}
return SUCCESS;
}
+
+static EVP_MD * php_openssl_get_evp_md_from_algo(long algo) { /* {{{ */
+ EVP_MD *mdtype;
+
+ switch (algo) {
+ case OPENSSL_ALGO_SHA1:
+ mdtype = (EVP_MD *) EVP_sha1();
+ break;
+ case OPENSSL_ALGO_MD5:
+ mdtype = (EVP_MD *) EVP_md5();
+ break;
+ case OPENSSL_ALGO_MD4:
+ mdtype = (EVP_MD *) EVP_md4();
+ break;
+ case OPENSSL_ALGO_MD2:
+ mdtype = (EVP_MD *) EVP_md2();
+ break;
+ default:
+ return NULL;
+ break;
+ }
+ return mdtype;
+}
+/* }}} */
/* }}} */
/* {{{ PHP_MINIT_FUNCTION
}
/* }}} */
-/* {{{ proto bool openssl_sign(string data, &string signature, mixed key)
+/* {{{ proto bool openssl_sign(string data, &string signature, mixed key[, int signature_alg])
Signs data */
PHP_FUNCTION(openssl_sign)
{
RETURN_FALSE;
}
- switch (signature_algo) {
- case OPENSSL_ALGO_SHA1:
- mdtype = (EVP_MD *) EVP_sha1();
- break;
- case OPENSSL_ALGO_MD5:
- mdtype = (EVP_MD *) EVP_md5();
- break;
- case OPENSSL_ALGO_MD4:
- mdtype = (EVP_MD *) EVP_md4();
- break;
- case OPENSSL_ALGO_MD2:
- mdtype = (EVP_MD *) EVP_md2();
- break;
- default:
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm.");
- RETURN_FALSE;
- break;
+ mdtype = php_openssl_get_evp_md_from_algo(signature_algo);
+ if (!mdtype) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm.");
+ RETURN_FALSE;
}
siglen = EVP_PKEY_size(pkey);
EVP_PKEY *pkey;
int err;
EVP_MD_CTX md_ctx;
+ EVP_MD *mdtype;
long keyresource = -1;
char * data; int data_len;
char * signature; int signature_len;
-
- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssz", &data, &data_len, &signature, &signature_len, &key) == FAILURE) {
+ long signature_algo = OPENSSL_ALGO_SHA1;
+
+ if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssz|l", &data, &data_len, &signature, &signature_len, &key, &signature_algo) == FAILURE) {
return;
}
-
+
+ mdtype = php_openssl_get_evp_md_from_algo(signature_algo);
+ if (!mdtype) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm.");
+ RETURN_FALSE;
+ }
+
pkey = php_openssl_evp_from_zval(&key, 1, NULL, 0, &keyresource TSRMLS_CC);
if (pkey == NULL) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied key param cannot be coerced into a public key");
RETURN_FALSE;
}
- EVP_VerifyInit (&md_ctx, EVP_sha1());
+ EVP_VerifyInit (&md_ctx, mdtype);
EVP_VerifyUpdate (&md_ctx, data, data_len);
err = EVP_VerifyFinal (&md_ctx, signature, signature_len, pkey);
--- /dev/null
+--TEST--
+openssl_sign/verify: accept different algos
+--SKIPIF--
+<?php
+if (!extension_loaded("openssl")) die("skip");
+?>
+--FILE--
+<?php
+$dir = dirname(__FILE__);
+$file_pub = $dir . '/bug37820cert.pem';
+$file_key = $dir . '/bug37820key.pem';
+
+$priv_key = file_get_contents($file_key);
+$priv_key_id = openssl_get_privatekey($priv_key);
+
+
+
+$pub_key = file_get_contents($file_pub);
+$pub_key_id = openssl_get_publickey($pub_key);
+$data = "some custom data";
+if (!openssl_sign($data, $signature, $priv_key_id, OPENSSL_ALGO_MD5)) {
+ echo "openssl_sign failed.";
+}
+
+$ok = openssl_verify($data, $signature, $pub_key_id, OPENSSL_ALGO_MD5);
+if ($ok == 1) {
+ echo "Ok";
+} elseif ($ok == 0) {
+ echo "openssl_verify failed.";
+}
+
+
+?>
+--EXPECTF--
+Ok
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv
+bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy
+dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X
+DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw
+EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l
+dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT
+EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp
+MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw
+L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN
+BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX
+9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ
+2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF
+oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr
+8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc
+a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7
+WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA
+6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=
+-----END RSA PRIVATE KEY-----
projects / php / commitdiff