z_BVAL_P(retval_ptr)) { + *signature = estrndup(Z_STRVAL_P(zsig), Z_STRLEN_P(zsig)); + *signature_len = Z_STRLEN_P(zsig); + zval_dtor(zsig); + efree(zsig); + return SUCCESS; + } + zval_dtor(zsig); + efree(zsig); + return FAILURE; + } +} + /** * Save phar contents to disk * @@ -2621,11 +2894,11 @@ unsigned char buf[1024]; int sig_flags = 0, sig_len; char sig_buf[4]; - php_stream_rewind(newfile); if (phar->signature) { efree(phar->signature); + phar->signature = NULL; } switch(phar->sig_flags) { @@ -2670,8 +2943,83 @@ } return EOF; #endif - case PHAR_SIG_PGP: - /* TODO: currently fall back to sha1,later do both */ + case PHAR_SIG_OPENSSL: { + int siglen; + unsigned char *sigbuf; +#ifdef PHAR_HAVE_OPENSSL + BIO *in; + EVP_PKEY *key; + EVP_MD *mdtype = (EVP_MD *) EVP_sha1(); + EVP_MD_CTX md_ctx; + + if (!zend_hash_exists(&module_registry, "openssl", sizeof("openssl"))) { + if (closeoldfile) { + php_stream_close(oldfile); + } + php_stream_close(newfile); + if (error) { + spprintf(error, 0, "phar \"%s\" openssl signature cannot be created, openssl not loaded", phar->fname); + } + return EOF; + } + in = BIO_new_mem_buf(PHAR_G(openssl_privatekey), PHAR_G(openssl_privatekey_len)); + + if (in == NULL) { + if (closeoldfile) { + php_stream_close(oldfile); + } + php_stream_close(newfile); + if (error) { + spprintf(error, 0, "unable to write contents of file \"%s\" to new phar \"%s\" with requested openssl signature", entry->filename, phar->fname); + } + return EOF; + } + key = PEM_read_bio_PrivateKey(in, NULL,NULL, ""); + + BIO_free(in); + siglen = EVP_PKEY_size(key); + sigbuf = emalloc(siglen + 1); + + EVP_SignInit(&md_ctx, mdtype); + while ((sig_len = php_stream_read(newfile, (char*)buf, sizeof(buf))) > 0) { + EVP_SignUpdate(&md_ctx, buf, sig_len); + } + if (!EVP_SignFinal (&md_ctx, sigbuf,(unsigned int *)&siglen, key)) { + efree(sigbuf); + if (closeoldfile) { + php_stream_close(oldfile); + } + php_stream_close(newfile); + if (error) { + spprintf(error, 0, "unable to write phar \"%s\" with requested openssl signature", phar->fname); + } + return EOF; + } + sigbuf[siglen] = '\0'; + EVP_MD_CTX_cleanup(&md_ctx); +#else + sigbuf = NULL; + siglen = 0; + php_stream_seek(newfile, 0, SEEK_END); + if (FAILURE == phar_call_openssl_signverify(1, newfile, php_stream_tell(newfile), PHAR_G(openssl_privatekey), PHAR_G(openssl_privatekey_len), (char **)&sigbuf, &siglen TSRMLS_CC)) { + if (closeoldfile) { + php_stream_close(oldfile); + } + php_stream_close(newfile); + if (error) { + spprintf(error, 0, "unable to write phar \"%s\" with requested openssl signature", phar->fname); + } + return EOF; + } +#endif + sig_flags |= PHAR_SIG_OPENSSL; + phar->sig_len = phar_hex_str((const char *)sigbuf, siglen, &phar->signature); + php_stream_write(newfile, (char *) sigbuf, siglen); + efree(sigbuf); + phar_set_32(sig_buf, siglen); + php_stream_write(newfile, sig_buf, 4); + } + break; default: case PHAR_SIG_SHA1: { unsigned char digest[20]; @@ -3052,7 +3400,7 @@ php_info_print_table_header(2, "Phar: PHP Archive support", "enabled"); php_info_print_table_row(2, "Phar EXT version", PHP_PHAR_VERSION); php_info_print_table_row(2, "Phar API version", PHP_PHAR_API_VERSION); - php_info_print_table_row(2, "CVS