--- /dev/null
+--TEST--
+openssl_x509_read() and openssl_x509_free() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$fp = fopen(dirname(__FILE__) . "/cert.crt","r");
+$a = fread($fp,8192);
+fclose($fp);
+
+$b = "file://" . dirname(__FILE__) . "/cert.crt";
+$c = (binary) ("file://" . dirname(__FILE__) . "/cert.crt");
+$d = "invalid cert";
+$e = "non-ascii-unicode\u7000";
+$f = openssl_x509_read($a);
+$g = (unicode) $a;
+
+var_dump($res = openssl_x509_read($a)); // read cert as a binary string
+openssl_x509_free($res);
+var_dump($res);
+var_dump($res = openssl_x509_read($b)); // read cert from a file, unicode string
+openssl_x509_free($res);
+var_dump($res);
+var_dump($res = openssl_x509_read($c)); // read cert from a file, binary string
+openssl_x509_free($res);
+var_dump($res);
+var_dump($res = openssl_x509_read($d)); // read an invalid cert, fails
+openssl_x509_free($res);
+var_dump($res);
+var_dump($res = openssl_x509_read((binary)$d)); // read an invalid cert, fails (binary)
+openssl_x509_free($res);
+var_dump($res);
+var_dump($res = openssl_x509_read($e)); // read an invalid unicode string, fails
+openssl_x509_free($res);
+var_dump($res);
+var_dump($res = openssl_x509_read($f)); // read cert from a resource
+openssl_x509_free($res);
+var_dump($res);
+var_dump($res = openssl_x509_read($g)); // read cert as a unicode string
+openssl_x509_free($res);
+var_dump($res);
+
+?>
+--EXPECTF--
+resource(%d) of type (OpenSSL X.509)
+resource(%d) of type (Unknown)
+resource(%d) of type (OpenSSL X.509)
+resource(%d) of type (Unknown)
+resource(%d) of type (OpenSSL X.509)
+resource(%d) of type (Unknown)
+
+Warning: openssl_x509_read(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_x509_read(): supplied parameter cannot be coerced into an X509 certificate! in %s on line %d
+bool(false)
+
+Warning: openssl_x509_free() expects parameter 1 to be resource, boolean given in %s on line %d
+bool(false)
+
+Warning: openssl_x509_read(): supplied parameter cannot be coerced into an X509 certificate! in %s on line %d
+bool(false)
+
+Warning: openssl_x509_free() expects parameter 1 to be resource, boolean given in %s on line %d
+bool(false)
+
+Warning: openssl_x509_read(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_x509_read(): supplied parameter cannot be coerced into an X509 certificate! in %s on line %d
+bool(false)
+
+Warning: openssl_x509_free() expects parameter 1 to be resource, boolean given in %s on line %d
+bool(false)
+resource(%d) of type (OpenSSL X.509)
+resource(%d) of type (Unknown)
+
+Warning: openssl_x509_read(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_x509_read(): supplied parameter cannot be coerced into an X509 certificate! in %s on line %d
+bool(false)
+
+Warning: openssl_x509_free() expects parameter 1 to be resource, boolean given in %s on line %d
+bool(false)
--- /dev/null
+--TEST--
+openssl_x509_export() and openssl_x509_export_to_file() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$fp = fopen(dirname(__FILE__) . "/cert.crt","r");
+$a = fread($fp,8192);
+fclose($fp);
+
+$b = "file://" . dirname(__FILE__) . "/cert.crt";
+$c = (binary) "file://" . dirname(__FILE__) . "/cert.crt";
+$d = "invalid cert";
+$e = "non-ascii-unicode\u7000"; //
+$f = openssl_x509_read($a);
+$g = (unicode) $a;
+
+var_dump(openssl_x509_export($a, $output)); // read cert as a binary string
+var_dump(openssl_x509_export($b, $output2)); // read cert from a file, unicode string
+var_dump(openssl_x509_export($c, $output3)); // read cert from a file, binary string
+var_dump(openssl_x509_export($d, $output4)); // read an invalid cert, fails
+var_dump(openssl_x509_export((binary)$d, $output4b)); // read an invalid cert (binary), fails
+var_dump(openssl_x509_export($e, $output5)); // read an invalid unicode string, fails
+var_dump(openssl_x509_export($f, $output6)); // read cert from a resource
+var_dump(openssl_x509_export($g, $output7)); // read cert as a unicode string, fails (should be binary only)
+
+$outfilename = tempnam(b"/tmp", b"ssl");
+if ($outfilename === false) {
+ unlink($outfile);
+ die("failed to get a temporary filename!");
+}
+echo "---\n";
+
+var_dump(openssl_x509_export_to_file($a, $outfilename)); // read cert as a binary string
+var_dump(openssl_x509_export_to_file($b, $outfilename)); // read cert from a file, unicode string
+var_dump(openssl_x509_export_to_file($c, $outfilename)); // read cert from a file, binary string
