|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull Requests |
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2023 The PHP GroupAll rights reserved. |
Last updated: Fri Mar 24 13:03:47 2023 UTC |
Description: ------------ When generating a CRT using KEY/CSR, the certificate resource is not "ready". To use it, you have to export and import it back. The test was done using a CA or a selfsigned. Tested on 3 systems: OSX 10.9 PHP 5.5.6 (brew) OpenSSL 1.0.1e Ubuntu PHP 5.4.21-1+debphp.org~quantal+1 OpenSSL 1.0.1c PHP 5.3.10-1ubuntu3.6 OpenSSL 1.0.1 (Native) If nobody can reproduce this, I can post the rest of the system configurations Test script: --------------- <?php $key = openssl_pkey_new(); $csr = openssl_csr_new(array(), $key); $crt = openssl_csr_sign($csr, null, $key, 365 * 100); openssl_pkcs7_encrypt($plain1, $enc, $crt, array('foo' => 'bar')); openssl_pkcs7_decrypt($enc, $plain2, $crt, $key); // error, empty ?> Full example: https://gist.github.com/lavoiesl/7557763/raw/openssl-test.php Expected result: ---------------- string(0) "hello" string(5) "hello" string(0) "hello" array(0) { } Actual result: -------------- error:21070073:PKCS7 routines:PKCS7_dataDecode:no recipient matches certificatestring(0) "" string(5) "hello" error:21070073:PKCS7 routines:PKCS7_dataDecode:no recipient matches certificatestring(0) "" array(0) { }