Patch spki.patch for OpenSSL related Bug #38917
Patch version 2011-12-14 11:38 UTC
Return to Bug #38917
| Download this patch
Patch Revisions:
2011-12-22 10:41 UTC | 2011-12-21 20:31 UTC | 2011-12-21 16:09 UTC | 2011-12-21 03:48 UTC | 2011-12-21 03:26 UTC | 2011-12-19 17:58 UTC | 2011-12-19 17:53 UTC | 2011-12-19 14:36 UTC | 2011-12-14 11:38 UTC | 2011-12-13 16:55 UTC | 2011-12-08 10:57 UTC | 2011-12-06 21:02 UTC | 2011-12-06 11:35 UTC | 2011-12-06 11:29 UTCDeveloper: jason.gerfen@gmail.com
--- php-5.3.8/ext/openssl/openssl.c 2011-07-25 05:42:53.000000000 -0600
+++ php-5.3.8/ext/openssl/openssl.c 2011-12-13 09:12:25.000000000 -0700
+++ php-5.3.8/ext/openssl/openssl.c 2011-12-14 03:44:24.540000961 -0700
@@ -372,11 +372,39 @@
ZEND_ARG_INFO(0, length)
ZEND_ARG_INFO(1, result_is_strong)
ZEND_END_ARG_INFO()
+
/* public/private key functions */
PHP_FE(openssl_pkey_free, arginfo_openssl_pkey_free)
PHP_FE(openssl_pkey_new, arginfo_openssl_pkey_new)
@@ -1252,6 +1280,243 @@
@@ -1252,6 +1280,273 @@
}
/* }}} */
+/* {{{ proto string openssl_spki_new(mixed zpkey, string password)
+ if (!spkstr) {
+ goto cleanup;
+ }
+
+ spki = NETSCAPE_SPKI_b64_decode(spkstr, -1);
+ char * spkstr_cleaned = malloc(strlen(spkstr));
+ openssl_spki_cleanup(spkstr, spkstr_cleaned);
+
+ spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, strlen(spkstr_cleaned));
+ if (!spki) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "decode");
+ goto cleanup;
+ }
+ goto cleanup;
+ }
+
+ pkey = NETSCAPE_SPKI_get_pubkey(spki);
+ pkey = X509_PUBKEY_get(spki->spkac->pubkey);
+ if (pkey == NULL) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "pub");
+ goto cleanup;
+ }
+
+ i = NETSCAPE_SPKI_verify(spki, pkey);
+ }
+
+ i = NETSCAPE_SPKI_verify(spki, pkey);
+
+ if (i > 0) {
+ x = 1;
+ }
+ goto cleanup;
+
+cleanup:
+ if (spki) {
+ NETSCAPE_SPKI_free(spki);
+
+cleanup:
+ if (spki) {
+ NETSCAPE_SPKI_free(spki);
+ }
+ if (pkey) {
+ EVP_PKEY_free(pkey);
+ }
+PHP_FUNCTION(openssl_spki_export)
+{
+ int spkstr_len;
+ EVP_PKEY *pkey = NULL;
+ NETSCAPE_SPKI *spki = NULL;
+ BIO *out = BIO_new(BIO_s_mem());
+ BUF_MEM *bio_buf;
+ char *spkstr;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &spkstr, &spkstr_len) == FAILURE) {
+ goto cleanup;
+ }
+
+ if (!spkstr) {
+ goto cleanup;
+ }
+
+ spki = NETSCAPE_SPKI_b64_decode(spkstr, strlen(spkstr));
+ if (!spki) {
+ goto cleanup;
+ }
+
+ pkey = NETSCAPE_SPKI_get_pubkey(spki);
+ if (!pkey) {
+ goto cleanup;
+ }
+
+ NETSCAPE_SPKI *spki = NULL;
+ BIO *out = BIO_new(BIO_s_mem());
+ BUF_MEM *bio_buf;
+ char *spkstr;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &spkstr, &spkstr_len) == FAILURE) {
+ goto cleanup;
+ }
+
+ if (!spkstr) {
+ goto cleanup;
+ }
+
+ char * spkstr_cleaned = malloc(strlen(spkstr));
+ openssl_spki_cleanup(spkstr, spkstr_cleaned);
+
+ spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, strlen(spkstr_cleaned));
+ if (!spki) {
+ goto cleanup;
+ }
+
+ pkey = X509_PUBKEY_get(spki->spkac->pubkey);
+ if (!pkey) {
+ goto cleanup;
+ }
+
+ PEM_write_bio_PUBKEY(out, pkey);