revision", "$Revision: 1.370.2.9 $"); + php_info_print_table_row(2, "CVS revision", "$Revision: 1.370.2.10 $"); php_info_print_table_row(2, "Phar-based phar archives", "enabled"); php_info_print_table_row(2, "Tar-based phar archives", "enabled"); php_info_print_table_row(2, "ZIP-based phar archives", "enabled"); @@ -3084,6 +3432,7 @@ */ static zend_module_dep phar_deps[] = { ZEND_MOD_OPTIONAL("apc") + ZEND_MOD_OPTIONAL("openssl") #if HAVE_SPL ZEND_MOD_REQUIRED("spl") #endif http://cvs.php.net/viewvc.cgi/php-src/ext/phar/phar_internal.h?r1=1.109.2.5&r2=1.109.2.6&diff_format=u Index: php-src/ext/phar/phar_internal.h diff -u php-src/ext/phar/phar_internal.h:1.109.2.5 php-src/ext/phar/phar_internal.h:1.109.2.6 --- php-src/ext/phar/phar_internal.h:1.109.2.5 Fri May 30 22:38:46 2008 +++ php-src/ext/phar/phar_internal.h Sun Jun 1 04:21:26 2008 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: phar_internal.h,v 1.109.2.5 2008/05/30 22:38:46 cellog Exp $ */ +/* $Id: phar_internal.h,v 1.109.2.6 2008/06/01 04:21:26 cellog Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -103,7 +103,7 @@ #define PHAR_SIG_SHA1 0x0002 #define PHAR_SIG_SHA256 0x0003 #define PHAR_SIG_SHA512 0x0004 -#define PHAR_SIG_PGP 0x0010 +#define PHAR_SIG_OPENSSL 0x0010 /* flags byte for each file adheres to these bitmasks. All unused values are reserved */ @@ -171,6 +171,8 @@ char* cwd; int cwd_len; int cwd_init; + char *openssl_privatekey; + int openssl_privatekey_len; ZEND_END_MODULE_GLOBALS(phar) ZEND_EXTERN_MODULE_GLOBALS(phar) http://cvs.php.net/viewvc.cgi/php-src/ext/phar/phar_object.c?r1=1.266.2.13&r2=1.266.2.14&diff_format=u Index: php-src/ext/phar/phar_object.c diff -u php-src/ext/phar/phar_object.c:1.266.2.13 php-src/ext/phar/phar_object.c:1.266.2.14 --- php-src/ext/phar/phar_object.c:1.266.2.13 Fri May 30 22:38:46 2008 +++ php-src/ext/phar/phar_object.c Sun Jun 1 04:21:26 2008 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: phar_object.c,v 1.266.2.13 2008/05/30 22:38:46 cellog Exp $ */ +/* $Id: phar_object.c,v 1.266.2.14 2008/06/01 04:21:26 cellog Exp $ */ #include "phar_internal.h" #include "func_interceptors.h" @@ -1251,6 +1251,13 @@ add_next_index_stringl(return_value, "SHA-256", 7, 1); add_next_index_stringl(return_value, "SHA-512", 7, 1); #endif +#if PHAR_HAVE_OPENSSL + add_next_index_stringl(return_value, "OpenSSL", 7, 1); +#else + if (zend_hash_exists(&module_registry, "openssl", sizeof("openssl"))) { + add_next_index_stringl(return_value, "OpenSSL", 7, 1); + } +#endif } /* }}} */ @@ -2675,7 +2682,7 @@ } /* }}} */ -/* {{{ proto array Phar::setSignatureAlgorithm(int sigtype) +/* {{{ proto array Phar::setSignatureAlgorithm(int sigtype[, string privatekey]) * Sets the signature algorithm for a phar and applies it. The signature * algorithm must be one of Phar::MD5, Phar::SHA1, Phar::SHA256, * Phar::SHA512, or Phar::PGP (PGP is not yet supported and falls back to @@ -2685,7 +2692,8 @@ PHP_METHOD(Phar, setSignatureAlgorithm) { long algo; - char *error; + char *error, *key = NULL; + int key_len = 0; PHAR_ARCHIVE_OBJECT(); if (PHAR_G(readonly) && !phar_obj->arc.archive->is_data) { @@ -2704,7 +2712,7 @@ return; } - if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC, "l", &algo) != SUCCESS) { + if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC, "l|s", &algo, &key, &key_len) != SUCCESS) { return; } @@ -2718,9 +2726,11 @@ #endif case PHAR_SIG_MD5 : case PHAR_SIG_SHA1 : - case PHAR_SIG_PGP : + case PHAR_SIG_OPENSSL : phar_obj->arc.archive->sig_flags = algo; phar_obj->arc.archive->is_modified = 1; + PHAR_G(openssl_privatekey) = key; + PHAR_G(openssl_privatekey_len) = key_len; phar_flush(phar_obj->arc.archive, 0, 0, 0, &error TSRMLS_CC); if (error) { @@ -2758,6 +2768,9 @@ case PHAR_SIG_SHA512: add_assoc_stringl(return_value, "hash_type", "SHA-512", 7, 1); break; + case PHAR_SIG_OPENSSL: + add_assoc_stringl(return_value, "hash_type", "OpenSSL", 7, 1); + break; } } else { RETURN_FALSE; @@ -4571,6 +4584,7 @@ static ZEND_BEGIN_ARG_INFO_EX(arginfo_phar_setSigAlgo, 0, 0, 1) ZEND_ARG_INFO(0, algorithm) + ZEND_ARG_INFO(0, privatekey) ZEND_END_ARG_INFO(); static @@ -4759,7 +4773,7 @@ REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "PHP", PHAR_MIME_PHP) REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "PHPS", PHAR_MIME_PHPS) REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "MD5", PHAR_SIG_MD5) - REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "PGP", PHAR_SIG_PGP) + REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "OPENSSL", PHAR_SIG_OPENSSL) REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "SHA1", PHAR_SIG_SHA1) REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "SHA256", PHAR_SIG_SHA256) REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "SHA512", PHAR_SIG_SHA512) http://cvs.php.net/viewvc.cgi/php-src/ext/phar/tests/phar_get_supported_signatures_001.phpt?r1=1.2&r2=1.2.2.1&diff_format=u Index: php-src/ext/phar/tests/phar_get_supported_signatures_001.phpt diff -u php-src/ext/phar/tests/phar_get_supported_signatures_001.phpt:1.2 php-src/ext/phar/tests/phar_get_supported_signatures_001.phpt:1.2.2.1 --- php-src/ext/phar/tests/phar_get_supported_signatures_001.phpt:1.2 Mon Feb 25 15:41:46 2008 +++ php-src/ext/phar/tests/phar_get_supported_signatures_001.phpt Sun Jun 1 04:21:26 2008 @@ -3,6 +3,7 @@ --SKIPIF-- <?php if (!extension_loaded("phar")) die("skip"); ?> <?php if (extension_loaded("hash")) die("skip extension hash conflicts"); ?> +<?php if (extension_loaded("openssl")) die("skip extension openssl loaded"); ?> --INI-- phar.require_hash=0 phar.readonly=0 http://cvs.php.net/viewvc.cgi/php-src/ext/phar/tests/phar_get_supported_signatures_002.phpt?r1=1.2&r2=1.2.2.1&diff_format=u Index: php-src/ext/phar/tests/phar_get_supported_signatures_002.phpt diff -u php-src/ext/phar/tests/phar_get_supported_signatures_002.phpt:1.2 php-src/ext/phar/tests/phar_get_supported_signatures_002.phpt:1.2.2.1 --- php-src/ext/phar/tests/phar_get_supported_signatures_002.phpt:1.2 Mon Feb 25 15:41:46 2008 +++ php-src/ext/phar/tests/phar_get_supported_signatures_002.phpt Sun Jun 1 04:21:26 2008 @@ -3,6 +3,7 @@ --SKIPIF-- <?php if (!extension_loaded("phar")) die("skip"); ?> <?php if (!extension_loaded("hash")) die("skip extension hash required"); ?> +<?php if (extension_loaded("openssl")) die("skip extension openssl loaded"); ?