+var_dump(openssl_x509_export_to_file($d, $outfilename)); // read an invalid cert, fails
+var_dump(openssl_x509_export_to_file((binary) $d, $outfilename)); // read an invalid cert (binary), fails
+var_dump(openssl_x509_export_to_file($e, $outfilename)); // read an invalid unicode string, fails
+var_dump(openssl_x509_export_to_file($f, $outfilename)); // read cert from a resource
+var_dump(openssl_x509_export_to_file($g, $outfilename)); // read cert as a unicode string, fails (should be binary only)
+echo "---\n";
+
+var_dump($exists = file_exists($outfilename));
+if ($exists) {
+ @unlink($outfilename);
+}
+echo "---\n";
+
+var_dump(strcmp($output, $a));
+var_dump(strcmp($output, $output2));
+var_dump(strcmp($output, $output3));
+var_dump(strcmp($output, $output4)); // different
+var_dump(strcmp($output, $output4b)); // different
+var_dump(strcmp($output, $output5)); // different
+var_dump(strcmp($output, $output6));
+var_dump(strcmp($output, $output7));
+?>
+--EXPECTF--
+bool(true)
+bool(true)
+bool(true)
+
+Warning: openssl_x509_export(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_x509_export(): cannot get cert from parameter 1 in %s on line %d
+bool(false)
+
+Warning: openssl_x509_export(): cannot get cert from parameter 1 in %s on line %d
+bool(false)
+
+Warning: openssl_x509_export(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_x509_export(): cannot get cert from parameter 1 in %s on line %d
+bool(false)
+bool(true)
+
+Warning: openssl_x509_export(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_x509_export(): cannot get cert from parameter 1 in %s on line %d
+bool(false)
+---
+bool(true)
+bool(true)
+bool(true)
+
+Warning: openssl_x509_export_to_file(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_x509_export_to_file(): cannot get cert from parameter 1 in %s on line %d
+bool(false)
+
+Warning: openssl_x509_export_to_file(): cannot get cert from parameter 1 in %s on line %d
+bool(false)
+
+Warning: openssl_x509_export_to_file(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_x509_export_to_file(): cannot get cert from parameter 1 in %s on line %d
+bool(false)
+bool(true)
+
+Warning: openssl_x509_export_to_file(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_x509_export_to_file(): cannot get cert from parameter 1 in %s on line %d
+bool(false)
+---
+bool(true)
+---
+int(0)
+int(0)
+int(0)
+int(%d)
+int(%d)
+int(%d)
+int(0)
+int(%d)
+
--- /dev/null
+--TEST--
+openssl_x509_check_private_key() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$fp = fopen(dirname(__FILE__) . "/cert.crt","r");
+$a = fread($fp,8192);
+fclose($fp);
+
+$fp = fopen(dirname(__FILE__) . "/private.key","r");
+$b = fread($fp,8192);
+fclose($fp);
+
+$cert = "file://" . dirname(__FILE__) . "/cert.crt";
+$key = "file://" . dirname(__FILE__) . "/private.key";
+
+var_dump(openssl_x509_check_private_key($cert, $key));
+var_dump(openssl_x509_check_private_key(b"", $key));
+var_dump(openssl_x509_check_private_key($cert, b""));
+var_dump(openssl_x509_check_private_key(b"", b""));
+var_dump(openssl_x509_check_private_key($a, $b));
+var_dump(openssl_x509_check_private_key((unicode)$a, $b)); // fails, should be binary only
+var_dump(openssl_x509_check_private_key((unicode)$a, (unicode)$b)); // fails, should be binary only
+var_dump(openssl_x509_check_private_key($a, (unicode)$b)); // fails, should be binary only
+?>
+--EXPECTF--
+bool(true)
+bool(false)
+bool(false)
+bool(false)
+bool(true)
+
+Warning: openssl_x509_check_private_key(): Binary string expected, Unicode string received in %s on line %d
+bool(false)
+
+Warning: openssl_x509_check_private_key(): Binary string expected, Unicode string received in %s on line %d
+bool(false)
+
+Warning: openssl_x509_check_private_key(): Binary string expected, Unicode string received in %s on line %d
+bool(false)
--- /dev/null
+--TEST--
+openssl_encrypt() and openssl_decrypt() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$data = b"openssl_encrypt() and openssl_decrypt() tests";
+$method = "AES-128-CBC";
+$password = "openssl";
+
+$encrypted = openssl_encrypt($data, $method, $password);
+$output = openssl_decrypt($encrypted, $method, $password);
+var_dump($output);
+$encrypted = openssl_encrypt($data, $method, $password, true);
+$output = openssl_decrypt($encrypted, $method, $password, true);
+var_dump($output);
+?>
+--EXPECT--
+string(45) "openssl_encrypt() and openssl_decrypt() tests"
