cellog Sun Jun 1 04:21:27 2008 UTC
Added files: (Branch: PHP_5_3)
/php-src/ext/phar/tests/files openssl.phar openssl.phar.pubkey
private.pem
Modified files:
/php-src/ext/phar config.m4 phar.c phar_internal.h phar_object.c
/php-src/ext/phar/tests phar_get_supported_signatures_001.phpt
phar_get_supported_signatures_002.phpt
phar_setsignaturealgo2.phpt
test_signaturealgos.phpt
Log:
add openssl signing support. This adds an extra parameter
for the contents of the exported private key to Phar->setSignatureAlgorithm,
and expects the public key to be in
a file named blah.phar.pubkey in the same directory as the phar blah.phar.
This works with openssl static or
shared and fails gracefully if openssl is not present without adding a
dependency. config.w32 needs updating to match config.m4 [DOC]
http://cvs.php.net/viewvc.cgi/php-src/ext/phar/config.m4?r1=1.27.2.3&r2=1.27.2.4&diff_format=u
Index: php-src/ext/phar/config.m4
diff -u php-src/ext/phar/config.m4:1.27.2.3 php-src/ext/phar/config.m4:1.27.2.4
--- php-src/ext/phar/config.m4:1.27.2.3 Sat May 17 20:07:22 2008
+++ php-src/ext/phar/config.m4 Sun Jun 1 04:21:26 2008
@@ -1,4 +1,4 @@
-dnl $Id: config.m4,v 1.27.2.3 2008/05/17 20:07:22 cellog Exp $
+dnl $Id: config.m4,v 1.27.2.4 2008/06/01 04:21:26 cellog Exp $
dnl config.m4 for extension phar
PHP_ARG_ENABLE(phar, for phar archive support,
@@ -8,6 +8,17 @@
PHP_NEW_EXTENSION(phar, util.c tar.c zip.c stream.c func_interceptors.c
dirstream.c phar.c phar_object.c phar_path_check.c, $ext_shared)
PHP_ADD_BUILD_DIR($ext_builddir/lib, 1)
PHP_SUBST(PHAR_SHARED_LIBADD)
+ AC_MSG_CHECKING([for phar openssl support])
+ if test "$PHP_OPENSSL_SHARED" = "yes"; then
+ AC_MSG_RESULT([no (shared openssl)])
+ else
+ if test "$PHP_OPENSSL" = "yes"; then
+ AC_MSG_RESULT([yes])
+ AC_DEFINE(PHAR_HAVE_OPENSSL,1,[ ])
+ else
+ AC_MSG_RESULT([no])
+ fi
+ fi
PHP_ADD_EXTENSION_DEP(phar, spl, true)
PHP_ADD_MAKEFILE_FRAGMENT
fi
http://cvs.php.net/viewvc.cgi/php-src/ext/phar/phar.c?r1=1.370.2.9&r2=1.370.2.10&diff_format=u
Index: php-src/ext/phar/phar.c
diff -u php-src/ext/phar/phar.c:1.370.2.9 php-src/ext/phar/phar.c:1.370.2.10
--- php-src/ext/phar/phar.c:1.370.2.9 Fri May 30 22:49:33 2008
+++ php-src/ext/phar/phar.c Sun Jun 1 04:21:26 2008
@@ -17,13 +17,31 @@
+----------------------------------------------------------------------+
*/
-/* $Id: phar.c,v 1.370.2.9 2008/05/30 22:49:33 cellog Exp $ */
+/* $Id: phar.c,v 1.370.2.10 2008/06/01 04:21:26 cellog Exp $ */
#define PHAR_MAIN 1
#include "phar_internal.h"
#include "SAPI.h"
#include "func_interceptors.h"
+#ifdef PHAR_HAVE_OPENSSL
+
+/* OpenSSL includes */
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/crypto.h>
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/conf.h>
+#include <openssl/rand.h>
+#include <openssl/ssl.h>
+#include <openssl/pkcs12.h>
+
+#endif
+
