Patch openssl-add-sig-algs.txt for OpenSSL related Bug #61421

Patch version 2012-06-18 20:47 UTC

Obsolete patches:

• add_openssl_signature_algorithms.txt, revision 2012-03-16 19:35 UTC
• openssl-add-ripemd160-sha2-sig-algs, revision 2012-04-02 18:19 UTC
• openssl-add-rmd160-sha2-sig-alg.patch, revision 2012-04-05 22:04 UTC
• openssl-add-rmd160-sha2-sig-alg.patch, revision 2012-04-05 22:08 UTC

• 2012-06-18 20:47 UTC [diff to current]

Developer: mark@zedwood.com

diff -rupN php-5.4.4-orig/ext/openssl/openssl.c php-5.4.4-patched/ext/openssl/openssl.c
--- php-5.4.4-orig/ext/openssl/openssl.c	2012-06-12 22:54:23.000000000 -0600
+++ php-5.4.4-patched/ext/openssl/openssl.c	2012-06-18 14:44:43.646291328 -0600
@@ -69,7 +69,13 @@
 #define OPENSSL_ALGO_MD2	4
 #endif
 #define OPENSSL_ALGO_DSS1	5
-
+#if OPENSSL_VERSION_NUMBER >= 0x0090708fL
+#define OPENSSL_ALGO_SHA224 6
+#define OPENSSL_ALGO_SHA256 7
+#define OPENSSL_ALGO_SHA384 8
+#define OPENSSL_ALGO_SHA512 9
+#define OPENSSL_ALGO_RMD160 10
+#endif
 #define DEBUG_SMIME	0
 
 /* FIXME: Use the openssl constants instead of
@@ -954,6 +960,23 @@ static EVP_MD * php_openssl_get_evp_md_f
 		case OPENSSL_ALGO_DSS1:
 			mdtype = (EVP_MD *) EVP_dss1();
 			break;
+#if OPENSSL_VERSION_NUMBER >= 0x0090708fL
+		case OPENSSL_ALGO_SHA224:
+			mdtype = (EVP_MD *) EVP_sha224();
+			break;
+		case OPENSSL_ALGO_SHA256:
+			mdtype = (EVP_MD *) EVP_sha256();
+			break;
+		case OPENSSL_ALGO_SHA384:
+			mdtype = (EVP_MD *) EVP_sha384();
+			break;
+		case OPENSSL_ALGO_SHA512:
+			mdtype = (EVP_MD *) EVP_sha512();
+			break;
+		case OPENSSL_ALGO_RMD160:
+			mdtype = (EVP_MD *) EVP_ripemd160();
+			break;
+#endif
 		default:
 			return NULL;
 			break;
@@ -1048,6 +1071,13 @@ PHP_MINIT_FUNCTION(openssl)
 	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_MD2", OPENSSL_ALGO_MD2, CONST_CS|CONST_PERSISTENT);
 #endif
 	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_DSS1", OPENSSL_ALGO_DSS1, CONST_CS|CONST_PERSISTENT);
+#if OPENSSL_VERSION_NUMBER >= 0x0090708fL
+	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA224", OPENSSL_ALGO_SHA224, CONST_CS|CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA256", OPENSSL_ALGO_SHA256, CONST_CS|CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA384", OPENSSL_ALGO_SHA384, CONST_CS|CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA512", OPENSSL_ALGO_SHA512, CONST_CS|CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_RMD160", OPENSSL_ALGO_RMD160, CONST_CS|CONST_PERSISTENT);
