php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login | |
Patch openssl-add-ripemd160-sha2-sig-algs for OpenSSL related Bug #61421Patch version 2012-04-02 18:19 UTC Return to Bug #61421 | Download this patchThis patch is obsolete Obsoleted by patches:
This patch renders other patches obsolete Obsolete patches: Patch Revisions:Developer: mark@zedwood.comdiff -urN php-5.4.0-orig/ext/openssl/openssl.c php-5.4.0/ext/openssl/openssl.c --- php-5.4.0-orig/ext/openssl/openssl.c 2012-04-02 11:44:55.476942109 -0600 +++ php-5.4.0/ext/openssl/openssl.c 2012-04-02 11:45:12.048194671 -0600 @@ -70,6 +70,15 @@ #endif #define OPENSSL_ALGO_DSS1 5 +#if OPENSSL_VERSION_NUMBER >= 0x0090708fL +#define OPENSSL_ALGO_SHA224 6 +#define OPENSSL_ALGO_SHA256 7 +#define OPENSSL_ALGO_SHA384 8 +#define OPENSSL_ALGO_SHA512 9 +#define OPENSSL_ALGO_RIPEMD160 10 +#endif + + #define DEBUG_SMIME 0 /* FIXME: Use the openssl constants instead of @@ -954,6 +963,23 @@ case OPENSSL_ALGO_DSS1: mdtype = (EVP_MD *) EVP_dss1(); break; +#if OPENSSL_VERSION_NUMBER >= 0x0090708fL + case OPENSSL_ALGO_SHA224: + mdtype = (EVP_MD *) EVP_sha224(); + break; + case OPENSSL_ALGO_SHA256: + mdtype = (EVP_MD *) EVP_sha256(); + break; + case OPENSSL_ALGO_SHA384: + mdtype = (EVP_MD *) EVP_sha384(); + break; + case OPENSSL_ALGO_SHA512: + mdtype = (EVP_MD *) EVP_sha512(); + break; + case OPENSSL_ALGO_RIPEMD160: + mdtype = (EVP_MD *) EVP_ripemd160(); + break; +#endif default: return NULL; break; @@ -1048,7 +1074,13 @@ REGISTER_LONG_CONSTANT("OPENSSL_ALGO_MD2", OPENSSL_ALGO_MD2, CONST_CS|CONST_PERSISTENT); #endif REGISTER_LONG_CONSTANT("OPENSSL_ALGO_DSS1", OPENSSL_ALGO_DSS1, CONST_CS|CONST_PERSISTENT); - +#if OPENSSL_VERSION_NUMBER >= 0x0090708fL + REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA224", OPENSSL_ALGO_SHA224, CONST_CS|CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA256", OPENSSL_ALGO_SHA256, CONST_CS|CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA384", OPENSSL_ALGO_SHA384, CONST_CS|CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA512", OPENSSL_ALGO_SHA512, CONST_CS|CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("OPENSSL_ALGO_RIPEMD160", OPENSSL_ALGO_RIPEMD160, CONST_CS|CONST_PERSISTENT); +#endif /* flags for S/MIME */ REGISTER_LONG_CONSTANT("PKCS7_DETACHED", PKCS7_DETACHED, CONST_CS|CONST_PERSISTENT); REGISTER_LONG_CONSTANT("PKCS7_TEXT", PKCS7_TEXT, CONST_CS|CONST_PERSISTENT); diff -urN php-5.4.0-orig/ext/openssl/tests/bug61421.phpt php-5.4.0/ext/openssl/tests/bug61421.phpt --- php-5.4.0-orig/ext/openssl/tests/bug61421.phpt 1969-12-31 17:00:00.000000000 -0700 +++ php-5.4.0/ext/openssl/tests/bug61421.phpt 2012-04-02 11:45:19.232200358 -0600 @@ -0,0 +1,121 @@ +--TEST-- +openssl_verify() for ripemd160 and sha2 family +--SKIPIF-- +<?php if (!extension_loaded("openssl")) print "skip"; +if (OPENSSL_VERSION_NUMBER < 0x0090708f) die("skip Output requires OpenSSL 0.9.7h or greater"); +?> +--FILE-- +<?php +$to_test = array(); +$to_test[] = array('data_length'=>336,'sig_offset'=>356,'alg'=>OPENSSL_ALGO_RIPEMD160,'csr'=>'-----BEGIN CERTIFICATE REQUEST----- +MIICZTCCAVACAQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAMTC2V4YW1wbGUuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1swVdlC2GbRJY6z23C1l +eqyHMKcq68WOjuu84c15b+/UVTPxwTT8XEdJP5Dxbkg3j3O0D7IjUUzHSuSG3Tig +tvjxOIjIY0y7c6eg9/jIGPAQREiTi8Eym0Ney+WLJ4ysWIEU0YMSF0f5XAxLZhgW +DEHnxoh+kg4tcenj9Z3yt1vE7SXAT6JkKYpDam+uIrUPongWV5liLrF3NE9hvT9F +fXmgx+pmL5/vnwvR2l+euCMERAaN6+cXWfVzFXZ6J+B6ihR8ENti7oHSGgF5oOUW +3hmJyVJHswAIe191BEllRu0hv2CRm93jETe/r/5XDOsqbHbCSH1Vm8CaCJmBF7IM +WwIDAQABoAAwCgYGKyQDAwECBQADggEBADBvWjouKx+KSnGSPQ49Zjz6aFzqoqjk +cIB9gVRpHfQwBrVa3t5R/WMYWcdjaVMuEcK8kJUEeSFXSc1I/82/LKXE2sH92XFq +KmT+aU9PH/EnLr85vXGwYToXNudN2dQ3NuA5T1Xd2GBQbd9Qm1mXczmT090txMzv +f9JkjEQXl5w0Zpa+66LaRkiG8xi6jCzgK8P9BQN/7U33sdtbhfnCQDkVzUxvWKP+ +KLOWKVNx6Fds1n88OqgRhdxOLxQDXpytNjSz08R42MPBCPekMMJV4HRl6WRVoZmy +ePtW9d9Wccxs5K7sz0g1ldpWvePfMo/dp50w86QSMF0QcWXFzcNgwwo= +-----END CERTIFICATE REQUEST-----'); +$to_test[] = array('data_length'=>336,'sig_offset'=>359,'alg'=>OPENSSL_ALGO_SHA1,'csr'=>'-----BEGIN CERTIFICATE REQUEST----- +MIICaDCCAVACAQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAMTC2V4YW1wbGUuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ym6hLAMV//iMRjEx/H3 ++RuVHYLrQndJ5a/TE2j8IgQbS2SUgHK5Y0PQ4vKawCizHkUZ6gMv4sPHbGKbWkL6 +M7CSKoFx5+fWdtp6gsa7fb3iLDy6ZGpwTb7U7pazDTSFz1WWdxstevMjlZQfJ32+ +axUZsVosOAA5IlIRmifXX1hE6eNXwquzl6ik6fUkhcQZ/uIAcC43UhWCX1V9yt8Z +XZPUSEUKWkXF5fpdB77uFlFvMulj5tSLKupU3eXAYKgtiZ2oK2vGs8B7dJ9h4m8F +vqN7feAZ8ZJMNv8ceiujtHBz2iDINsnsWPwoilMJAtOg8vShVc7KIC+6YV9FLcaX +KwIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAGQ5QiiL6WjzifZihu4V59/YQjD3 +UzzlDCn0ZreAUS2E/RDeUQpH54SuAi8tbDfLwadUtgSoR3dJ3jujeZ3OXAh9bv3n +jVRNs3el8arrdOAMeFkPdalYWWHfty8GC05wJHkNbhcnfrB9BxyyW/XsGlk7DyYA +ci6sJPtsYoegEqk4Z0vXX1pKbj4r5g41bpz5Nr9F1rCpKar+76Y7wisLNi0lzXvF +Rjwb+NxyUPqpB5mlz8c72xm5ChGySt7tkUURVHrpcxeTzPGT3orYDqRMHEUpFfVt +6D8h3fuuwO4+CIzJvTQxfYXtcDeZn/5UWS5ohKB2Cp3KWNa7H0NaVcB3O38= +-----END