|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2015-03-06 17:30 UTC] marcus at synchromedia dot co dot uk
[2015-03-06 18:25 UTC] rdlowrey@php.net
-Status: Open
+Status: Analyzed
-Assigned To:
+Assigned To: rdlowrey
[2015-03-06 18:31 UTC] rdlowrey@php.net
[2015-03-06 18:31 UTC] rdlowrey@php.net
-Status: Analyzed
+Status: Closed
[2015-03-06 18:32 UTC] rdlowrey@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Tue Oct 28 02:00:01 2025 UTC |
Description: ------------ This is the signature for the openssl_pkcs7_sign function: function openssl_pkcs7_sign($infilename, $outfilename, $signcert, $privkey, array $headers, $flags = PKCS7_DETACHED, $extracerts = null) { } The problem I've found is that if you provide the $extracerts param *at all*, even if it's null (i.e. the same as its default value), it tries to open it as a file, resulting in this error: Warning: openssl_pkcs7_sign(): error opening the file To behave like other PHP functions, I would expect this value to be ignored when passwed with the same value as the default. It appears to be checking for the presence of the parameter rather than its value. It's easy enough to work around - you can check whether you need the extracerts param and have two different calls - but it's still a bug! There are also issues with documentation of the parameters for this function - I've found the $signcert and $privkey params require that you prepend the pathname with 'file://', but, inconsistently, the $extracerts param does not. Test script: --------------- Example script to demonstrate the bug: https://gist.github.com/Synchro/b9e4625013077def0cf7 A successful run should produce no output at all Actual result: -------------- Warning: openssl_pkcs7_sign(): error opening the file, in openssl_pkcs7_sign_bug.php on line 46