+#endif
 
 	/* flags for S/MIME */
 	REGISTER_LONG_CONSTANT("PKCS7_DETACHED", PKCS7_DETACHED, CONST_CS|CONST_PERSISTENT);
diff -rupN php-5.4.4-orig/ext/openssl/tests/bug61421.phpt php-5.4.4-patched/ext/openssl/tests/bug61421.phpt
--- php-5.4.4-orig/ext/openssl/tests/bug61421.phpt	1969-12-31 17:00:00.000000000 -0700
+++ php-5.4.4-patched/ext/openssl/tests/bug61421.phpt	2012-06-18 14:44:43.646291328 -0600
@@ -0,0 +1,47 @@
+--TEST--
+Adding RMD160, SHA224,SHA256,SHA384,SHA512 signature verification algorithms
+--FILE--
+<?php
+$alg = OPENSSL_ALGO_SHA1;
+$data = base64_decode("MIIBUAIBADAjMQswCQYDVQQGEwJVUzEUMBIGA1UEAxMLZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbKbqEsAxX/+IxGMTH8ff5G5UdgutCd0nlr9MTaPwiBBtLZJSAcrljQ9Di8prAKLMeRRnqAy/iw8dsYptaQvozsJIqgXHn59Z22nqCxrt9veIsPLpkanBNvtTulrMNNIXPVZZ3Gy168yOVlB8nfb5rFRmxWiw4ADkiUhGaJ9dfWETp41fCq7OXqKTp9SSFxBn+4gBwLjdSFYJfVX3K3xldk9RIRQpaRcXl+l0Hvu4WUW8y6WPm1Isq6lTd5cBgqC2Jnagra8azwHt0n2HibwW+o3t94Bnxkkw2/xx6K6O0cHPaIMg2yexY/CiKUwkC06Dy9KFVzsogL7phX0UtxpcrAgMBAAGgAA==");
+$sig = base64_decode("ZDlCKIvpaPOJ9mKG7hXn39hCMPdTPOUMKfRmt4BRLYT9EN5RCkfnhK4CLy1sN8vBp1S2BKhHd0neO6N5nc5cCH1u/eeNVE2zd6Xxqut04Ax4WQ91qVhZYd+3LwYLTnAkeQ1uFyd+sH0HHLJb9ewaWTsPJgByLqwk+2xih6ASqThnS9dfWkpuPivmDjVunPk2v0XWsKkpqv7vpjvCKws2LSXNe8VGPBv43HJQ+qkHmaXPxzvbGbkKEbJK3u2RRRFUeulzF5PM8ZPeitgOpEwcRSkV9W3oPyHd+67A7j4IjMm9NDF9he1wN5mf/lRZLmiEoHYKncpY1rsfQ1pVwHc7fw==");
+$key = implode("\n", array('-----BEGIN PUBLIC KEY-----','MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ym6hLAMV//iMRjEx/H3','+RuVHYLrQndJ5a/TE2j8IgQbS2SUgHK5Y0PQ4vKawCizHkUZ6gMv4sPHbGKbWkL6','M7CSKoFx5+fWdtp6gsa7fb3iLDy6ZGpwTb7U7pazDTSFz1WWdxstevMjlZQfJ32+','axUZsVosOAA5IlIRmifXX1hE6eNXwquzl6ik6fUkhcQZ/uIAcC43UhWCX1V9yt8Z','XZPUSEUKWkXF5fpdB77uFlFvMulj5tSLKupU3eXAYKgtiZ2oK2vGs8B7dJ9h4m8F','vqN7feAZ8ZJMNv8ceiujtHBz2iDINsnsWPwoilMJAtOg8vShVc7KIC+6YV9FLcaX','KwIDAQAB','-----END PUBLIC KEY-----'));
+echo openssl_verify($data,$sig,$key,$alg) ? 'verified'."\n" : 'invalid'."\n";
+
+$alg = OPENSSL_ALGO_RMD160;
+$data = base64_decode("MIIBUAIBADAjMQswCQYDVQQGEwJVUzEUMBIGA1UEAxMLZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWzBV2ULYZtEljrPbcLWV6rIcwpyrrxY6O67zhzXlv79RVM/HBNPxcR0k/kPFuSDePc7QPsiNRTMdK5IbdOKC2+PE4iMhjTLtzp6D3+MgY8BBESJOLwTKbQ17L5YsnjKxYgRTRgxIXR/lcDEtmGBYMQefGiH6SDi1x6eP1nfK3W8TtJcBPomQpikNqb64itQ+ieBZXmWIusXc0T2G9P0V9eaDH6mYvn++fC9HaX564IwREBo3r5xdZ9XMVdnon4HqKFHwQ22LugdIaAXmg5RbeGYnJUkezAAh7X3UESWVG7SG/YJGb3eMRN7+v/lcM6ypsdsJIfVWbwJoImYEXsgxbAgMBAAGgAA==");