+string(45) "openssl_encrypt() and openssl_decrypt() tests"
+
--- /dev/null
+--TEST--
+openssl_open() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$data = b"openssl_open() test";
+$pub_key = "file://" . dirname(__FILE__) . "/public.key";
+$priv_key = "file://" . dirname(__FILE__) . "/private.key";
+$wrong = "wrong";
+$wrong2 = b"wrong";
+
+openssl_seal($data, $sealed, $ekeys, array($pub_key, $pub_key, $pub_key));
+openssl_open($sealed, $output, $ekeys[0], $priv_key);
+var_dump($output);
+openssl_open($sealed, $output2, $ekeys[1], $wrong);
+var_dump($output2);
+openssl_open($sealed, $output3, $ekeys[2], $priv_key);
+var_dump($output3);
+openssl_open($sealed, $output4, $wrong, $priv_key);
+var_dump($output4);
+openssl_open($sealed, $output5, $wrong2, $priv_key);
+var_dump($output5);
+?>
+--EXPECTF--
+string(19) "openssl_open() test"
+
+Warning: openssl_open(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_open(): unable to coerce parameter 4 into a private key in %s on line %d
+NULL
+string(19) "openssl_open() test"
+
+Warning: openssl_open() expects parameter 3 to be strictly a binary string, Unicode string given in %s on line %d
+NULL
+NULL
--- /dev/null
+--TEST--
+openssl_private_encrypt() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$data = b"Testing openssl_private_encrypt()";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$pubkey = "file://" . dirname(__FILE__) . "/public.key";
+$wrong = b"wrong";
+$invalid_ascii_string = "non-ascii-unicode\u0500";
+class test {
+ function __toString() {
+ return "test";
+ }
+}
+$obj = new test;
+
+var_dump(openssl_private_encrypt($data, $encrypted, $privkey));
+var_dump(openssl_private_encrypt($data, $encrypted, $pubkey));
+var_dump(openssl_private_encrypt($data, $encrypted, $wrong));
+var_dump(openssl_private_encrypt($invalid_ascii_string, $encrypted, $privkey));
+var_dump(openssl_private_encrypt($data, $encrypted, $invalid_ascii_string));
+var_dump(openssl_private_encrypt($data, $encrypted, $obj));
+var_dump(openssl_private_encrypt($obj, $encrypted, $privkey));
+openssl_public_decrypt($encrypted, $output, $pubkey);
+var_dump($output);
+?>
+--EXPECTF--
+bool(true)
+
+Warning: openssl_private_encrypt(): key param is not a valid private key in %s on line %d
+bool(false)
+
+Warning: openssl_private_encrypt(): key param is not a valid private key in %s on line %d
+bool(false)
+
+Warning: openssl_private_encrypt() expects parameter 1 to be strictly a binary string, Unicode string given in %s on line %d
+bool(false)
+
+Warning: openssl_private_encrypt(): Binary string expected, Unicode string received in %s on line %s
+
+Warning: openssl_private_encrypt(): key param is not a valid private key in %s on line %d
+bool(false)
+
+Warning: openssl_private_encrypt(): key param is not a valid private key in %s on line %d
+bool(false)
+bool(true)
+string(4) "test"
--- /dev/null
+--TEST--
+openssl_public_encrypt() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$data = b"Testing openssl_public_encrypt()";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$pubkey = "file://" . dirname(__FILE__) . "/public.key";
+$wrong = b"wrong";
+$invalid_ascii_string = "non-ascii-unicode\u0500";
+class test {
+ function __toString() {
+ return "test";
+ }
+}
+$obj = new test;
+
+var_dump(openssl_public_encrypt($data, $encrypted, $pubkey));
+var_dump(openssl_public_encrypt($data, $encrypted, $privkey));
+var_dump(openssl_public_encrypt($data, $encrypted, $wrong));
+var_dump(openssl_public_encrypt($invalid_ascii_string, $encrypted, $pubkey));
+var_dump(openssl_public_encrypt($data, $encrypted, $invalid_ascii_string));
+var_dump(openssl_public_encrypt($data, $encrypted, $obj));
+var_dump(openssl_public_encrypt($obj, $encrypted, $pubkey));
+openssl_private_decrypt($encrypted, $output, $privkey);
+var_dump($output);
+?>
+--EXPECTF--
+bool(true)
+
+Warning: openssl_public_encrypt(): key parameter is not a valid public key in %s on line %d
+bool(false)
+
+Warning: openssl_public_encrypt(): key parameter is not a valid public key in %s on line %d
+bool(false)
+
+Warning: openssl_public_encrypt() expects parameter 1 to be strictly a binary string, Unicode string given in %s on line %d
+NULL
+
+Warning: openssl_public_encrypt(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_public_encrypt(): key parameter is not a valid public key in %s on line %d
+bool(false)
+