+static int phar_call_openssl_signverify(int is_sign, php_stream *fp, off_t
end, char *key, int key_len, char **signature, int *signature_len TSRMLS_DC);
+
ZEND_DECLARE_MODULE_GLOBALS(phar)
#if PHP_VERSION_ID >= 50300
char *(*phar_save_resolve_path)(const char *filename, int filename_len
TSRMLS_DC);
@@ -113,6 +131,7 @@
}
if (phar->signature) {
efree(phar->signature);
+ phar->signature = NULL;
}
if (phar->manifest.arBuckets) {
zend_hash_destroy(&phar->manifest);
@@ -592,6 +611,7 @@
int read_size, len;
char sig_buf[8], *sig_ptr = sig_buf;
off_t read_len;
+ size_t end_of_phar;
if (-1 == php_stream_seek(fp, -8, SEEK_END)
|| (read_len = php_stream_tell(fp)) < 20
@@ -606,6 +626,149 @@
}
PHAR_GET_32(sig_ptr, sig_flags);
switch(sig_flags) {
+ case PHAR_SIG_OPENSSL: {
+#ifdef PHAR_HAVE_OPENSSL
+ BIO *in;
+ EVP_PKEY *key;
+ EVP_MD *mdtype = (EVP_MD *) EVP_sha1();
+ EVP_MD_CTX md_ctx;
+#endif
+ php_uint32 signature_len, pubkey_len;
+ char *sig, *pubkey = NULL, *pfile;
+ off_t whence;
+ php_stream *pfp;
+ int tempsig;
+
+ if (!zend_hash_exists(&module_registry, "openssl",
sizeof("openssl"))) {
+ efree(savebuf);
+ php_stream_close(fp);
+ if (error) {
+ spprintf(error, 0, "phar \"%s\" openssl
signature cannot be verified, openssl not loaded", fname);
+ }
+ return FAILURE;
+ }
+ /* we store the signature followed by the signature
length */
+ if (-1 == php_stream_seek(fp, -12, SEEK_CUR)
+ || 4 != php_stream_read(fp, sig_buf, 4)) {
+ efree(savebuf);
+ php_stream_close(fp);
+ if (error) {
+ spprintf(error, 0, "phar \"%s\" openssl
signature length could not be read", fname);
+ }
+ return FAILURE;
+ }
+
+ sig_ptr = sig_buf;
+ PHAR_GET_32(sig_ptr, signature_len);
+
+ sig = (char *)emalloc(signature_len);
+
+ whence = signature_len + 4;
+ whence = -whence;
+ if (-1 == php_stream_seek(fp, whence, SEEK_CUR)
+ || !(end_of_phar = php_stream_tell(fp))
+ || signature_len != php_stream_read(fp, sig,
signature_len)) {
+ efree(savebuf);
+ efree(sig);
+ php_stream_close(fp);
+ if (error) {
+ spprintf(error, 0, "phar \"%s\" openssl
signature could not be read", fname);
+ }
+ return FAILURE;
+ }
+
+ /* use __FILE__ . '.pubkey' for public key file */
+ spprintf(&pfile, 0, "%s.pubkey", fname);
+ pfp = php_stream_open_wrapper(pfile, "rb", 0, NULL);
+ efree(pfile);
+ if (!pfp || !(pubkey_len = php_stream_copy_to_mem(pfp,
&pubkey, PHP_STREAM_COPY_ALL, 0)) || !pubkey) {
+ efree(savebuf);
+ efree(sig);
+ if (pubkey) {
+ efree(pubkey);
+ }
+ php_stream_close(fp);
+ if (error) {
+ spprintf(error, 0, "phar \"%s\" openssl
public key could not be read", fname);
+ }
+ return FAILURE;
+ }
+ php_stream_close(pfp);
+#ifndef PHAR_HAVE_OPENSSL
+ tempsig = signature_len;
+ if (FAILURE == phar_call_openssl_signverify(0, fp,
end_of_phar, pubkey, pubkey_len, &sig, &tempsig TSRMLS_CC)) {
+ efree(savebuf);
+ efree(sig);
+ if (pubkey) {
+ efree(pubkey);
+ }
