php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Doc Bug #20705 openssl_pkey_new does not seem to generate a new key
Submitted: 2002-11-28 14:25 UTC Modified: 2003-01-19 06:16 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: Troublegum at woltlab dot de Assigned: wez (profile)
Status: Closed Package: Documentation problem
PHP Version: 4.2.3 OS: Windows 2000 Professional
Private report: No CVE-ID: None
View Developer Edit
 [2002-11-28 14:25 UTC] Troublegum at woltlab dot de 
OS: Windows 2000 Professional
PHP version: 4.2.3
Apache version: 1.3.24 Win32
openssl: 0.9.6c

Problem: openssl_pkey_new does not seem to generate a new key

how to reproduces the problem:
I have the following script to test openssl..

--------------------------------------------------
<?php 
/** generate key */
$privkey = openssl_pkey_new(); 

/** export key to file */
$password = "test";
$dest_file = "./key.pem"; 
openssl_pkey_export_to_file($privkey,$dest_file, $password);

/** read in keyfile */
$fp = fopen($dest_file, "r");
$key_content = fread($fp, filesize($dest_file));
fclose($fp);

/** read in key */ 
$loaded_key = openssl_pkey_get_private($key_content, $pass); 

/** check key */ 
if ($loaded_key === false)
{
	die("not correct");
}
else
{
	echo "correct";
}
openssl_pkey_free($loaded_key); 
?>
--------------------------------------------------

The output is the following:
Warning: cannot get key from parameter 1 in c:\dev\htdocs\openssl\test.php on line 9
not correct

--------------------------------------------------
I first compiled openssl 0.9.6c using Visual C++ and copied libeay32.dll and ssley32.dll to c:/winnt/system32.
Then I upgraded to php 4.2.3 and replaced the two files with ones in the folder "dlls".

Openssl seems to be installed:
> OpenSSL support enabled 
> OpenSSL Version OpenSSL 0.9.6c 21 dec 2001

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-11-28 14:27 UTC] Troublegum at woltlab dot de 
wrong email address entered..
correct one: troublegum@woltlab.de
 [2002-12-07 01:17 UTC] iliaa@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-latest.zip
 [2002-12-10 04:36 UTC] wez@php.net 
Your test script is wrong:
/** read in key */ 
$loaded_key = openssl_pkey_get_private($key_content, $pass);

$pass is not set to anything; you meant $password, in which case this works fine.
 [2002-12-10 11:27 UTC] Troublegum at woltlab dot de 
Yes, you are right. But even with the correct variable and the latest win32 snapshot (downloaded at 07/12/2002) it did not work for me.

The problem is the following:
<?php 
/** generate key */
$privkey = openssl_pkey_new(); 

if(empty($privkey))
{
	die("error: no key was generated by openssl_pkey_new()");
}
else
{
	echo "a private key was generated by openssl_pkey_new()";
}
?>

produces
"error: no key was generated by openssl_pkey_new()".
 [2002-12-10 13:30 UTC] wez@php.net 
And what error messages does openssl_error_string() return?
 [2002-12-10 18:31 UTC] Troublegum at woltlab dot de 
openssl_error_string() returns different messages when I reload the page. I used the following test script:
----------
<?php 
$privkey = openssl_pkey_new(); 
if(empty($privkey))
{
	echo "error: no key was generated by openssl_pkey_new()";
}
else
{
	echo "a private key was generated by openssl_pkey_new()";
}
echo "<br>Error Message: ".openssl_error_string()."<br>";
exit;
?>
--------------------

These are the error messages openssl_error_string() returned:

1. request) error:02001003:system library:fopen:No such process
2. request) error:2006D002:BIO routines:BIO_new_file:system lib
3. request) error:02001003:system library:fopen:No such process


Thanks..
 [2002-12-11 01:04 UTC] sniper@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-latest.zip
 [2002-12-11 06:13 UTC] wez@php.net 
It seems that you need to have a valid openssl.cnf file for this to work correctly.
You can obtain this file from one of the packages at:
http://www.openssl.org/source/

The default path is C:\usr\local\ssl\openssl.cnf, but
you can override this path like this:
$key = openssl_pkey_new(
   array("config" => "path/to/openssl.cnf")
);

We are currently investigating including a file for this purpose in our win32 binary distributions.

Making this a documentation problem (I already added more information, but this has yet to filter through to the online docs).
 [2002-12-11 06:33 UTC] wez@php.net 
A little more info:

The default path for the openssl.cnf file is determined as follows:

OPENSSL_CONF environmental variable, if set, is assumed to hold the
path to the file.
If it is not set, SSLEAY_CONF environmental variable is checked next.
If neither are set, PHP will look in the default certificate area that was set
at the time that the SSL DLLs were compiled.  This is typically "C:\usr\local\ssl\openssl.cnf".
 [2003-01-19 06:16 UTC] wez@php.net 
Thank you for your bug report. This issue has already been fixed
in the latest released version of PHP, which you can download at 
http://www.php.net/downloads.php
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Wed Sep 18 21:01:26 2024 UTC