> --INI-- phar.require_hash=0 phar.readonly=0 http://cvs.php.net/viewvc.cgi/php-src/ext/phar/tests/phar_setsignaturealgo2.phpt?r1=1.3&r2=1.3.2.1&diff_format=u Index: php-src/ext/phar/tests/phar_setsignaturealgo2.phpt diff -u php-src/ext/phar/tests/phar_setsignaturealgo2.phpt:1.3 php-src/ext/phar/tests/phar_setsignaturealgo2.phpt:1.3.2.1 --- php-src/ext/phar/tests/phar_setsignaturealgo2.phpt:1.3 Fri Jan 4 16:26:43 2008 +++ php-src/ext/phar/tests/phar_setsignaturealgo2.phpt Sun Jun 1 04:21:26 2008 @@ -3,11 +3,13 @@ --SKIPIF-- <?php if (!extension_loaded("phar")) die("skip"); ?> <?php if (!extension_loaded("hash")) die("skip extension hash required"); ?> +<?php if (!extension_loaded("openssl")) die("skip extension openssl required"); ?> --INI-- phar.require_hash=0 phar.readonly=0 --FILE-- <?php +$fname = dirname(__FILE__) . '/' . basename(__FILE__, '.php') . '.phar'; $p = new Phar(dirname(__FILE__) . '/brandnewphar.phar', 0, 'brandnewphar.phar'); $p['file1.txt'] = 'hi'; var_dump($p->getSignature()); @@ -28,7 +30,10 @@ echo $e->getMessage(); } try { -$p->setSignatureAlgorithm(Phar::PGP); +$private = openssl_get_privatekey(file_get_contents(dirname(__FILE__) . '/files/private.pem')); +$pkey = ''; +openssl_pkey_export($private, $pkey); +$p->setSignatureAlgorithm(Phar::OPENSSL, $pkey); var_dump($p->getSignature()); } catch (Exception $e) { echo $e->getMessage(); @@ -36,7 +41,7 @@ ?> ===DONE=== --CLEAN-- -<?php +<?php unlink(dirname(__FILE__) . '/brandnewphar.phar'); ?> --EXPECTF-- @@ -74,6 +79,6 @@ ["hash"]=> string(%d) "%s" ["hash_type"]=> - string(5) "SHA-1" + string(7) "OpenSSL" } ===DONE=== http://cvs.php.net/viewvc.cgi/php-src/ext/phar/tests/test_signaturealgos.phpt?r1=1.5&r2=1.5.2.1&diff_format=u Index: php-src/ext/phar/tests/test_signaturealgos.phpt diff -u php-src/ext/phar/tests/test_signaturealgos.phpt:1.5 php-src/ext/phar/tests/test_signaturealgos.phpt:1.5.2.1 --- php-src/ext/phar/tests/test_signaturealgos.phpt:1.5 Mon Apr 21 17:04:14 2008 +++ php-src/ext/phar/tests/test_signaturealgos.phpt Sun Jun 1 04:21:26 2008 @@ -3,6 +3,7 @@ --SKIPIF-- <?php if (!extension_loaded("phar")) die("skip"); ?> <?php if (!extension_loaded("hash")) die("skip extension hash conflicts"); ?> +<?php if (!extension_loaded("openssl")) die("skip extension openssl conflicts"); ?> --INI-- phar.require_hash=0 phar.readonly=0 @@ -20,6 +21,9 @@ $a = new Phar(dirname(__FILE__) . '/files/md5.phar'); $r = $a->getSignature(); var_dump($r['hash_type']); +$a = new Phar(dirname(__FILE__) . '/files/openssl.phar'); +$r = $a->getSignature(); +var_dump($r['hash_type']); ?> ===DONE=== --EXPECT-- @@ -27,4 +31,5 @@ string(7) "SHA-512" string(7) "SHA-256" string(3) "MD5" +string(7) "OpenSSL" ===DONE=== http://cvs.php.net/viewvc.cgi/php-src/ext/phar/tests/files/openssl.phar?view=markup&rev=1.1 Index: php-src/ext/phar/tests/files/openssl.phar +++ php-src/ext/phar/tests/files/openssl.phar http://cvs.php.net/viewvc.cgi/php-src/ext/phar/tests/files/openssl.phar.pubkey?view=markup&rev=1.1 Index: php-src/ext/phar/tests/files/openssl.phar.pubkey +++ php-src/ext/phar/tests/files/openssl.phar.pubkey http://cvs.php.net/viewvc.cgi/php-src/ext/phar/tests/files/private.pem?view=markup&rev=1.1 Index: php-src/ext/phar/tests/files/private.pem +++ php-src/ext/phar/tests/files/private.pem
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php