php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Doc Bug #80715 Incorrect documentation for certificate and private_key in openssl_cms_sign()
Submitted: 2021-02-05 22:22 UTC Modified: 2021-02-05 23:07 UTC
From: nyuszika7h at gmail dot com Assigned:
Status: Open Package: OpenSSL related
PHP Version: 8.0.2 OS: Debian 10
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2021-02-05 22:22 UTC] nyuszika7h at gmail dot com
Description:
------------
---
From manual page: https://php.net/function.openssl-cms-sign
---

The documentation states the following:

> certificate
> The name of the file containing the signing certificate.
> 
> private_key
> The name of file containing the key associated with certificate.

This is incorrect and results in "PHP message: PHP Warning:  openssl_cms_sign(): Error getting private key in file.php". It actually has to be formatted per <https://www.php.net/manual/en/openssl.certparams.php>, so for example `file://cert.pem`.

Test script:
---------------
// Incorrect code (following documentation)
openssl_cms_sign('input.txt', 'output.txt', 'cert.pem', 'privkey.pem', null, OPENSSL_CMS_BINARY, OPENSSL_ENCODING_DER, 'chain.pem');

// Correct code
openssl_cms_sign('input.txt', 'output.txt', 'file://cert.pem', 'file://privkey.pem', null, OPENSSL_CMS_BINARY, OPENSSL_ENCODING_DER, 'chain.pem');


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-02-05 23:07 UTC] cmb@php.net
That part of the documentation has been copied almost verbatim
from the respective RFC[1].  Is the RFC in error, or has that been
changed after the RFC had been accepted?  Anyhow, a PR[2] fixing
this would be welcome.

[1] <https://wiki.php.net/rfc/add-cms-support>
[2] <https://github.com/php/doc-en/pulls>
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sun Jul 25 13:01:23 2021 UTC