php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #28382 the openssl_x509_parse function does not extract the certificate extensions
Submitted: 2004-05-13 09:28 UTC Modified: 2006-07-30 17:04 UTC
Votes:4
Avg. Score:4.8 ± 0.4
Reproduced:4 of 4 (100.0%)
Same Version:1 (25.0%)
Same OS:3 (75.0%)
From: n_sergiu at hotmail dot com Assigned: pajoye (profile)
Status: Closed Package: OpenSSL related
PHP Version: 5CVS, 4CVS (2005-02-17) OS: *
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: n_sergiu at hotmail dot com
New email:
PHP Version: OS:

 

 [2004-05-13 09:28 UTC] n_sergiu at hotmail dot com 
Description:
------------
When I use the openssl_x509_parse to parse a x509 certificate, the v3 extensions are not included in the output result.

Reproduce code:
---------------
$file = fopen("/home/sergiu/clienttest.crt", "rb");
$cert = fread($file, filesize("/home/sergiu/clienttest.crt"));
print_r(openssl_x509_parse($cert));

Expected result:
----------------
Array
(
    [name] => /C=RO/ST=Romania/L=Craiova/O=XXX/OU=Mobile/CN=teste extens
    [subject] => Array
        (
            [C] => RO
            [ST] => Romania
            [L] => Craiova
            [O] => Sergiu Software
            [OU] => Mobile
            [CN] => teste extens
        )

    [hash] => 33df1a8c
    [issuer] => Array
        (
            [C] => RO
            [ST] => Romania
            [O] => Sergiu Software
            [CN] => Sergiu Software CA
        )

    [version] => 2
    [serialNumber] => 38
    [validFrom] => 030712124551Z
    [validTo] => 040711124551Z
    [validFrom_time_t] => 1058013951
    [validTo_time_t] => 1089549951
    [purposes] => Array
        (
            [1] => Array
                (
                    [0] => 1
                    [1] =>
                    [2] => sslclient
                )

            [2] => Array
                (
                    [0] => 1
                    [1] =>
                    [2] => sslserver
                )

            [3] => Array
                (
                    [0] => 1
                    [1] =>
                    [2] => nssslserver
                )

            [4] => Array
                (
                    [0] => 1
                    [1] =>
                    [2] => smimesign
                )

            [5] => Array
                (
                    [0] => 1
                    [1] =>
                    [2] => smimeencrypt
                )

            [6] => Array
                (
                    [0] =>
                    [1] =>
                    [2] => crlsign
                )

            [7] => Array
                (
                    [0] => 1
                    [1] => 1
                    [2] => any
                )
        )
    [v3extensions] => Array
        (
            [1] => Array
                (
                    [0] => NetscapeComment
                    [1] => 1
                    [2] => For Grid use only; request tag userTag
                 )
            ...........................
        )
)


Actual result:
--------------
Array
(
    [name] => /C=RO/ST=Romania/L=Craiova/O=XXX/OU=Mobile/CN=teste extens
    [subject] => Array
        (
            [C] => RO
            [ST] => Romania
            [L] => Craiova
            [O] => Sergiu Software
            [OU] => Mobile
            [CN] => teste extens
        )

    [hash] => 33df1a8c
    [issuer] => Array
        (
            [C] => RO
            [ST] => Romania
            [O] => Sergiu Software
            [CN] => Sergiu Software CA
        )

    [version] => 2
    [serialNumber] => 38
    [validFrom] => 030712124551Z
    [validTo] => 040711124551Z
    [validFrom_time_t] => 1058013951
    [validTo_time_t] => 1089549951
    [purposes] => Array
        (
            [1] => Array
                (
                    [0] => 1
                    [1] =>
                    [2] => sslclient
                )

            [2] => Array
                (
                    [0] => 1
                    [1] =>
                    [2] => sslserver
                )

            [3] => Array
                (
                    [0] => 1
                    [1] =>
                    [2] => nssslserver
                )

            [4] => Array
                (
                    [0] => 1
                    [1] =>
                    [2] => smimesign
                )

            [5] => Array
                (
                    [0] => 1
                    [1] =>
                    [2] => smimeencrypt
                )

            [6] => Array
                (
                    [0] =>
                    [1] =>
                    [2] => crlsign
                )

            [7] => Array
                (
                    [0] => 1
                    [1] => 1
                    [2] => any
                )
        )
)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-05-13 10:14 UTC] n_sergiu at hotmail dot com 
I managed to insert some line of code in openssl.c, but I would like to see these changes in the next version of php.