+ php_stream_close(fp);
+ if (error) {
+ spprintf(error, 0, "phar \"%s\" openssl
signature could not be verified", fname);
+ }
+ return FAILURE;
+ }
+ if (pubkey) {
+ efree(pubkey);
+ }
+ signature_len = tempsig;
+#else
+ in = BIO_new_mem_buf(pubkey, pubkey_len);
+ if (NULL == in) {
+ efree(savebuf);
+ efree(sig);
+ efree(pubkey);
+ php_stream_close(fp);
+ if (error) {
+ spprintf(error, 0, "phar \"%s\" openssl
signature could not be processed", fname);
+ }
+ return FAILURE;
+ }
+ key = PEM_read_bio_PUBKEY(in, NULL,NULL, NULL);
+ BIO_free(in);
+ efree(pubkey);
+ if (NULL == key) {
+ efree(savebuf);
+ efree(sig);
+ php_stream_close(fp);
+ if (error) {
+ spprintf(error, 0, "phar \"%s\" openssl
signature could not be processed", fname);
+ }
+ return FAILURE;
+ }
+
+ EVP_VerifyInit(&md_ctx, mdtype);
+
+ read_len -= signature_len + 4;
+ if (read_len > sizeof(buf)) {
+ read_size = sizeof(buf);
+ } else {
+ read_size = (int)read_len;
+ }
+ php_stream_seek(fp, 0, SEEK_SET);
+ while (read_size && (len = php_stream_read(fp,
(char*)buf, read_size)) > 0) {
+ EVP_VerifyUpdate (&md_ctx, buf, len);
+ read_len -= (off_t)len;
+ if (read_len < read_size) {
+ read_size = (int)read_len;
+ }
+ }
+ if (!EVP_VerifyFinal (&md_ctx, (unsigned char *)sig,
signature_len, key)) {
+ EVP_MD_CTX_cleanup(&md_ctx);
+ efree(sig);
+ efree(savebuf);
+ php_stream_close(fp);
+ if (error) {
+ spprintf(error, 0, "phar \"%s\" has a
broken signature", fname);
+ }
+ return FAILURE;
+ }
+ EVP_MD_CTX_cleanup(&md_ctx);
+#endif
+ sig_len = phar_hex_str((const char*)sig, sig_len,
&signature);
+ efree(sig);
+ }
+ break;
#if HAVE_HASH_EXT
case PHAR_SIG_SHA512: {
unsigned char digest[64], saved[64];
@@ -2078,6 +2241,116 @@
return stub;
}
+static int phar_call_openssl_signverify(int is_sign, php_stream *fp, off_t
end, char *key, int key_len, char **signature, int *signature_len TSRMLS_DC)
+{
+ zend_fcall_info fci;
+ zend_fcall_info_cache fcc;
+ zval *zdata, *zsig, *zkey, *retval_ptr, **zp[3], *openssl;
+
+ MAKE_STD_ZVAL(zdata);
+ MAKE_STD_ZVAL(openssl);
+ ZVAL_STRINGL(openssl, is_sign ? "openssl_sign" : "openssl_verify",
is_sign ? sizeof("openssl_sign")-1 : sizeof("openssl_verify")-1, 1);
+ MAKE_STD_ZVAL(zsig);
+ ZVAL_STRINGL(zsig, *signature, *signature_len, 1);
+ MAKE_STD_ZVAL(zkey);
+ ZVAL_STRINGL(zkey, key, key_len, 1);
+ zp[0] = &zdata;
+ zp[1] = &zsig;
+ zp[2] = &zkey;
+
+ php_stream_rewind(fp);
+ Z_TYPE_P(zdata) = IS_STRING;
+ Z_STRLEN_P(zdata) = end;
+ if (end != (off_t) php_stream_copy_to_mem(fp, &(Z_STRVAL_P(zdata)),
(size_t) end, 0)) {
+ zval_dtor(zdata);
+ zval_dtor(zsig);
+ zval_dtor(zkey);
+ return FAILURE;
+ }
+
+#if PHP_VERSION_ID < 50300
+ if (FAILURE == zend_fcall_info_init(openssl, &fci, &fcc TSRMLS_CC)) {
+#else
+ if (FAILURE == zend_fcall_info_init(openssl, 0, &fci, &fcc, NULL, NULL
TSRMLS_CC)) {
+#endif
+ zval_dtor(zdata);
+ zval_dtor(zsig);