+Warning: openssl_public_encrypt(): key parameter is not a valid public key in %s on line %d
+bool(false)
+bool(true)
+string(4) "test"
+
--- /dev/null
+--TEST--
+openssl_public_decrypt() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$data = b"Testing openssl_public_decrypt()";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$pubkey = "file://" . dirname(__FILE__) . "/public.key";
+$wrong = "wrong";
+$invalid_ascii_string = "non-ascii-unicode\u0500";
+
+openssl_private_encrypt($data, $encrypted, $privkey);
+var_dump(openssl_public_decrypt($encrypted, $output, $pubkey));
+var_dump($output);
+var_dump(openssl_public_decrypt($encrypted, $output2, $wrong));
+var_dump($output2);
+var_dump(openssl_public_decrypt($wrong, $output3, $pubkey));
+var_dump($output3);
+var_dump(openssl_public_decrypt((binary)$wrong, $output4, $pubkey));
+var_dump($output4);
+var_dump(openssl_public_decrypt($data, $output5, $invalid_ascii_string));
+var_dump($output5);
+?>
+--EXPECTF--
+bool(true)
+string(32) "Testing openssl_public_decrypt()"
+
+Warning: openssl_public_decrypt(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_public_decrypt(): key parameter is not a valid public key in %s on line %d
+bool(false)
+NULL
+
+Warning: openssl_public_decrypt() expects parameter 1 to be strictly a binary string, Unicode string given in %s on line %d
+bool(false)
+NULL
+bool(false)
+NULL
+
+Warning: openssl_public_decrypt(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_public_decrypt(): key parameter is not a valid public key in %s on line %d
+bool(false)
+NULL
+
--- /dev/null
+--TEST--
+openssl_private_decrypt() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$data = b"Testing openssl_public_decrypt()";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$pubkey = "file://" . dirname(__FILE__) . "/public.key";
+$wrong = "wrong";
+$invalid_ascii_string = "non-ascii-unicode\u0500";
+
+openssl_public_encrypt($data, $encrypted, $pubkey);
+var_dump(openssl_private_decrypt($encrypted, $output, $privkey));
+var_dump($output);
+var_dump(openssl_private_decrypt($encrypted, $output2, $wrong));
+var_dump($output2);
+var_dump(openssl_private_decrypt($wrong, $output3, $privkey));
+var_dump($output3);
+var_dump(openssl_private_decrypt((binary)$wrong, $output4, $privkey));
+var_dump($output4);
+var_dump(openssl_private_decrypt($data, $output5, $invalid_ascii_string));
+var_dump($output5);
+?>
+--EXPECTF--
+bool(true)
+string(32) "Testing openssl_public_decrypt()"
+
+Warning: openssl_private_decrypt(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_private_decrypt(): key parameter is not a valid private key in %s on line %d
+bool(false)
+NULL
+
+Warning: openssl_private_decrypt() expects parameter 1 to be strictly a binary string, Unicode string given in %s on line %d
+bool(false)
+NULL
+bool(false)
+NULL
+
+Warning: openssl_private_decrypt(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_private_decrypt(): key parameter is not a valid private key in %s on line %d
+bool(false)
+NULL
--- /dev/null
+--TEST--
+openssl_sign() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$data = b"Testing openssl_sign()";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$wrong = "wrong";
+$invalid_ascii_string = "non-ascii-unicode\u0500";
+
+var_dump(openssl_sign($data, $sign, $privkey)); // no output
+var_dump(openssl_sign($data, $sign, $wrong));
+var_dump(openssl_sign($data, $sign, $invalid_ascii_string));
+var_dump(openssl_sign($invalid_ascii_string, $sign, $privkey));
+var_dump(openssl_sign($data, $sign, (binary)$privkey));
+var_dump(openssl_sign((unicode)$data, $sign, $privkey));
+?>
+--EXPECTF--
+bool(true)
+
+Warning: openssl_sign(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_sign(): supplied key param cannot be coerced into a private key in %s on line %d
+bool(false)
+
+Warning: openssl_sign(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_sign(): supplied key param cannot be coerced into a private key in %s on line %d
+bool(false)
+
+Warning: openssl_sign() expects parameter 1 to be strictly a binary string, Unicode string given in %s on line %d
+bool(false)
+bool(true)
+
+Warning: openssl_sign() expects parameter 1 to be strictly a binary string, Unicode string given in %s on line %d
+bool(false)
--- /dev/null
+--TEST--
+openssl_verify() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$data = b"Testing openssl_verify()";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$pubkey = "file://" . dirname(__FILE__) . "/public.key";