PHP_FUNCTION(openssl_x509_parse)
{
        ...
	X509_EXTENSION *extension;
	ASN1_OCTET_STRING *extdata;
	char extstr[20];
	int nid;

        ...
	for (i = 0; i < X509_get_ext_count(cert); i++) {
	    extension = X509_get_ext(cert, i);
	    extdata = X509_EXTENSION_get_data(extension);
	    sprintf(extstr, "ext%i", i);
	    add_assoc_asn1_string(return_value, extstr, extdata);
	}
        /* This is an extension I used for IP address */
	nid = OBJ_create_and_add_object("1.2.3.4", "IP", "Client IP Address");
	extension = X509_get_ext(cert, X509_get_ext_by_NID(cert, nid, 0));
	extdata = X509_EXTENSION_get_data(extension);
	add_assoc_asn1_string(return_value, "1.2.3.4", extdata);
        ...
}
 [2004-05-13 19:47 UTC] iliaa@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip
 [2004-05-14 08:46 UTC] n_sergiu at hotmail dot com 
Sorry, the error is still there. No v3 extensions are returned by the openssl_x509_parse function.
 [2004-05-14 15:38 UTC] iliaa@php.net 
Please provide the applicable certificate file so that we 
have something to test the code with.
 [2004-05-14 15:47 UTC] n_sergiu at hotmail dot com 
Here is a certificate for testing:

-----BEGIN CERTIFICATE-----
MIIEoDCCBAmgAwIBAgIBJzANBgkqhkiG9w0BAQQFADCBkDELMAkGA1UEBhMCUk8x
EDAOBgNVBAgTB1JvbWFuaWExEDAOBgNVBAcTB0NyYWlvdmExDzANBgNVBAoTBlNl
cmdpdTETMBEGA1UECxMKU2VyZ2l1IFNSTDESMBAGA1UEAxMJU2VyZ2l1IENBMSMw
IQYJKoZIhvcNAQkBFhRuX3NlcmdpdUBob3RtYWlsLmNvbTAeFw0wNDA1MTQxMzM0
NTZaFw0wNTA1MTQxMzM0NTZaMIGaMQswCQYDVQQGEwJSTzEQMA4GA1UECBMHUm9t
YW5pYTEQMA4GA1UEBxMHQ3JhaW92YTETMBEGA1UEChMKU2VyZ2l1IFNSTDETMBEG
A1UECxMKU2VyZ2l1IFNSTDEYMBYGA1UEAxMPU2VyZ2l1IHBlcnNvbmFsMSMwIQYJ
KoZIhvcNAQkBFhRuX3NlcmdpdUBob3RtYWlsLmNvbTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEApNj7XXz8T8FcLIWpBniPYom3QcT6T7u0xRPHqtqzj5oboBYp
DJe5d354/y0gJTpiLt8+fTrPgWXnbHm3pOHgXzTcX6Arani0GDU0/xDi4VkCRGcS
YqX2sJpcDzAbmK9UDMt3xf/O1B8AJan3RfO0Bm3ozTEPziLMkmsiYr5b/L8CAwEA
AaOCAfwwggH4MAkGA1UdEwQCMAAwNQYJYIZIAYb4QgENBCgWJkZvciBHcmlkIHVz
ZSBvbmx5OyByZXF1ZXN0IHRhZyB1c2VyVGFnMBEGCWCGSAGG+EIBAQQEAwIF4DA/
BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vbW9iaWxlLmJsdWUtc29mdHdhcmUucm86
OTAvY2EvY3JsLnNodG1sMDUGCWCGSAGG+EIBCAQoFiZodHRwOi8vbW9iaWxlLmJs
dWUtc29mdHdhcmUucm86OTAvcHViLzAhBgNVHREEGjAYgRZzZXJnaXVAYmx1ZXNv
ZnR3YXJlLnJvMB0GA1UdDgQWBBSwp//5QRXeIzm93TEPl6CyonTg/DCBpwYDVR0j
BIGfMIGcoYGWpIGTMIGQMQswCQYDVQQGEwJSTzEQMA4GA1UECBMHUm9tYW5pYTEQ
MA4GA1UEBxMHQ3JhaW92YTEPMA0GA1UEChMGU2VyZ2l1MRMwEQYDVQQLEwpTZXJn
aXUgU1JMMRIwEAYDVQQDEwlTZXJnaXUgQ0ExIzAhBgkqhkiG9w0BCQEWFG5fc2Vy
Z2l1QGhvdG1haWwuY29tggEAMAsGA1UdDwQEAwIE8DAjBglghkgBhvhCAQIEFhYU
aHR0cDovLzYyLjIzMS45OC41Mi8wCwYDKgMEBAQ+52I0MA0GCSqGSIb3DQEBBAUA
A4GBAIBIOJ+iiLyQfNJEY+IMefayQea0nmuXYY+F+L1DFjSC7xChytgYoPNnKkhh
3dWPtxbswiqKYUnGi6y3Hi4UhDsOaDW29t2S305hSc2qgjOiNtRYQIVYQ8EHG1k7
Fl63S7uCOhnVJt+4MnUK1N6/pwgsp+Z2GvEsDG1qCKnvNpf6
-----END CERTIFICATE-----
 [2006-07-30 17:04 UTC] pajoye@php.net 
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.
 [2012-02-05 09:32 UTC] rasmus@php.net 
Automatic comment from SVN on behalf of rasmus
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=323070
Log: According to the reports on qa this test is failing the same way for everyone.
See: http://qa.php.net/reports/viewreports.php?version=5.3.10&amp;test=%2Fext%2Fopenssl%2Ftests%2Fbug28382.phpt
I'm not sure if this is due to a change in the openssl library or in the extension, so perhaps the test
itself needs to change, but for now synch it with the new output and watch for failures.
 [2012-03-27 13:40 UTC] ab@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=5f6bed180ea7fc6d33c3d02ccbb9bd4f9fadd465
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 [2012-03-27 14:40 UTC] ab@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=e55718b09121c79f3a6b0cfb7c446112fb378402
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 [2012-03-27 14:41 UTC] ab@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=7fdd35d697765680050dc81114444d2772962698
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 [2012-03-27 16:11 UTC] ab@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=e55718b09121c79f3a6b0cfb7c446112fb378402
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 [2012-03-27 16:26 UTC] ab@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=e55718b09121c79f3a6b0cfb7c446112fb378402
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 [2012-03-27 16:26 UTC] ab@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=7fdd35d697765680050dc81114444d2772962698
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 [2012-03-29 04:23 UTC] ab@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=e55718b09121c79f3a6b0cfb7c446112fb378402
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 [2012-03-29 04:23 UTC] ab@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=7fdd35d697765680050dc81114444d2772962698
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 [2012-04-18 09:45 UTC] laruence@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=5f6bed180ea7fc6d33c3d02ccbb9bd4f9fadd465
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 [2012-07-24 23:36 UTC] rasmus@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=5f6bed180ea7fc6d33c3d02ccbb9bd4f9fadd465
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 [2013-11-17 09:33 UTC] laruence@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=5f6bed180ea7fc6d33c3d02ccbb9bd4f9fadd465
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 [2014-10-07 23:28 UTC] stas@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=e55718b09121c79f3a6b0cfb7c446112fb378402
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 [2014-10-07 23:28 UTC] stas@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=7fdd35d697765680050dc81114444d2772962698
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 [2014-10-07 23:39 UTC] stas@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=e55718b09121c79f3a6b0cfb7c446112fb378402
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 [2014-10-07 23:39 UTC] stas@php.net 
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src-security.git;a=commit;h=7fdd35d697765680050dc81114444d2772962698
Log: Fix bug #61412 ext\openssl\tests\bug28382.phpt fails
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Mon Apr 07 16:01:28 2025 UTC