+ zval_dtor(zkey);
+ zval_dtor(openssl);
+ return FAILURE;
+ }
+ zval_dtor(openssl);
+ efree(openssl);
+
+ fci.param_count = 3;
+ fci.params = zp;
+#if PHP_VERSION_ID < 50300
+ ++(zdata->refcount);
+ ++(zsig->refcount);
+ ++(zkey->refcount);
+#else
+ Z_ADDREF_P(zdata);
+ if (is_sign) {
+ Z_SET_ISREF_P(zsig);
+ } else {
+ Z_ADDREF_P(zsig);
+ }
+ Z_ADDREF_P(zkey);
+#endif
+ fci.retval_ptr_ptr = &retval_ptr;
+
+ if (FAILURE == zend_call_function(&fci, &fcc TSRMLS_CC)) {
+ zval_dtor(zdata);
+ zval_dtor(zsig);
+ zval_dtor(zkey);
+ efree(zdata);
+ efree(zkey);
+ efree(zsig);
+ return FAILURE;
+ }
+#if PHP_VERSION_ID < 50300
+ --(zdata->refcount);
+ --(zsig->refcount);
+ --(zkey->refcount);
+#else
+ Z_DELREF_P(zdata);
+ if (is_sign) {
+ Z_UNSET_ISREF_P(zsig);
+ } else {
+ Z_DELREF_P(zsig);
+ }
+ Z_DELREF_P(zkey);
+#endif
+ zval_dtor(zdata);
+ efree(zdata);
+ zval_dtor(zkey);
+ efree(zkey);
+ switch (Z_TYPE_P(retval_ptr)) {
+ default:
+ case IS_LONG :
+ zval_dtor(zsig);
+ efree(zsig);
+ if (1 == Z_LVAL_P(retval_ptr)) {
+ efree(retval_ptr);
+ return SUCCESS;
+ }
+ efree(retval_ptr);
+ return FAILURE;
+ case IS_BOOL :
+ efree(retval_ptr);
+ if (Z_BVAL_P(retval_ptr)) {
+ *signature = estrndup(Z_STRVAL_P(zsig),
Z_STRLEN_P(zsig));
+ *signature_len = Z_STRLEN_P(zsig);
+ zval_dtor(zsig);
+ efree(zsig);
+ return SUCCESS;
+ }
+ zval_dtor(zsig);
+ efree(zsig);
+ return FAILURE;
+ }
+}
+
/**
* Save phar contents to disk
*
@@ -2621,11 +2894,11 @@
unsigned char buf[1024];
int sig_flags = 0, sig_len;
char sig_buf[4];
-
php_stream_rewind(newfile);
if (phar->signature) {
efree(phar->signature);
+ phar->signature = NULL;
}
switch(phar->sig_flags) {
@@ -2670,8 +2943,83 @@
}
return EOF;
#endif
- case PHAR_SIG_PGP:
- /* TODO: currently fall back to sha1,later do both */
+ case PHAR_SIG_OPENSSL: {
+ int siglen;
+ unsigned char *sigbuf;
+#ifdef PHAR_HAVE_OPENSSL
+ BIO *in;
+ EVP_PKEY *key;
+ EVP_MD *mdtype = (EVP_MD *) EVP_sha1();
+ EVP_MD_CTX md_ctx;
+
+ if (!zend_hash_exists(&module_registry, "openssl",
sizeof("openssl"))) {
+ if (closeoldfile) {
+ php_stream_close(oldfile);
+ }
+ php_stream_close(newfile);
+ if (error) {
+ spprintf(error, 0, "phar \"%s\" openssl
signature cannot be created, openssl not loaded", phar->fname);
+ }
+ return EOF;
+ }
+ in = BIO_new_mem_buf(PHAR_G(openssl_privatekey),
PHAR_G(openssl_privatekey_len));
+
+ if (in == NULL) {
+ if (closeoldfile) {
+ php_stream_close(oldfile);
+ }
+ php_stream_close(newfile);
+ if (error) {
+ spprintf(error, 0, "unable to write
contents of file \"%s\" to new phar \"%s\" with requested openssl signature",
entry->filename, phar->fname);
+ }
+ return EOF;
+ }
+ key = PEM_read_bio_PrivateKey(in, NULL,NULL, "");
+
+ BIO_free(in);
+ siglen = EVP_PKEY_size(key);
+ sigbuf = emalloc(siglen + 1);
+
+ EVP_SignInit(&md_ctx, mdtype);
+ while ((sig_len = php_stream_read(newfile, (char*)buf,