+$wrong = "wrong";
+$wrong2 = b"wrong";
+$invalid_ascii_string = "non-ascii-unicode\u0500";
+
+openssl_sign($data, $sign, $privkey);
+var_dump(openssl_verify($data, $sign, $pubkey));
+var_dump(openssl_verify($data, $sign, $privkey));
+var_dump(openssl_verify($data, $sign, $wrong));
+var_dump(openssl_verify($data, $wrong, $pubkey));
+var_dump(openssl_verify($wrong, $sign, $pubkey));
+var_dump(openssl_verify($wrong2, $sign, $pubkey));
+var_dump(openssl_verify($invalid_ascii_string, $sign, $pubkey));
+var_dump(openssl_verify($data, $sign, $invalid_ascii_string));
+var_dump(openssl_verify($data, (unicode)$sign, $pubkey));
+?>
+--EXPECTF--
+int(1)
+
+Warning: openssl_verify(): supplied key param cannot be coerced into a public key in %s on line %d
+bool(false)
+
+Warning: openssl_verify(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_verify(): supplied key param cannot be coerced into a public key in %s on line %d
+bool(false)
+
+Warning: openssl_verify() expects parameter 2 to be strictly a binary string, Unicode string given in %s on line %d
+bool(false)
+
+Warning: openssl_verify() expects parameter 1 to be strictly a binary string, Unicode string given in %s on line %d
+bool(false)
+int(0)
+
+Warning: openssl_verify() expects parameter 1 to be strictly a binary string, Unicode string given in %s on line %d
+bool(false)
+
+Warning: openssl_verify(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_verify(): supplied key param cannot be coerced into a public key in %s on line %d
+bool(false)
+
+Warning: openssl_verify() expects parameter 2 to be strictly a binary string, Unicode string given in %s on line %d
+bool(false)
+
--- /dev/null
+--TEST--
+openssl_csr_sign() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$cert = "file://" . dirname(__FILE__) . "/cert.crt";
+$priv = "file://" . dirname(__FILE__) . "/private.key";
+$wrong = "wrong";
+$wrong2 = b"wrong";
+$pub = "file://" . dirname(__FILE__) . "/public.key";
+
+$dn = array(
+ "countryName" => "BR",
+ "stateOrProvinceName" => "Rio Grande do Sul",
+ "localityName" => "Porto Alegre",
+ "commonName" => "Henrique do N. Angelo",
+ "emailAddress" => "hnangelo@php.net"
+ );
+
+$args = array(
+ "digest_alg" => "sha1",
+ "private_key_bits" => 2048,
+ "private_key_type" => OPENSSL_KEYTYPE_DSA,
+ "encrypt_key" => true
+ );
+
+$privkey = openssl_pkey_new();
+$csr = openssl_csr_new($dn, $privkey, $args);
+var_dump(openssl_csr_sign($csr, null, $privkey, 365, $args));
+var_dump(openssl_csr_sign($csr, null, $privkey, 365));
+var_dump(openssl_csr_sign($csr, $cert, $priv, 365));
+var_dump(openssl_csr_sign($csr, $wrong, $privkey, 365));
+var_dump(openssl_csr_sign($csr, $wrong2, $privkey, 365));
+var_dump(openssl_csr_sign($csr, null, $wrong, 365));
+var_dump(openssl_csr_sign($csr, null, $wrong2, 365));
+var_dump(openssl_csr_sign($csr, null, $privkey, $wrong));
+var_dump(openssl_csr_sign($csr, null, $privkey, 365, $wrong));
+var_dump(openssl_csr_sign($wrong2, null, $privkey, 365));
+var_dump(openssl_csr_sign(array(), null, $privkey, 365));
+var_dump(openssl_csr_sign($csr, array(), $privkey, 365));
+var_dump(openssl_csr_sign($csr, null, array(), 365));
+var_dump(openssl_csr_sign($csr, null, $privkey, array()));
+var_dump(openssl_csr_sign($csr, null, $privkey, 365, array()));
+?>
+--EXPECTF--
+resource(%d) of type (OpenSSL X.509)
+resource(%d) of type (OpenSSL X.509)
+resource(%d) of type (OpenSSL X.509)
+
+Warning: openssl_csr_sign(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_csr_sign(): cannot get cert from parameter 2 in %s on line %d
+bool(false)
+
+Warning: openssl_csr_sign(): cannot get cert from parameter 2 in %s on line %d
+bool(false)
+
+Warning: openssl_csr_sign(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_csr_sign(): cannot get private key from parameter 3 in %s on line %d
+bool(false)
+
+Warning: openssl_csr_sign(): cannot get private key from parameter 3 in %s on line %d
+bool(false)
+
+Warning: openssl_csr_sign() expects parameter 4 to be long, Unicode string given in %s on line %d
+NULL
+
+Warning: openssl_csr_sign() expects parameter 5 to be array, Unicode string given in %s on line %d
+NULL
+
+Warning: openssl_csr_sign(): cannot get CSR from parameter 1 in %s on line %d
+bool(false)
+
+Warning: openssl_csr_sign(): cannot get CSR from parameter 1 in %s on line %d
+bool(false)
+
+Warning: openssl_csr_sign(): cannot get cert from parameter 2 in %s on line %d
