php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Return to Bug #61421
Patch openssl-add-sig-algs.txt revision 2012-06-18 20:47 UTC by mark at zedwood dot com
Patch openssl-add-rmd160-sha2-sig-alg.patch revision 2012-04-05 22:08 UTC by mark at zedwood dot com
revision 2012-04-05 22:04 UTC by mark at zedwood dot com
Patch openssl-add-ripemd160-sha2-sig-algs revision 2012-04-02 18:19 UTC by mark at zedwood dot com
Patch add_openssl_signature_algorithms.txt revision 2012-03-16 19:35 UTC by zedwoodnoreply at gmail dot com

Patch openssl-add-rmd160-sha2-sig-alg.patch for OpenSSL related Bug #61421

Patch version 2012-04-05 22:08 UTC

Return to Bug #61421 | Download this patch
This patch is obsolete

Obsoleted by patches:

This patch renders other patches obsolete

Obsolete patches:

Patch Revisions:

Developer: mark@zedwood.com

diff -urN php-5.4.0-orig/ext/openssl/openssl.c php-5.4.0/ext/openssl/openssl.c
--- php-5.4.0-orig/ext/openssl/openssl.c	2012-04-02 11:44:55.476942109 -0600
+++ php-5.4.0/ext/openssl/openssl.c	2012-04-05 16:00:49.470678040 -0600
@@ -70,6 +70,15 @@
 #endif
 #define OPENSSL_ALGO_DSS1	5
 
+#if OPENSSL_VERSION_NUMBER >= 0x0090708fL
+#define OPENSSL_ALGO_SHA224 6
+#define OPENSSL_ALGO_SHA256 7
+#define OPENSSL_ALGO_SHA384 8
+#define OPENSSL_ALGO_SHA512 9
+#define OPENSSL_ALGO_RMD160 10
+#endif
+
+
 #define DEBUG_SMIME	0
 