sizeof(buf))) > 0) {
+ EVP_SignUpdate(&md_ctx, buf, sig_len);
+ }
+ if (!EVP_SignFinal (&md_ctx, sigbuf,(unsigned int
*)&siglen, key)) {
+ efree(sigbuf);
+ if (closeoldfile) {
+ php_stream_close(oldfile);
+ }
+ php_stream_close(newfile);
+ if (error) {
+ spprintf(error, 0, "unable to write
phar \"%s\" with requested openssl signature", phar->fname);
+ }
+ return EOF;
+ }
+ sigbuf[siglen] = '\0';
+ EVP_MD_CTX_cleanup(&md_ctx);
+#else
+ sigbuf = NULL;
+ siglen = 0;
+ php_stream_seek(newfile, 0, SEEK_END);
+ if (FAILURE == phar_call_openssl_signverify(1, newfile,
php_stream_tell(newfile), PHAR_G(openssl_privatekey),
PHAR_G(openssl_privatekey_len), (char **)&sigbuf, &siglen TSRMLS_CC)) {
+ if (closeoldfile) {
+ php_stream_close(oldfile);
+ }
+ php_stream_close(newfile);
+ if (error) {
+ spprintf(error, 0, "unable to write
phar \"%s\" with requested openssl signature", phar->fname);
+ }
+ return EOF;
+ }
+#endif
+ sig_flags |= PHAR_SIG_OPENSSL;
+ phar->sig_len = phar_hex_str((const char *)sigbuf,
siglen, &phar->signature);
+ php_stream_write(newfile, (char *) sigbuf, siglen);
+ efree(sigbuf);
+ phar_set_32(sig_buf, siglen);
+ php_stream_write(newfile, sig_buf, 4);
+ }
+ break;
default:
case PHAR_SIG_SHA1: {
unsigned char digest[20];
@@ -3052,7 +3400,7 @@
php_info_print_table_header(2, "Phar: PHP Archive support", "enabled");
php_info_print_table_row(2, "Phar EXT version", PHP_PHAR_VERSION);
php_info_print_table_row(2, "Phar API version", PHP_PHAR_API_VERSION);
- php_info_print_table_row(2, "CVS revision", "$Revision: 1.370.2.9 $");
+ php_info_print_table_row(2, "CVS revision", "$Revision: 1.370.2.10 $");
php_info_print_table_row(2, "Phar-based phar archives", "enabled");
php_info_print_table_row(2, "Tar-based phar archives", "enabled");
php_info_print_table_row(2, "ZIP-based phar archives", "enabled");
@@ -3084,6 +3432,7 @@
*/
static zend_module_dep phar_deps[] = {
ZEND_MOD_OPTIONAL("apc")
+ ZEND_MOD_OPTIONAL("openssl")
#if HAVE_SPL
ZEND_MOD_REQUIRED("spl")
#endif
http://cvs.php.net/viewvc.cgi/php-src/ext/phar/phar_internal.h?r1=1.109.2.5&r2=1.109.2.6&diff_format=u
Index: php-src/ext/phar/phar_internal.h
diff -u php-src/ext/phar/phar_internal.h:1.109.2.5
php-src/ext/phar/phar_internal.h:1.109.2.6
--- php-src/ext/phar/phar_internal.h:1.109.2.5 Fri May 30 22:38:46 2008
+++ php-src/ext/phar/phar_internal.h Sun Jun 1 04:21:26 2008
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: phar_internal.h,v 1.109.2.5 2008/05/30 22:38:46 cellog Exp $ */
+/* $Id: phar_internal.h,v 1.109.2.6 2008/06/01 04:21:26 cellog Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -103,7 +103,7 @@
#define PHAR_SIG_SHA1 0x0002
#define PHAR_SIG_SHA256 0x0003
#define PHAR_SIG_SHA512 0x0004
-#define PHAR_SIG_PGP 0x0010
+#define PHAR_SIG_OPENSSL 0x0010
/* flags byte for each file adheres to these bitmasks.