+bool(false)
+
+Warning: openssl_csr_sign(): key array must be of the form array(0 => key, 1 => phrase) in %s on line %d
+
+Warning: openssl_csr_sign(): cannot get private key from parameter 3 in %s on line %d
+bool(false)
+
+Warning: openssl_csr_sign() expects parameter 4 to be long, array given in %s on line %d
+NULL
+resource(%d) of type (OpenSSL X.509)
+
--- /dev/null
+--TEST--
+openssl_csr_export() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$wrong = "wrong";
+$wrong2 = b"wrong";
+
+$dn = array(
+ "countryName" => "BR",
+ "stateOrProvinceName" => "Rio Grande do Sul",
+ "localityName" => "Porto Alegre",
+ "commonName" => "Henrique do N. Angelo",
+ "emailAddress" => "hnangelo@php.net"
+ );
+
+$args = array(
+ "digest_alg" => "sha1",
+ "private_key_bits" => 2048,
+ "private_key_type" => OPENSSL_KEYTYPE_DSA,
+ "encrypt_key" => true
+ );
+
+$privkey = openssl_pkey_new();
+$csr = openssl_csr_new($dn, $privkey, $args);
+var_dump(openssl_csr_export($csr, $output));
+var_dump(openssl_csr_export($wrong, $output));
+var_dump(openssl_csr_export($wrong2, $output));
+var_dump(openssl_csr_export($privkey, $output));
+var_dump(openssl_csr_export(array(), $output));
+var_dump(openssl_csr_export($csr, $output, false));
+?>
+--EXPECTF--
+bool(true)
+
+Warning: openssl_csr_export() expects parameter 1 to be resource, Unicode string given in %s on line %d
+NULL
+
+Warning: openssl_csr_export() expects parameter 1 to be resource, binary string given in %s on line %d
+NULL
+
+Warning: openssl_csr_export(): supplied resource is not a valid OpenSSL X.509 CSR resource in %s on line %d
+
+Warning: openssl_csr_export(): cannot get CSR from parameter 1 in %s on line %d
+bool(false)
+
+Warning: openssl_csr_export() expects parameter 1 to be resource, array given in %s on line %d
+NULL
+bool(true)
--- /dev/null
+--TEST--
+openssl_pkcs7_decrypt() tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$infile = dirname(__FILE__) . "/cert.crt";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$encrypted = tempnam(b"/tmp", b"ssl");
+if ($encrypted === false)
+ die("failed to get a temporary filename!");
+$outfile = tempnam(b"/tmp", b"ssl");
+if ($outfile === false) {
+ unlink($outfile);
+ die("failed to get a temporary filename!");
+}
+
+$single_cert = "file://" . dirname(__FILE__) . "/cert.crt";
+$headers = array("test@test", "testing openssl_pkcs7_encrypt()");
+$wrong = "wrong";
+$wrong2 = b"wrong";
+$empty = b"";
+
+openssl_pkcs7_encrypt($infile, $encrypted, $single_cert, $headers);
+var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $single_cert, $privkey));
+var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $single_cert, $wrong));
+var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $single_cert, $wrong2));
+var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $wrong, $privkey));
+var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $wrong2, $privkey));
+var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, null, $privkey));
+var_dump(openssl_pkcs7_decrypt($wrong, $outfile, $single_cert, $privkey));
+var_dump(openssl_pkcs7_decrypt($empty, $outfile, $single_cert, $privkey));
+var_dump(openssl_pkcs7_decrypt($encrypted, $empty, $single_cert, $privkey));
+var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $empty, $privkey));
+var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $single_cert, $empty));
+
+if (file_exists($encrypted)) {
+ echo "true\n";
+ unlink($encrypted);
+}
+if (file_exists($outfile)) {
+ echo "true\n";
+ unlink($outfile);
+}
+?>
+--EXPECTF--
+bool(true)
+
+Warning: openssl_pkcs7_decrypt(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_pkcs7_decrypt(): unable to get private key in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_decrypt(): unable to get private key in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_decrypt(): Binary string expected, Unicode string received in %s on line %d
+
+Warning: openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert in %s on line %d
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+
+Warning: openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert in %s on line %d
+bool(false)
+
+Warning: openssl_pkcs7_decrypt(): unable to get private key in %s on line %d
+bool(false)
+true
+true
--- /dev/null
+--TEST--
+openssl_decrypt() error tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$data = b"openssl_decrypt() tests";