 /* FIXME: Use the openssl constants instead of
@@ -954,6 +963,23 @@
 		case OPENSSL_ALGO_DSS1:
 			mdtype = (EVP_MD *) EVP_dss1();
 			break;
+#if OPENSSL_VERSION_NUMBER >= 0x0090708fL
+		case OPENSSL_ALGO_SHA224:
+			mdtype = (EVP_MD *) EVP_sha224();
+			break;
+		case OPENSSL_ALGO_SHA256:
+			mdtype = (EVP_MD *) EVP_sha256();
+			break;
+		case OPENSSL_ALGO_SHA384:
+			mdtype = (EVP_MD *) EVP_sha384();
+			break;
+		case OPENSSL_ALGO_SHA512:
+			mdtype = (EVP_MD *) EVP_sha512();
+			break;
+		case OPENSSL_ALGO_RMD160:
+			mdtype = (EVP_MD *) EVP_ripemd160();
+			break;
+#endif
 		default:
 			return NULL;
 			break;
@@ -1048,7 +1074,13 @@
 	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_MD2", OPENSSL_ALGO_MD2, CONST_CS|CONST_PERSISTENT);
 #endif
 	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_DSS1", OPENSSL_ALGO_DSS1, CONST_CS|CONST_PERSISTENT);
-
+#if OPENSSL_VERSION_NUMBER >= 0x0090708fL
+	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA224", OPENSSL_ALGO_SHA224, CONST_CS|CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA256", OPENSSL_ALGO_SHA256, CONST_CS|CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA384", OPENSSL_ALGO_SHA384, CONST_CS|CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA512", OPENSSL_ALGO_SHA512, CONST_CS|CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("OPENSSL_ALGO_RMD160", OPENSSL_ALGO_RMD160, CONST_CS|CONST_PERSISTENT);
+#endif
 	/* flags for S/MIME */
 	REGISTER_LONG_CONSTANT("PKCS7_DETACHED", PKCS7_DETACHED, CONST_CS|CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("PKCS7_TEXT", PKCS7_TEXT, CONST_CS|CONST_PERSISTENT);
diff -urN php-5.4.0-orig/ext/openssl/tests/bug61421.phpt php-5.4.0/ext/openssl/tests/bug61421.phpt
--- php-5.4.0-orig/ext/openssl/tests/bug61421.phpt	1969-12-31 17:00:00.000000000 -0700
+++ php-5.4.0/ext/openssl/tests/bug61421.phpt	2012-04-05 16:05:11.055205268 -0600
@@ -0,0 +1,121 @@
+--TEST--
+openssl_verify() for rmd160 and sha2 family
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; 
+if (OPENSSL_VERSION_NUMBER < 0x0090708f) die("skip Output requires OpenSSL 0.9.7h or greater");
+?>
+--FILE--
+<?php
+$to_test = array();
+$to_test[] = array('data_length'=>336,'sig_offset'=>356,'alg'=>OPENSSL_ALGO_RMD160,'csr'=>'-----BEGIN CERTIFICATE REQUEST-----
+MIICZTCCAVACAQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAMTC2V4YW1wbGUuY29t
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1swVdlC2GbRJY6z23C1l
+eqyHMKcq68WOjuu84c15b+/UVTPxwTT8XEdJP5Dxbkg3j3O0D7IjUUzHSuSG3Tig
+tvjxOIjIY0y7c6eg9/jIGPAQREiTi8Eym0Ney+WLJ4ysWIEU0YMSF0f5XAxLZhgW
+DEHnxoh+kg4tcenj9Z3yt1vE7SXAT6JkKYpDam+uIrUPongWV5liLrF3NE9hvT9F
+fXmgx+pmL5/vnwvR2l+euCMERAaN6+cXWfVzFXZ6J+B6ihR8ENti7oHSGgF5oOUW
+3hmJyVJHswAIe191BEllRu0hv2CRm93jETe/r/5XDOsqbHbCSH1Vm8CaCJmBF7IM
+WwIDAQABoAAwCgYGKyQDAwECBQADggEBADBvWjouKx+KSnGSPQ49Zjz6aFzqoqjk
+cIB9gVRpHfQwBrVa3t5R/WMYWcdjaVMuEcK8kJUEeSFXSc1I/82/LKXE2sH92XFq
+KmT+aU9PH/EnLr85vXGwYToXNudN2dQ3NuA5T1Xd2GBQbd9Qm1mXczmT090txMzv
+f9JkjEQXl5w0Zpa+66LaRkiG8xi6jCzgK8P9BQN/7U33sdtbhfnCQDkVzUxvWKP+
