implement feature request #38731 (openssl_pkey_new does not support DSA key generation)

author Antony Dovgal <tony2001@php.net>

Fri, 8 Sep 2006 20:10:47 +0000 (20:10 +0000)

committer Antony Dovgal <tony2001@php.net>

Fri, 8 Sep 2006 20:10:47 +0000 (20:10 +0000)
author Antony Dovgal <tony2001@php.net>
Fri, 8 Sep 2006 20:10:47 +0000 (20:10 +0000)
committer Antony Dovgal <tony2001@php.net>
Fri, 8 Sep 2006 20:10:47 +0000 (20:10 +0000)
diff --git a/NEWS b/NEWS

index 4d92272370ccb4f56b11be0c56ed5ca8c1e9e8e0..4f2f1bb678c8b29ef761641c578c83fe528b6378 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,8 @@
  'PHP                                                                        NEWS
  |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
  ?? Sep 2006, PHP 5.2.0RC4
+- Added DSA key generation support to openssl_pkey_new(), FR #38731
+  (marci at balabit dot hu, Tony)
  - Removed current working directory from the php.ini search path for CLI and
    readded it for other SAPIs (restore to pre 5.1.x behaviour). (Edin)
  - Fixed bug #38700 (SoapClient::__getTypes never returns). (Dmitry)
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c

index 9eb2f408469f8e49896fb60a24d66c0ade0e4e2f..5dd08c3e9c48272a903b1b587bd306d7e3543cf5 100644 (file)
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -2051,9 +2051,27 @@ static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req
         if ((req->priv_key = EVP_PKEY_new()) != NULL) {
                 switch(req->priv_key_type) {
                         case OPENSSL_KEYTYPE_RSA:
-                               if (EVP_PKEY_assign_RSA(req->priv_key, RSA_generate_key(req->priv_key_bits, 0x10001, NULL, NULL)))
+                               if (EVP_PKEY_assign_RSA(req->priv_key, RSA_generate_key(req->priv_key_bits, 0x10001, NULL, NULL))) {
                                         return_val = req->priv_key;
+                               }
+                               break;
+#ifndef NO_DSA
+                       case OPENSSL_KEYTYPE_DSA:
+                               {
+                                       DSA *dsapar = DSA_generate_parameters(req->priv_key_bits, NULL, 0, NULL, NULL, NULL, NULL);
+                                       if (dsapar) {
+                                               DSA_set_method(dsapar, DSA_get_default_method());
+                                               if (DSA_generate_key(dsapar)) {
+                                                       if (EVP_PKEY_assign_DSA(req->priv_key, dsapar)) {
+                                                               return_val = req->priv_key;
+                                                       }
+                                               } else {
+                                                       DSA_free(dsapar);
+                                               }
+                                       }
+                               }
                                 break;
+#endif
                         default:
                                 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unsupported private key type");
                 }
author	Antony Dovgal <tony2001@php.net>
	Fri, 8 Sep 2006 20:10:47 +0000 (20:10 +0000)
committer	Antony Dovgal <tony2001@php.net>
	Fri, 8 Sep 2006 20:10:47 +0000 (20:10 +0000)
NEWS		patch \| blob \| history
ext/openssl/openssl.c		patch \| blob \| history