+$sig = base64_decode("MG9aOi4rH4pKcZI9Dj1mPPpoXOqiqORwgH2BVGkd9DAGtVre3lH9YxhZx2NpUy4RwryQlQR5IVdJzUj/zb8spcTawf3ZcWoqZP5pT08f8Scuvzm9cbBhOhc2503Z1Dc24DlPVd3YYFBt31CbWZdzOZPT3S3EzO9/0mSMRBeXnDRmlr7rotpGSIbzGLqMLOArw/0FA3/tTfex21uF+cJAORXNTG9Yo/4os5YpU3HoV2zWfzw6qBGF3E4vFANenK02NLPTxHjYw8EI96QwwlXgdGXpZFWhmbJ4+1b131ZxzGzkruzPSDWV2la9498yj92nnTDzpBIwXRBxZcXNw2DDCg==");
+$key = implode("\n", array('-----BEGIN PUBLIC KEY-----','MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1swVdlC2GbRJY6z23C1l','eqyHMKcq68WOjuu84c15b+/UVTPxwTT8XEdJP5Dxbkg3j3O0D7IjUUzHSuSG3Tig','tvjxOIjIY0y7c6eg9/jIGPAQREiTi8Eym0Ney+WLJ4ysWIEU0YMSF0f5XAxLZhgW','DEHnxoh+kg4tcenj9Z3yt1vE7SXAT6JkKYpDam+uIrUPongWV5liLrF3NE9hvT9F','fXmgx+pmL5/vnwvR2l+euCMERAaN6+cXWfVzFXZ6J+B6ihR8ENti7oHSGgF5oOUW','3hmJyVJHswAIe191BEllRu0hv2CRm93jETe/r/5XDOsqbHbCSH1Vm8CaCJmBF7IM','WwIDAQAB','-----END PUBLIC KEY-----'));
+echo openssl_verify($data,$sig,$key,$alg) ? 'verified'."\n" : 'invalid'."\n";
+
+$alg = OPENSSL_ALGO_SHA224;
+$data = base64_decode("MIIBUAIBADAjMQswCQYDVQQGEwJVUzEUMBIGA1UEAxMLZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrX60YBiN9mSvf5V/25+cry+3uDR6eRbKFp4tZMGXRTVqNt04nOARVxxOLjRNOVwLrThweryGX5sq96FZENcchUD1hotbDmuIOZmCkRvD8ZuOsglG8VVCXw/i0q8CoGt+9OSArpoZVprbtBZdLA2orgBpXAaE5ByVGzOI5pLJxQxVG7hvCIGCP9pp9oLw6A5B8ta8J5RbaJmpmAIDd0oO0n+AKNhwlx3jtm9q1Jgskax8stGj/DhmRE2+xEeyaZ8U4YXR3P3c82N73ZWXk43VgbxWgw07TAD6jvYBrPE9OnkZojqOSbIxvHMZb1Z0NxaBmmiFfgZxUMdhdpUSxLTBxAgMBAAGgAA==");
+$sig = base64_decode("nDZGEQNdz/t9w7pgCMdL6QYTD3Ah/jW87CMw5OJvOUz/cdCgXpJI2USzdMotpzYyH37Xu45J53wLDGrp3ec6CdhqisLzPKNAwkjFyHB8ow3Hc/sNVPAEw8uHFDAvumevWF1Yu3SF3Lzc/SGgSohhU6vVuoPUULPuzfUoeTiMm7IWi4h2JLMIx2p3EVR15B+WxADJrMxMJ2HIdNWXliZCMT3yXL4nsvdmjl1pzruxGmUHuXpMeiWSyHP4+Nw2/HnIBC9ckSC2h8d4KNl2U4Zw1792dqAQKO2JukP9p0o182heGgD8+ovNkmdmL9ZTrQsEw226M6qcZ3aWpYvWYkdqtw==");
+$key = implode("\n", array('-----BEGIN PUBLIC KEY-----','MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1+tGAYjfZkr3+Vf9ufn','K8vt7g0enkWyhaeLWTBl0U1ajbdOJzgEVccTi40TTlcC604cHq8hl+bKvehWRDXH','IVA9YaLWw5riDmZgpEbw/GbjrIJRvFVQl8P4tKvAqBrfvTkgK6aGVaa27QWXSwNq','K4AaVwGhOQclRsziOaSycUMVRu4bwiBgj/aafaC8OgOQfLWvCeUW2iZqZgCA3dKD','tJ/gCjYcJcd47ZvatSYLJGsfLLRo/w4ZkRNvsRHsmmfFOGF0dz93PNje92Vl5ON1','YG8VoMNO0wA+o72AazxPTp5GaI6jkmyMbxzGW9WdDcWgZpohX4GcVDHYXaVEsS0w','cQIDAQAB','-----END PUBLIC KEY-----'));