+KLOWKVNx6Fds1n88OqgRhdxOLxQDXpytNjSz08R42MPBCPekMMJV4HRl6WRVoZmy
+ePtW9d9Wccxs5K7sz0g1ldpWvePfMo/dp50w86QSMF0QcWXFzcNgwwo=
+-----END CERTIFICATE REQUEST-----');
+$to_test[] = array('data_length'=>336,'sig_offset'=>359,'alg'=>OPENSSL_ALGO_SHA1,'csr'=>'-----BEGIN CERTIFICATE REQUEST-----
+MIICaDCCAVACAQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAMTC2V4YW1wbGUuY29t
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ym6hLAMV//iMRjEx/H3
++RuVHYLrQndJ5a/TE2j8IgQbS2SUgHK5Y0PQ4vKawCizHkUZ6gMv4sPHbGKbWkL6
+M7CSKoFx5+fWdtp6gsa7fb3iLDy6ZGpwTb7U7pazDTSFz1WWdxstevMjlZQfJ32+
+axUZsVosOAA5IlIRmifXX1hE6eNXwquzl6ik6fUkhcQZ/uIAcC43UhWCX1V9yt8Z
+XZPUSEUKWkXF5fpdB77uFlFvMulj5tSLKupU3eXAYKgtiZ2oK2vGs8B7dJ9h4m8F
+vqN7feAZ8ZJMNv8ceiujtHBz2iDINsnsWPwoilMJAtOg8vShVc7KIC+6YV9FLcaX
+KwIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAGQ5QiiL6WjzifZihu4V59/YQjD3
+UzzlDCn0ZreAUS2E/RDeUQpH54SuAi8tbDfLwadUtgSoR3dJ3jujeZ3OXAh9bv3n
+jVRNs3el8arrdOAMeFkPdalYWWHfty8GC05wJHkNbhcnfrB9BxyyW/XsGlk7DyYA
+ci6sJPtsYoegEqk4Z0vXX1pKbj4r5g41bpz5Nr9F1rCpKar+76Y7wisLNi0lzXvF
+Rjwb+NxyUPqpB5mlz8c72xm5ChGySt7tkUURVHrpcxeTzPGT3orYDqRMHEUpFfVt
+6D8h3fuuwO4+CIzJvTQxfYXtcDeZn/5UWS5ohKB2Cp3KWNa7H0NaVcB3O38=
+-----END CERTIFICATE REQUEST-----');
+$to_test[] = array('data_length'=>336,'sig_offset'=>359,'alg'=>OPENSSL_ALGO_SHA224,'csr'=>'-----BEGIN CERTIFICATE REQUEST-----
+MIICaDCCAVACAQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAMTC2V4YW1wbGUuY29t
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1+tGAYjfZkr3+Vf9ufn
+K8vt7g0enkWyhaeLWTBl0U1ajbdOJzgEVccTi40TTlcC604cHq8hl+bKvehWRDXH
+IVA9YaLWw5riDmZgpEbw/GbjrIJRvFVQl8P4tKvAqBrfvTkgK6aGVaa27QWXSwNq
+K4AaVwGhOQclRsziOaSycUMVRu4bwiBgj/aafaC8OgOQfLWvCeUW2iZqZgCA3dKD
+tJ/gCjYcJcd47ZvatSYLJGsfLLRo/w4ZkRNvsRHsmmfFOGF0dz93PNje92Vl5ON1
+YG8VoMNO0wA+o72AazxPTp5GaI6jkmyMbxzGW9WdDcWgZpohX4GcVDHYXaVEsS0w
+cQIDAQABoAAwDQYJKoZIhvcNAQEOBQADggEBAJw2RhEDXc/7fcO6YAjHS+kGEw9w
+If41vOwjMOTibzlM/3HQoF6SSNlEs3TKLac2Mh9+17uOSed8Cwxq6d3nOgnYaorC
+8zyjQMJIxchwfKMNx3P7DVTwBMPLhxQwL7pnr1hdWLt0hdy83P0hoEqIYVOr1bqD
+1FCz7s31KHk4jJuyFouIdiSzCMdqdxFUdeQflsQAyazMTCdhyHTVl5YmQjE98ly+
+J7L3Zo5dac67sRplB7l6THolkshz+PjcNvx5yAQvXJEgtofHeCjZdlOGcNe/dnag
+ECjtibpD/adKNfNoXhoA/PqLzZJnZi/WU60LBMNtujOqnGd2lqWL1mJHarc=
+-----END CERTIFICATE REQUEST-----');
+$to_test[] = array('data_length'=>336,'sig_offset'=>359,'alg'=>OPENSSL_ALGO_SHA256,'csr'=>'-----BEGIN CERTIFICATE REQUEST-----
+MIICaDCCAVACAQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAMTC2V4YW1wbGUuY29t
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7x4d/NGd6qDdcqiKniO
+SOyEr70xZW833PpxvMc4Dyv6fCTT91+1r+xDpQI4s3YCjd2qH1fY94uRcIlF3ifJ
+A07uc8TA7ScLrJTQt/4g4v45Y7TUciWU0sz1v7dlGZZ0eyliZ7kyuBwO6y7EGfxF
+egTELaHVE7ylffazICpz0awfrziCyh/2GOwHGe5W7KtbEC0viX26LymHxi7nPcQR
+Oj8AJalG+WsmBCOxGvGjLSpcIuTQ+VoBSiRXo3JpGULwKbO/WU5JPqENw5lMStt9
+6Qy67ZIVLp54o3Noizp6/owtw/j2mDn0eGdKr4mNJWwqPW8laYri5O/ZBtdoOMP/
+rwIDAQABoAAwDQYJKoZIhvcNAQELBQADggEBAGcFbijOA5Eaz6X8581vl9PNTDRO
+ImlNmrH/LS9+A+Wp1eAW8n+R/hKW8JzvUUa5WeU/hp/r5pOPpb9Tarh/6vLq/5d3
+t6N015DmaWYtxUejBSkVU4qyAfASDnkLoTfSmsg085VWSM0LQtsoAz+VBtRD0rfa