CERTIFICATE REQUEST-----'); +$to_test[] = array('data_length'=>336,'sig_offset'=>359,'alg'=>OPENSSL_ALGO_SHA224,'csr'=>'-----BEGIN CERTIFICATE REQUEST----- +MIICaDCCAVACAQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAMTC2V4YW1wbGUuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1+tGAYjfZkr3+Vf9ufn +K8vt7g0enkWyhaeLWTBl0U1ajbdOJzgEVccTi40TTlcC604cHq8hl+bKvehWRDXH +IVA9YaLWw5riDmZgpEbw/GbjrIJRvFVQl8P4tKvAqBrfvTkgK6aGVaa27QWXSwNq +K4AaVwGhOQclRsziOaSycUMVRu4bwiBgj/aafaC8OgOQfLWvCeUW2iZqZgCA3dKD +tJ/gCjYcJcd47ZvatSYLJGsfLLRo/w4ZkRNvsRHsmmfFOGF0dz93PNje92Vl5ON1 +YG8VoMNO0wA+o72AazxPTp5GaI6jkmyMbxzGW9WdDcWgZpohX4GcVDHYXaVEsS0w +cQIDAQABoAAwDQYJKoZIhvcNAQEOBQADggEBAJw2RhEDXc/7fcO6YAjHS+kGEw9w +If41vOwjMOTibzlM/3HQoF6SSNlEs3TKLac2Mh9+17uOSed8Cwxq6d3nOgnYaorC +8zyjQMJIxchwfKMNx3P7DVTwBMPLhxQwL7pnr1hdWLt0hdy83P0hoEqIYVOr1bqD +1FCz7s31KHk4jJuyFouIdiSzCMdqdxFUdeQflsQAyazMTCdhyHTVl5YmQjE98ly+ +J7L3Zo5dac67sRplB7l6THolkshz+PjcNvx5yAQvXJEgtofHeCjZdlOGcNe/dnag +ECjtibpD/adKNfNoXhoA/PqLzZJnZi/WU60LBMNtujOqnGd2lqWL1mJHarc= +-----END CERTIFICATE REQUEST-----'); +$to_test[] = array('data_length'=>336,'sig_offset'=>359,'alg'=>OPENSSL_ALGO_SHA256,'csr'=>'-----BEGIN CERTIFICATE REQUEST----- +MIICaDCCAVACAQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAMTC2V4YW1wbGUuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7x4d/NGd6qDdcqiKniO +SOyEr70xZW833PpxvMc4Dyv6fCTT91+1r+xDpQI4s3YCjd2qH1fY94uRcIlF3ifJ +A07uc8TA7ScLrJTQt/4g4v45Y7TUciWU0sz1v7dlGZZ0eyliZ7kyuBwO6y7EGfxF +egTELaHVE7ylffazICpz0awfrziCyh/2GOwHGe5W7KtbEC0viX26LymHxi7nPcQR +Oj8AJalG+WsmBCOxGvGjLSpcIuTQ+VoBSiRXo3JpGULwKbO/WU5JPqENw5lMStt9 +6Qy67ZIVLp54o3Noizp6/owtw/j2mDn0eGdKr4mNJWwqPW8laYri5O/ZBtdoOMP/ +rwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAGcFbijOA5Eaz6X8581vl9PNTDRO +ImlNmrH/LS9+A+Wp1eAW8n+R/hKW8JzvUUa5WeU/hp/r5pOPpb9Tarh/6vLq/5d3 +t6N015DmaWYtxUejBSkVU4qyAfASDnkLoTfSmsg085VWSM0LQtsoAz+VBtRD0rfa +7gkuy5u6aMqqB0IcU79ODwaaSTmPXPpwfrBrN7DAYduYSb7hUar9fdH0rqWoZHq+ +BIfWo/zXcVRu5Vmq7xjs4qRjD0B0xF8Wbiw/wq11tjvVXB48VjX7E/OF6ONn/Hvc +fKiBTVGVybrRnwZPWKtlMmBwadu7r10cmLVk+EUZHM5FWv9NDauNz3ntybA= +-----END CERTIFICATE REQUEST-----'); +$to_test[] = array('data_length'=>336,'sig_offset'=>359,'alg'=>OPENSSL_ALGO_SHA384,'csr'=>'-----BEGIN CERTIFICATE REQUEST----- +MIICaDCCAVACAQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAMTC2V4YW1wbGUuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzntwE4WeE7eCWM+qespd +Jj/Fi3qhObNXyZp4mz7hPje1EwMHk0EurQbb2NMbxwBAOQeH2yK1AKACHBqkcGJ1 +QzfN/epHmfLmr002/kdeL5wDnP3g7UJIRlUDlN9lddoJObD1RlC9H1B/8SOTu4gA +xyI3gCU7cufd6RblySoqlKuRFg2HQZmpUjPA6/uq9vSwPbfIRL43x7nOiUUSlSkG +EPeXo5joPYYrpP11N2frWdWJmZ0OzxjYQj5HsaRja0DEjVR3pLn8PMTMbo51R0ja +4aQBuuADhK3BeSAoBSw9IarXo0x/rfU6h15oqoc6gWYT+a5a/4Th7sP5UcvsHB7y +3wIDAQABoAAwDQYJKoZIhvcNAQEMBQADggEBAFjuGtM8zjFBcz0yP4dPw0u5XSRW +9TrBU0VZyfmRw1GjUmSFrYXVoxGx/ampbz2kT/zkdzOJbjgRGBDNArq7J3Tga3pl +7NtUQ5l7DOOVa6RJOM090wmc9RZ1hZ7rNJOxnSOdZF839PB6sZFbo/gZqPbScyTS +PMJabfrYij/0sbaZcj4s0VZvNMTcDEcVJ+YBB1bSbGiI9z/gwIGhStM7FqlIFPF7 +f/V/CwX6RCJ8zdRrhF0pUd4vGu869b0KxrGUU+MId0WM7EVx0G/wHzsEzC/e5H3a ++RCWck4/oXKQad1trK1SleRmZLDzUoGNRiKsrBZRusaZG8NrPm+v7CQpJ+g= +-----END CERTIFICATE REQUEST-----'); +$to_test[] = array('data_length'=>336,'sig_offset'=>359,'alg'=>OPENSSL_ALGO_SHA512,'csr'=>'-----BEGIN CERTIFICATE REQUEST----- +MIICaDCCAVACAQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAMTC2V4YW1wbGUuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJhVbY4caMTShttQQ0SJ +uVEmgQ2xvdWkN/7rKFFh5WaMhyb9DHsffXSgcFYoToKCopJL+8o+c2yF4J/yNM+y +i7f7BS/eaTkSPOca8XbzoYhLbRBJlIdUSsWYE3kP7sOrrlZtpCKZvGesfuIJ5U7E +iY5qL/ZcOVGZi9N32e+1iY7CjBMXcfVKLBRQX4NG7PxNcFPksemZn0B0AC3RmXgN +yZAZPmK1nm6iFyvMH42rtlaPlpAGqJv7TyexK3cW01Y1Mp8HcwEC2vKjzh637QIz +8Qg1xv40NMA73rmD1+5g5sO0iF92E67uhgk0ibQ8X5iOTeiRUPM4BV3I8bPbNrj6 +xwIDAQABoAAwDQYJKoZIhvcNAQENBQADggEBAA8tlPrIdyQHzKUkyRhHB+R4JQu2 +kSiBAcmPI3+tj5hzMWRx1AzBRhDW9MSyZ1flTXtzpYRAa0F9tPGX57GBppmK+0hM +qqH+q72vv22YlSKvofr3765p0HWHobUndxyFU9atQlfkUqsw3uQj7hYQq8gs7Pds +3nwpuBSLjW+RmmnGIPwSaqE1ezBhSPvbRjl/EyU3FWQXJ61EkJrpq4zyt0gE6T0t +3oRzCgmScv5dW3GahL3FB01MmkUcBnFWNtyapO5rOLzcwwusV/yucYw/mhKSHRzT +yDgejc12rjvWkrCffa6+MMojxzSLDOPEwC3ooese3fNRLHAWD3bBTUmIo5M= +-----END CERTIFICATE REQUEST-----'); +foreach($to_test as $test) +{ + $pem = preg_replace('/\-+BEGIN[A-Z ]*\-+/','',$test['csr']); + $pem = preg_replace('/\-+END[A-Z ]*\-+/','',$pem); + $pem = preg_replace('/[^A-Za-z0-9=+\/]/m','',$pem);//strip off all non base64 chars + $der = base64_decode($pem); + + $data = substr($der,4,$test['data_length']+4);//numbers derived from: openssl asn1parse -in my.csr + $sig = substr($der,$test['sig_offset']+4); + $sig = $sig[0]=="\x0" ? substr($sig,1) : $sig; + $key = openssl_csr_get_public_key($test['csr']); + $r = openssl_verify($data,$sig,$key,$test['alg']); + var_dump($r); +} +?> +--EXPECTF-- +int(1) +int(1) +int(1) +int(1) +int(1) +int(1) |
Copyright © 2001-2024 The PHP Group All rights reserved. |
Last updated: Thu Nov 21 13:01:29 2024 UTC |