+echo openssl_verify($data,$sig,$key,$alg) ? 'verified'."\n" : 'invalid'."\n";
+
+$alg = OPENSSL_ALGO_SHA256;
+$data = base64_decode("MIIBUAIBADAjMQswCQYDVQQGEwJVUzEUMBIGA1UEAxMLZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLvHh380Z3qoN1yqIqeI5I7ISvvTFlbzfc+nG8xzgPK/p8JNP3X7Wv7EOlAjizdgKN3aofV9j3i5FwiUXeJ8kDTu5zxMDtJwuslNC3/iDi/jljtNRyJZTSzPW/t2UZlnR7KWJnuTK4HA7rLsQZ/EV6BMQtodUTvKV99rMgKnPRrB+vOILKH/YY7AcZ7lbsq1sQLS+JfbovKYfGLuc9xBE6PwAlqUb5ayYEI7Ea8aMtKlwi5ND5WgFKJFejcmkZQvAps79ZTkk+oQ3DmUxK233pDLrtkhUunnijc2iLOnr+jC3D+PaYOfR4Z0qviY0lbCo9byVpiuLk79kG12g4w/+vAgMBAAGgAA==");
+$sig = base64_decode("ZwVuKM4DkRrPpfznzW+X081MNE4iaU2asf8tL34D5anV4Bbyf5H+EpbwnO9RRrlZ5T+Gn+vmk4+lv1NquH/q8ur/l3e3o3TXkOZpZi3FR6MFKRVTirIB8BIOeQuhN9KayDTzlVZIzQtC2ygDP5UG1EPSt9ruCS7Lm7poyqoHQhxTv04PBppJOY9c+nB+sGs3sMBh25hJvuFRqv190fSupahker4Eh9aj/NdxVG7lWarvGOzipGMPQHTEXxZuLD/CrXW2O9VcHjxWNfsT84Xo42f8e9x8qIFNUZXJutGfBk9Yq2UyYHBp27uvXRyYtWT4RRkczkVa/00Nq43Pee3JsA==");
+$key = implode("\n", array('-----BEGIN PUBLIC KEY-----','MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7x4d/NGd6qDdcqiKniO','SOyEr70xZW833PpxvMc4Dyv6fCTT91+1r+xDpQI4s3YCjd2qH1fY94uRcIlF3ifJ','A07uc8TA7ScLrJTQt/4g4v45Y7TUciWU0sz1v7dlGZZ0eyliZ7kyuBwO6y7EGfxF','egTELaHVE7ylffazICpz0awfrziCyh/2GOwHGe5W7KtbEC0viX26LymHxi7nPcQR','Oj8AJalG+WsmBCOxGvGjLSpcIuTQ+VoBSiRXo3JpGULwKbO/WU5JPqENw5lMStt9','6Qy67ZIVLp54o3Noizp6/owtw/j2mDn0eGdKr4mNJWwqPW8laYri5O/ZBtdoOMP/','rwIDAQAB','-----END PUBLIC KEY-----'));
+echo openssl_verify($data,$sig,$key,$alg) ? 'verified'."\n" : 'invalid'."\n";
+
+$alg = OPENSSL_ALGO_SHA384;
+$data = base64_decode("MIIBUAIBADAjMQswCQYDVQQGEwJVUzEUMBIGA1UEAxMLZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOe3AThZ4Tt4JYz6p6yl0mP8WLeqE5s1fJmnibPuE+N7UTAweTQS6tBtvY0xvHAEA5B4fbIrUAoAIcGqRwYnVDN8396keZ8uavTTb+R14vnAOc/eDtQkhGVQOU32V12gk5sPVGUL0fUH/xI5O7iADHIjeAJTty593pFuXJKiqUq5EWDYdBmalSM8Dr+6r29LA9t8hEvjfHuc6JRRKVKQYQ95ejmOg9hiuk/XU3Z+tZ1YmZnQ7PGNhCPkexpGNrQMSNVHekufw8xMxujnVHSNrhpAG64AOErcF5ICgFLD0hqtejTH+t9TqHXmiqhzqBZhP5rlr/hOHuw/lRy+wcHvLfAgMBAAGgAA==");