+7gkuy5u6aMqqB0IcU79ODwaaSTmPXPpwfrBrN7DAYduYSb7hUar9fdH0rqWoZHq+
+BIfWo/zXcVRu5Vmq7xjs4qRjD0B0xF8Wbiw/wq11tjvVXB48VjX7E/OF6ONn/Hvc
+fKiBTVGVybrRnwZPWKtlMmBwadu7r10cmLVk+EUZHM5FWv9NDauNz3ntybA=
+-----END CERTIFICATE REQUEST-----');
+$to_test[] = array('data_length'=>336,'sig_offset'=>359,'alg'=>OPENSSL_ALGO_SHA384,'csr'=>'-----BEGIN CERTIFICATE REQUEST-----
+MIICaDCCAVACAQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAMTC2V4YW1wbGUuY29t
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzntwE4WeE7eCWM+qespd
+Jj/Fi3qhObNXyZp4mz7hPje1EwMHk0EurQbb2NMbxwBAOQeH2yK1AKACHBqkcGJ1
+QzfN/epHmfLmr002/kdeL5wDnP3g7UJIRlUDlN9lddoJObD1RlC9H1B/8SOTu4gA
+xyI3gCU7cufd6RblySoqlKuRFg2HQZmpUjPA6/uq9vSwPbfIRL43x7nOiUUSlSkG
+EPeXo5joPYYrpP11N2frWdWJmZ0OzxjYQj5HsaRja0DEjVR3pLn8PMTMbo51R0ja
+4aQBuuADhK3BeSAoBSw9IarXo0x/rfU6h15oqoc6gWYT+a5a/4Th7sP5UcvsHB7y
+3wIDAQABoAAwDQYJKoZIhvcNAQEMBQADggEBAFjuGtM8zjFBcz0yP4dPw0u5XSRW
+9TrBU0VZyfmRw1GjUmSFrYXVoxGx/ampbz2kT/zkdzOJbjgRGBDNArq7J3Tga3pl
+7NtUQ5l7DOOVa6RJOM090wmc9RZ1hZ7rNJOxnSOdZF839PB6sZFbo/gZqPbScyTS
+PMJabfrYij/0sbaZcj4s0VZvNMTcDEcVJ+YBB1bSbGiI9z/gwIGhStM7FqlIFPF7
+f/V/CwX6RCJ8zdRrhF0pUd4vGu869b0KxrGUU+MId0WM7EVx0G/wHzsEzC/e5H3a
++RCWck4/oXKQad1trK1SleRmZLDzUoGNRiKsrBZRusaZG8NrPm+v7CQpJ+g=
+-----END CERTIFICATE REQUEST-----');
+$to_test[] = array('data_length'=>336,'sig_offset'=>359,'alg'=>OPENSSL_ALGO_SHA512,'csr'=>'-----BEGIN CERTIFICATE REQUEST-----
+MIICaDCCAVACAQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAMTC2V4YW1wbGUuY29t
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJhVbY4caMTShttQQ0SJ
+uVEmgQ2xvdWkN/7rKFFh5WaMhyb9DHsffXSgcFYoToKCopJL+8o+c2yF4J/yNM+y
+i7f7BS/eaTkSPOca8XbzoYhLbRBJlIdUSsWYE3kP7sOrrlZtpCKZvGesfuIJ5U7E
+iY5qL/ZcOVGZi9N32e+1iY7CjBMXcfVKLBRQX4NG7PxNcFPksemZn0B0AC3RmXgN
+yZAZPmK1nm6iFyvMH42rtlaPlpAGqJv7TyexK3cW01Y1Mp8HcwEC2vKjzh637QIz
+8Qg1xv40NMA73rmD1+5g5sO0iF92E67uhgk0ibQ8X5iOTeiRUPM4BV3I8bPbNrj6
+xwIDAQABoAAwDQYJKoZIhvcNAQENBQADggEBAA8tlPrIdyQHzKUkyRhHB+R4JQu2
+kSiBAcmPI3+tj5hzMWRx1AzBRhDW9MSyZ1flTXtzpYRAa0F9tPGX57GBppmK+0hM
+qqH+q72vv22YlSKvofr3765p0HWHobUndxyFU9atQlfkUqsw3uQj7hYQq8gs7Pds
+3nwpuBSLjW+RmmnGIPwSaqE1ezBhSPvbRjl/EyU3FWQXJ61EkJrpq4zyt0gE6T0t
+3oRzCgmScv5dW3GahL3FB01MmkUcBnFWNtyapO5rOLzcwwusV/yucYw/mhKSHRzT
+yDgejc12rjvWkrCffa6+MMojxzSLDOPEwC3ooese3fNRLHAWD3bBTUmIo5M=
+-----END CERTIFICATE REQUEST-----');
+foreach($to_test as $test)
+{
+	$pem = preg_replace('/\-+BEGIN[A-Z ]*\-+/','',$test['csr']);
+	$pem = preg_replace('/\-+END[A-Z ]*\-+/','',$pem);
+	$pem = preg_replace('/[^A-Za-z0-9=+\/]/m','',$pem);//strip off all non base64 chars
+	$der = base64_decode($pem);
+
+	$data = substr($der,4,$test['data_length']+4);//numbers derived from: openssl asn1parse -in my.csr
+	$sig = substr($der,$test['sig_offset']+4);
+	$sig = $sig[0]=="\x0" ? substr($sig,1) : $sig;
+	$key = openssl_csr_get_public_key($test['csr']);
+	$r = openssl_verify($data,$sig,$key,$test['alg']);
+	var_dump($r);
+}
+?>
+--EXPECTF--
+int(1)
+int(1)
+int(1)
+int(1)
+int(1)
+int(1)
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Wed Apr 23 07:02:14 2014 UTC