+ BIO_get_mem_ptr(out, &bio_buf);
+
+ if (sizeof(bio_buf->data)<=0) {
+ if ((!bio_buf->data)&&(bio_buf->length<=0)) {
+ goto cleanup;
+ }
+
+ char * s = malloc(snprintf(NULL, 0, "%s", bio_buf->data)+1);
+ sprintf(s, "%s", bio_buf->data);
+ char * s = malloc(bio_buf->length);
+ BIO_read(out, s, bio_buf->length);
+ RETURN_STRING(s, 1);
+
+cleanup:
+ if (spki) {
+
+/* {{{ proto string openssl_spki_export_challenge(string spki)
+ Exports spkac challenge from existing spki to var */
+PHP_FUNCTION(openssl_spki_export_challenge)
+{
+ int spkstr_len;
+ NETSCAPE_SPKI *spki = NULL;
+ char *spkstr;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &spkstr, &spkstr_len) == FAILURE) {
+ goto cleanup;
+ }
+
+ if (!spkstr) {
+ goto cleanup;
+{
+ int spkstr_len;
+ NETSCAPE_SPKI *spki = NULL;
+ char *spkstr;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &spkstr, &spkstr_len) == FAILURE) {
+ goto cleanup;
+ }
+
+ if (!spkstr) {
+ goto cleanup;
+ }
+
+ spki = NETSCAPE_SPKI_b64_decode(spkstr, strlen(spkstr));
+ char * spkstr_cleaned = malloc(strlen(spkstr));
+ openssl_spki_cleanup(spkstr, spkstr_cleaned);
+
+ spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, strlen(spkstr_cleaned));
+ if (!spki) {
+ goto cleanup;
+ }
+
+
+ if (!spkstr) {
+ goto cleanup;
+ }
+
+ spki = NETSCAPE_SPKI_b64_decode(spkstr, strlen(spkstr));
+ if (!spki) {
+ goto cleanup;
+ }
+
+ char * spkstr_cleaned = malloc(strlen(spkstr));
+ openssl_spki_cleanup(spkstr, spkstr_cleaned);
+
+ spki = NETSCAPE_SPKI_b64_decode(spkstr_cleaned, strlen(spkstr_cleaned));
+ if (!spki) {
+ goto cleanup;
+ }
+
+ NETSCAPE_SPKI_print(out, spki);
+ BIO_get_mem_ptr(out, &bio_buf);
+
+ if (sizeof(bio_buf->data)<=0) {
+ BIO_get_mem_ptr(out, &bio_buf);
+
+ if ((!bio_buf->data)&&(bio_buf->length<=0)) {
+ goto cleanup;
+ }
+
+ char * s = malloc(snprintf(NULL, 0, "%s", bio_buf->data)+1);
+ sprintf(s, "%s", bio_buf->data);
+ RETURN_STRING(s, 1);
+ }
+
+ char * s = malloc(bio_buf->length);
+ BIO_read(out, s, bio_buf->length);
+ RETURN_STRING(s, 1);
+
+cleanup:
+ if (spki) {
+ NETSCAPE_SPKI_free(spki);
+ }
+ BIO_free_all(out);
+}
+/* }}} */
+
+/* {{{ proto int openssl_spki_cleanup(const char *src, char *results)
+ This will help remove new line chars in the SPKAC sent from the
+ browser */
+int openssl_spki_cleanup(const char *src, char *dest)
+{
+ int removed=0;
+
+ while (*src) {
+ if (*src!='\n'&&*src!='\r') {
+ *dest++=*src;
+ } else {
+ ++removed;
+ }
+ ++src;
+ }
+ *dest=0;
+ return removed;
+}
+/* }}} */
+
/* {{{ proto bool openssl_x509_export(mixed x509, string &out [, bool notext = true])
Exports a CERT to file or a var */
PHP_FUNCTION(openssl_x509_export)
--- php-5.3.8/ext/openssl/php_openssl.h 2010-12-31 19:19:59.000000000 -0700
+++ php-5.3.8/ext/openssl/php_openssl.h 2011-12-12 12:47:26.000000000 -0700
+++ php-5.3.8/ext/openssl/php_openssl.h 2011-12-13 21:31:11.107957324 -0700
@@ -74,6 +74,12 @@
PHP_FUNCTION(openssl_csr_sign);
PHP_FUNCTION(openssl_csr_get_subject);
PHP_FUNCTION(openssl_csr_get_public_key);
|