+$sig = base64_decode("WO4a0zzOMUFzPTI/h0/DS7ldJFb1OsFTRVnJ+ZHDUaNSZIWthdWjEbH9qalvPaRP/OR3M4luOBEYEM0CursndOBremXs21RDmXsM45VrpEk4zT3TCZz1FnWFnus0k7GdI51kXzf08HqxkVuj+Bmo9tJzJNI8wlpt+tiKP/SxtplyPizRVm80xNwMRxUn5gEHVtJsaIj3P+DAgaFK0zsWqUgU8Xt/9X8LBfpEInzN1GuEXSlR3i8a7zr1vQrGsZRT4wh3RYzsRXHQb/AfOwTML97kfdr5EJZyTj+hcpBp3W2srVKV5GZksPNSgY1GIqysFlG6xpkbw2s+b6/sJCkn6A==");
+$key = implode("\n", array('-----BEGIN PUBLIC KEY-----','MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzntwE4WeE7eCWM+qespd','Jj/Fi3qhObNXyZp4mz7hPje1EwMHk0EurQbb2NMbxwBAOQeH2yK1AKACHBqkcGJ1','QzfN/epHmfLmr002/kdeL5wDnP3g7UJIRlUDlN9lddoJObD1RlC9H1B/8SOTu4gA','xyI3gCU7cufd6RblySoqlKuRFg2HQZmpUjPA6/uq9vSwPbfIRL43x7nOiUUSlSkG','EPeXo5joPYYrpP11N2frWdWJmZ0OzxjYQj5HsaRja0DEjVR3pLn8PMTMbo51R0ja','4aQBuuADhK3BeSAoBSw9IarXo0x/rfU6h15oqoc6gWYT+a5a/4Th7sP5UcvsHB7y','3wIDAQAB','-----END PUBLIC KEY-----'));
+echo openssl_verify($data,$sig,$key,$alg) ? 'verified'."\n" : 'invalid'."\n";
+
+$alg = OPENSSL_ALGO_SHA512;
+$data = base64_decode("MIIBUAIBADAjMQswCQYDVQQGEwJVUzEUMBIGA1UEAxMLZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDImFVtjhxoxNKG21BDRIm5USaBDbG91aQ3/usoUWHlZoyHJv0Mex99dKBwVihOgoKikkv7yj5zbIXgn/I0z7KLt/sFL95pORI85xrxdvOhiEttEEmUh1RKxZgTeQ/uw6uuVm2kIpm8Z6x+4gnlTsSJjmov9lw5UZmL03fZ77WJjsKMExdx9UosFFBfg0bs/E1wU+Sx6ZmfQHQALdGZeA3JkBk+YrWebqIXK8wfjau2Vo+WkAaom/tPJ7ErdxbTVjUynwdzAQLa8qPOHrftAjPxCDXG/jQ0wDveuYPX7mDmw7SIX3YTru6GCTSJtDxfmI5N6JFQ8zgFXcjxs9s2uPrHAgMBAAGgAA==");
+$sig = base64_decode("Dy2U+sh3JAfMpSTJGEcH5HglC7aRKIEByY8jf62PmHMxZHHUDMFGENb0xLJnV+VNe3OlhEBrQX208ZfnsYGmmYr7SEyqof6rva+/bZiVIq+h+vfvrmnQdYehtSd3HIVT1q1CV+RSqzDe5CPuFhCryCzs92zefCm4FIuNb5GaacYg/BJqoTV7MGFI+9tGOX8TJTcVZBcnrUSQmumrjPK3SATpPS3ehHMKCZJy/l1bcZqEvcUHTUyaRRwGcVY23Jqk7ms4vNzDC6xX/K5xjD+aEpIdHNPIOB6NzXauO9aSsJ99rr4wyiPHNIsM48TALeih6x7d81EscBYPdsFNSYijkw==");
+$key = implode("\n", array('-----BEGIN PUBLIC KEY-----','MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJhVbY4caMTShttQQ0SJ','uVEmgQ2xvdWkN/7rKFFh5WaMhyb9DHsffXSgcFYoToKCopJL+8o+c2yF4J/yNM+y','i7f7BS/eaTkSPOca8XbzoYhLbRBJlIdUSsWYE3kP7sOrrlZtpCKZvGesfuIJ5U7E','iY5qL/ZcOVGZi9N32e+1iY7CjBMXcfVKLBRQX4NG7PxNcFPksemZn0B0AC3RmXgN','yZAZPmK1nm6iFyvMH42rtlaPlpAGqJv7TyexK3cW01Y1Mp8HcwEC2vKjzh637QIz','8Qg1xv40NMA73rmD1+5g5sO0iF92E67uhgk0ibQ8X5iOTeiRUPM4BV3I8bPbNrj6','xwIDAQAB','-----END PUBLIC KEY-----'));
+echo openssl_verify($data,$sig,$key,$alg) ? 'verified'."\n" : 'invalid'."\n";
+
+--EXPECTF--
+verified
+verified
+verified
+verified
+verified
+verified