+$method = "AES-128-CBC";
+$password = "openssl";
+$wrong = "wrong";
+$invalid_ascii_string = "non-ascii-unicode\u0500";
+
+$encrypted = openssl_encrypt($data, $method, $password);
+var_dump(openssl_decrypt($encrypted, $method, $wrong));
+var_dump(openssl_decrypt($encrypted, $wrong, $password));
+var_dump(openssl_decrypt($wrong, $method, $password));
+var_dump(openssl_decrypt($wrong, $wrong, $password));
+var_dump(openssl_decrypt($wrong, $method, $wrong));
+var_dump(openssl_decrypt($encrypted, $wrong, $wrong));
+var_dump(openssl_decrypt($wrong, $wrong, $wrong));
+echo "---\n";
+var_dump(openssl_decrypt($encrypted, $invalid_ascii_string, $password));
+var_dump(openssl_decrypt($encrypted, $method, $invalid_ascii_string));
+var_dump(openssl_decrypt($invalid_ascii_string, $method, $password));
+var_dump(openssl_decrypt($encrypted, $invalid_ascii_string, $invalid_ascii_string));
+?>
+--EXPECTF--
+bool(false)
+
+Warning: openssl_decrypt(): Unknown cipher algorithm in %s on line %d
+bool(false)
+
+Warning: openssl_decrypt() expects parameter 1 to be strictly a binary string, Unicode string given in %s on line %d
+NULL
+
+Warning: openssl_decrypt() expects parameter 1 to be strictly a binary string, Unicode string given in %s on line %d
+NULL
+
+Warning: openssl_decrypt() expects parameter 1 to be strictly a binary string, Unicode string given in %s on line %d
+NULL
+
+Warning: openssl_decrypt(): Unknown cipher algorithm in %s on line %d
+bool(false)
+
+Warning: openssl_decrypt() expects parameter 1 to be strictly a binary string, Unicode string given in %s on line %d
+NULL
+---
+
+Warning: Could not convert Unicode string to binary string (converter US-ASCII failed on character {U+0500} at offset %d) in %s on line %d
+NULL
+
+Warning: Could not convert Unicode string to binary string (converter US-ASCII failed on character {U+0500} at offset %d) in %s on line %d
+NULL
+
+Warning: openssl_decrypt() expects parameter 1 to be strictly a binary string, Unicode string given in %s on line %d
+NULL
+
+Warning: Could not convert Unicode string to binary string (converter US-ASCII failed on character {U+0500} at offset %d) in %s on line %d
+NULL
+
--- /dev/null
+--TEST--
+openssl_digest() basic test
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$data = b"openssl_digest() basic test";
+$method = "md5";
+$method2 = "sha1";
+
+var_dump(openssl_digest($data, $method));
+var_dump(openssl_digest($data, $method2));
+?>
+--EXPECT--
+string(32) "f0045b6c41d9ec835cb8948c7fec4955"
+string(40) "aa6e750fef05c2414c18860ad31f2c35e79bf3dc"
--- /dev/null
+--TEST--
+openssl_encrypt() error tests
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$data = b"openssl_encrypt() tests";
+$method = "AES-128-CBC";
+$password = "openssl";
+$wrong = "wrong";
+$invalid_ascii_string = "non-ascii-unicode\u0500";
+$object = new stdclass;
+$arr = array(1);
+
+var_dump(openssl_encrypt($data, $wrong, $password));
+var_dump(openssl_encrypt($data, $invalid_ascii_string, $password));
+var_dump(openssl_encrypt($data, $method, $invalid_ascii_string));
+var_dump(openssl_encrypt($object, $method, $password));
+var_dump(openssl_encrypt($data, $object, $password));
+var_dump(openssl_encrypt($data, $method, $object));
+var_dump(openssl_encrypt($arr, $method, $object));
+var_dump(openssl_encrypt($data, $arr, $object));
+var_dump(openssl_encrypt($data, $method, $arr));
+?>
+--EXPECTF--
+Warning: openssl_encrypt(): Unknown cipher algorithm in %s on line %d
+bool(false)
+
+Warning: Could not convert Unicode string to binary string (converter US-ASCII failed on character {U+0500} at offset %d) in %s on line %d
+NULL
+
+Warning: Could not convert Unicode string to binary string (converter US-ASCII failed on character {U+0500} at offset %d) in %s on line %d
+NULL
+
+Warning: openssl_encrypt() expects parameter 1 to be binary string, object given in %s on line %d
+NULL
+
+Warning: openssl_encrypt() expects parameter 2 to be binary string, object given in %s on line %d
+NULL
+
+Warning: openssl_encrypt() expects parameter 3 to be binary string, object given in %s on line %d
+NULL
+
+Warning: openssl_encrypt() expects parameter 1 to be binary string, array given in %s on line %d
+NULL
+
+Warning: openssl_encrypt() expects parameter 2 to be binary string, array given in %s on line %d
+NULL
+
+Warning: openssl_encrypt() expects parameter 3 to be binary string, array given in %s on line %d