All unused values are reserved */
@@ -171,6 +171,8 @@
char* cwd;
int cwd_len;
int cwd_init;
+ char *openssl_privatekey;
+ int openssl_privatekey_len;
ZEND_END_MODULE_GLOBALS(phar)
ZEND_EXTERN_MODULE_GLOBALS(phar)
http://cvs.php.net/viewvc.cgi/php-src/ext/phar/phar_object.c?r1=1.266.2.13&r2=1.266.2.14&diff_format=u
Index: php-src/ext/phar/phar_object.c
diff -u php-src/ext/phar/phar_object.c:1.266.2.13
php-src/ext/phar/phar_object.c:1.266.2.14
--- php-src/ext/phar/phar_object.c:1.266.2.13 Fri May 30 22:38:46 2008
+++ php-src/ext/phar/phar_object.c Sun Jun 1 04:21:26 2008
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: phar_object.c,v 1.266.2.13 2008/05/30 22:38:46 cellog Exp $ */
+/* $Id: phar_object.c,v 1.266.2.14 2008/06/01 04:21:26 cellog Exp $ */
#include "phar_internal.h"
#include "func_interceptors.h"
@@ -1251,6 +1251,13 @@
add_next_index_stringl(return_value, "SHA-256", 7, 1);
add_next_index_stringl(return_value, "SHA-512", 7, 1);
#endif
+#if PHAR_HAVE_OPENSSL
+ add_next_index_stringl(return_value, "OpenSSL", 7, 1);
+#else
+ if (zend_hash_exists(&module_registry, "openssl", sizeof("openssl"))) {
+ add_next_index_stringl(return_value, "OpenSSL", 7, 1);
+ }
+#endif
}
/* }}} */
@@ -2675,7 +2682,7 @@
}
/* }}} */
-/* {{{ proto array Phar::setSignatureAlgorithm(int sigtype)
+/* {{{ proto array Phar::setSignatureAlgorithm(int sigtype[, string
privatekey])
* Sets the signature algorithm for a phar and applies it. The signature
* algorithm must be one of Phar::MD5, Phar::SHA1, Phar::SHA256,
* Phar::SHA512, or Phar::PGP (PGP is not yet supported and falls back to
@@ -2685,7 +2692,8 @@
PHP_METHOD(Phar, setSignatureAlgorithm)
{
long algo;
- char *error;
+ char *error, *key = NULL;
+ int key_len = 0;
PHAR_ARCHIVE_OBJECT();
if (PHAR_G(readonly) && !phar_obj->arc.archive->is_data) {
@@ -2704,7 +2712,7 @@
return;
}
- if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS()
TSRMLS_CC, "l", &algo) != SUCCESS) {
+ if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS()
TSRMLS_CC, "l|s", &algo, &key, &key_len) != SUCCESS) {
return;
}
@@ -2718,9 +2726,11 @@
#endif
case PHAR_SIG_MD5 :
case PHAR_SIG_SHA1 :
- case PHAR_SIG_PGP :
+ case PHAR_SIG_OPENSSL :
phar_obj->arc.archive->sig_flags = algo;
phar_obj->arc.archive->is_modified = 1;
+ PHAR_G(openssl_privatekey) = key;
+ PHAR_G(openssl_privatekey_len) = key_len;
phar_flush(phar_obj->arc.archive, 0, 0, 0, &error
TSRMLS_CC);
if (error) {
@@ -2758,6 +2768,9 @@
case PHAR_SIG_SHA512:
add_assoc_stringl(return_value, "hash_type", "SHA-512",
7, 1);
break;
+ case PHAR_SIG_OPENSSL:
+ add_assoc_stringl(return_value, "hash_type", "OpenSSL",
7, 1);
+ break;
}
} else {
RETURN_FALSE;
@@ -4571,6 +4584,7 @@
static
ZEND_BEGIN_ARG_INFO_EX(arginfo_phar_setSigAlgo, 0, 0, 1)
ZEND_ARG_INFO(0, algorithm)
+ ZEND_ARG_INFO(0, privatekey)
ZEND_END_ARG_INFO();
static
@@ -4759,7 +4773,7 @@
REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "PHP", PHAR_MIME_PHP)
REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "PHPS", PHAR_MIME_PHPS)
REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "MD5", PHAR_SIG_MD5)
- REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "PGP", PHAR_SIG_PGP)
+ REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "OPENSSL",
PHAR_SIG_OPENSSL)
REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "SHA1", PHAR_SIG_SHA1)
REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "SHA256",
PHAR_SIG_SHA256)
REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "SHA512",
PHAR_SIG_SHA512)
http://cvs.php.net/viewvc.cgi/php-src/ext/phar/tests/phar_get_supported_signatures_001.phpt?r1=1.2&r2=1.2.2.1&diff_format=u
Index: php-src/ext/phar/tests/phar_get_supported_signatures_001.phpt
diff -u php-src/ext/phar/tests/phar_get_supported_signatures_001.phpt:1.2
php-src/ext/phar/tests/phar_get_supported_signatures_001.phpt:1.2.2.1
--- php-src/ext/phar/tests/phar_get_supported_signatures_001.phpt:1.2 Mon Feb
25 15:41:46 2008
+++ php-src/ext/phar/tests/phar_get_supported_signatures_001.phpt Sun Jun
1 04:21:26 2008
@@ -3,6 +3,7 @@
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (extension_loaded("hash")) die("skip extension hash conflicts"); ?>
+<?php if (extension_loaded("openssl")) die("skip extension openssl loaded"); ?>
--INI--
phar.require_hash=0
phar.readonly=0
http://cvs.php.net/viewvc.cgi/php-src/ext/phar/tests/phar_get_supported_signatures_002.phpt?r1=1.2&r2=1.2.2.1&diff_format=u
Index: php-src/ext/phar/tests/phar_get_supported_signatures_002.phpt
diff -u php-src/ext/phar/tests/phar_get_supported_signatures_002.phpt:1.2
php-src/ext/phar/tests/phar_get_supported_signatures_002.phpt:1.2.2.1
--- php-src/ext/phar/tests/phar_get_supported_signatures_002.phpt:1.2 Mon Feb
25 15:41:46 2008
+++ php-src/ext/phar/tests/phar_get_supported_signatures_002.phpt Sun Jun
1 04:21:26 2008
@@ -3,6 +3,7 @@
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("hash")) die("skip extension hash required"); ?>
+<?php if (extension_loaded("openssl")) die("skip extension openssl loaded"); ?>
--INI--
phar.require_hash=0
phar.readonly=0
http://cvs.php.net/viewvc.cgi/php-src/ext/phar/tests/phar_setsignaturealgo2.phpt?r1=1.3&r2=1.3.2.1&diff_format=u
Index: php-src/ext/phar/tests/phar_setsignaturealgo2.phpt
diff -u php-src/ext/phar/tests/phar_setsignaturealgo2.phpt:1.3
php-src/ext/phar/tests/phar_setsignaturealgo2.phpt:1.3.2.1
--- php-src/ext/phar/tests/phar_setsignaturealgo2.phpt:1.3 Fri Jan 4
16:26:43 2008
+++ php-src/ext/phar/tests/phar_setsignaturealgo2.phpt Sun Jun 1 04:21:26 2008
@@ -3,11 +3,13 @@
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("hash")) die("skip extension hash required"); ?>
+<?php if (!extension_loaded("openssl")) die("skip extension openssl
required"); ?>
--INI--
phar.require_hash=0
phar.readonly=0
--FILE--
<?php
+$fname = dirname(__FILE__) . '/' . basename(__FILE__, '.php') . '.phar';
$p = new Phar(dirname(__FILE__) . '/brandnewphar.phar', 0,
'brandnewphar.phar');
$p['file1.txt'] = 'hi';
var_dump($p->getSignature());
@@ -28,7 +30,10 @@
echo $e->getMessage();
}
try {
-$p->setSignatureAlgorithm(Phar::PGP);
+$private = openssl_get_privatekey(file_get_contents(dirname(__FILE__) .