+NULL
+
--- /dev/null
+--TEST--
+openssl_x509_parse() basic test
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php
+$cert = "file://" . dirname(__FILE__) . "/cert.crt";
+
+var_dump(openssl_x509_parse($cert));
+var_dump(openssl_x509_parse($cert, false));
+?>
+--EXPECTF--
+array(12) {
+ [u"name"]=>
+ string(96) "/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net"
+ [u"subject"]=>
+ array(5) {
+ [u"C"]=>
+ unicode(2) "BR"
+ [u"ST"]=>
+ unicode(17) "Rio Grande do Sul"
+ [u"L"]=>
+ unicode(12) "Porto Alegre"
+ [u"CN"]=>
+ unicode(21) "Henrique do N. Angelo"
+ [u"emailAddress"]=>
+ unicode(16) "hnangelo@php.net"
+ }
+ [u"hash"]=>
+ string(8) "088c65c2"
+ [u"issuer"]=>
+ array(5) {
+ [u"C"]=>
+ unicode(2) "BR"
+ [u"ST"]=>
+ unicode(17) "Rio Grande do Sul"
+ [u"L"]=>
+ unicode(12) "Porto Alegre"
+ [u"CN"]=>
+ unicode(21) "Henrique do N. Angelo"
+ [u"emailAddress"]=>
+ unicode(16) "hnangelo@php.net"
+ }
+ [u"version"]=>
+ int(2)
+ [u"serialNumber"]=>
+ string(20) "12593567369101004962"
+ [u"validFrom"]=>
+ string(13) "080630102843Z"
+ [u"validTo"]=>
+ string(13) "080730102843Z"
+ [u"validFrom_time_t"]=>
+ int(1214821723)
+ [u"validTo_time_t"]=>
+ int(1217413723)
+ [u"purposes"]=>
+ array(8) {
+ [1]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(9) "sslclient"
+ }
+ [2]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(9) "sslserver"
+ }
+ [3]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(11) "nssslserver"
+ }
+ [4]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(9) "smimesign"
+ }
+ [5]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(12) "smimeencrypt"
+ }
+ [6]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(7) "crlsign"
+ }
+ [7]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(3) "any"
+ }
+ [8]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(10) "ocsphelper"
+ }
+ }
+ [u"extensions"]=>
+ array(3) {
+ [u"subjectKeyIdentifier"]=>
+ unicode(59) "DB:7E:40:72:BD:5C:35:85:EC:29:29:81:12:E8:62:68:6A:B7:3F:7D"
+ [u"authorityKeyIdentifier"]=>
+ unicode(202) "keyid:DB:7E:40:72:BD:5C:35:85:EC:29:29:81:12:E8:62:68:6A:B7:3F:7D
+DirName:/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net
+serial:AE:C5:56:CC:72:37:50:A2
+"
+ [u"basicConstraints"]=>
+ unicode(7) "CA:TRUE"
+ }
+}
+array(12) {
+ [u"name"]=>
+ string(96) "/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net"
+ [u"subject"]=>
+ array(5) {
+ [u"countryName"]=>
+ unicode(2) "BR"
+ [u"stateOrProvinceName"]=>
+ unicode(17) "Rio Grande do Sul"
+ [u"localityName"]=>
+ unicode(12) "Porto Alegre"
+ [u"commonName"]=>
+ unicode(21) "Henrique do N. Angelo"
+ [u"emailAddress"]=>
+ unicode(16) "hnangelo@php.net"
+ }
+ [u"hash"]=>
+ string(8) "088c65c2"
+ [u"issuer"]=>
+ array(5) {
+ [u"countryName"]=>
+ unicode(2) "BR"
+ [u"stateOrProvinceName"]=>
+ unicode(17) "Rio Grande do Sul"
+ [u"localityName"]=>
+ unicode(12) "Porto Alegre"
+ [u"commonName"]=>
+ unicode(21) "Henrique do N. Angelo"
+ [u"emailAddress"]=>
+ unicode(16) "hnangelo@php.net"
+ }
+ [u"version"]=>
+ int(2)
+ [u"serialNumber"]=>
+ string(20) "12593567369101004962"
+ [u"validFrom"]=>
+ string(13) "080630102843Z"
+ [u"validTo"]=>
+ string(13) "080730102843Z"
+ [u"validFrom_time_t"]=>
+ int(1214821723)
+ [u"validTo_time_t"]=>
+ int(1217413723)
+ [u"purposes"]=>
+ array(8) {
+ [1]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(10) "SSL client"
+ }
+ [2]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(10) "SSL server"
+ }
+ [3]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(19) "Netscape SSL server"
+ }
+ [4]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(14) "S/MIME signing"
+ }
+ [5]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(17) "S/MIME encryption"
+ }
+ [6]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(11) "CRL signing"
+ }
+ [7]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(11) "Any Purpose"
+ }
+ [8]=>
+ array(3) {
+ [0]=>
+ bool(true)
+ [1]=>
+ bool(true)
+ [2]=>
+ string(11) "OCSP helper"
+ }
+ }
+ [u"extensions"]=>
+ array(3) {
+ [u"subjectKeyIdentifier"]=>
+ unicode(59) "DB:7E:40:72:BD:5C:35:85:EC:29:29:81:12:E8:62:68:6A:B7:3F:7D"
+ [u"authorityKeyIdentifier"]=>
+ unicode(202) "keyid:DB:7E:40:72:BD:5C:35:85:EC:29:29:81:12:E8:62:68:6A:B7:3F:7D
+DirName:/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net
+serial:AE:C5:56:CC:72:37:50:A2
+"
+ [u"basicConstraints"]=>
+ unicode(7) "CA:TRUE"
+ }
+}
projects / php / commitdiff