'/files/private.pem'));
+$pkey = '';
+openssl_pkey_export($private, $pkey);
+$p->setSignatureAlgorithm(Phar::OPENSSL, $pkey);
var_dump($p->getSignature());
} catch (Exception $e) {
echo $e->getMessage();
@@ -36,7 +41,7 @@
?>
===DONE===
--CLEAN--
-<?php
+<?php
unlink(dirname(__FILE__) . '/brandnewphar.phar');
?>
--EXPECTF--
@@ -74,6 +79,6 @@
["hash"]=>
string(%d) "%s"
["hash_type"]=>
- string(5) "SHA-1"
+ string(7) "OpenSSL"
}
===DONE===
http://cvs.php.net/viewvc.cgi/php-src/ext/phar/tests/test_signaturealgos.phpt?r1=1.5&r2=1.5.2.1&diff_format=u
Index: php-src/ext/phar/tests/test_signaturealgos.phpt
diff -u php-src/ext/phar/tests/test_signaturealgos.phpt:1.5
php-src/ext/phar/tests/test_signaturealgos.phpt:1.5.2.1
--- php-src/ext/phar/tests/test_signaturealgos.phpt:1.5 Mon Apr 21 17:04:14 2008
+++ php-src/ext/phar/tests/test_signaturealgos.phpt Sun Jun 1 04:21:26 2008
@@ -3,6 +3,7 @@
--SKIPIF--
<?php if (!extension_loaded("phar")) die("skip"); ?>
<?php if (!extension_loaded("hash")) die("skip extension hash conflicts"); ?>
+<?php if (!extension_loaded("openssl")) die("skip extension openssl
conflicts"); ?>
--INI--
phar.require_hash=0
phar.readonly=0
@@ -20,6 +21,9 @@
$a = new Phar(dirname(__FILE__) . '/files/md5.phar');
$r = $a->getSignature();
var_dump($r['hash_type']);
+$a = new Phar(dirname(__FILE__) . '/files/openssl.phar');
+$r = $a->getSignature();
+var_dump($r['hash_type']);
?>
===DONE===
--EXPECT--
@@ -27,4 +31,5 @@
string(7) "SHA-512"
string(7) "SHA-256"
string(3) "MD5"
+string(7) "OpenSSL"
===DONE===
http://cvs.php.net/viewvc.cgi/php-src/ext/phar/tests/files/openssl.phar?view=markup&rev=1.1
Index: php-src/ext/phar/tests/files/openssl.phar
+++ php-src/ext/phar/tests/files/openssl.phar
http://cvs.php.net/viewvc.cgi/php-src/ext/phar/tests/files/openssl.phar.pubkey?view=markup&rev=1.1
Index: php-src/ext/phar/tests/files/openssl.phar.pubkey
+++ php-src/ext/phar/tests/files/openssl.phar.pubkey
http://cvs.php.net/viewvc.cgi/php-src/ext/phar/tests/files/private.pem?view=markup&rev=1.1
Index: php-src/ext/phar/tests/files/private.pem
+++ php-src/ext/phar/tests/files/private.pem
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
