]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 491cf63)
"Fix" for bug #25614.
authorWez Furlong <wez@php.net>
Tue, 23 Sep 2003 14:52:28 +0000 (14:52 +0000)
committerWez Furlong <wez@php.net>
Tue, 23 Sep 2003 14:52:28 +0000 (14:52 +0000)
The openssl_pkey_get_public() doesn't work as advertized in the docs; it can't
get a public key from a private key (because a key is a key), but would return
the private key anyway.  The function was originally designed to get the public
key from a certificate.

ext/openssl/openssl.c patch | blob | history
ext/openssl/tests/bug25614.phpt [new file with mode: 0644] patch | blob

diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 0487344eb39c9f4b6103d96a762f8ccbe0718e41..1964ea593309ce71400c9647a0f5512119b9a536 100644 (file)
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -1689,15 +1689,21 @@ static EVP_PKEY * php_openssl_evp_from_zval(zval ** val, int public_key, char *
                        free_cert = 0;
                }
                else if (type == le_key) {
+                       int is_priv;
+
+                       is_priv = php_openssl_is_private_key((EVP_PKEY*)what TSRMLS_CC);
                        /* check whether it is actually a private key if requested */
-                       if (!public_key && !php_openssl_is_private_key((EVP_PKEY*)what TSRMLS_CC))
-                       {
+                       if (!public_key && !is_priv) {
                                php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied key param is a public key");
                                return NULL;
                        }
-                       
-                       /* got the key - return it */
-                       return (EVP_PKEY*)what;
+                       if (public_key && is_priv) {
+                               php_error_docref(NULL TSRMLS_CC, E_WARNING, "Don't know how to get public key from this private key (the documentation lied)");
+                               return NULL;
+                       } else {
+                               /* got the key - return it */
+                               return (EVP_PKEY*)what;
+                       }
                }
 
                /* other types could be used here - eg: file pointers and read in the data from them */
diff --git a/ext/openssl/tests/bug25614.phpt b/ext/openssl/tests/bug25614.phpt
new file mode 100644 (file)
index 0000000..ce57ea7
--- /dev/null
+++ b/ext/openssl/tests/bug25614.phpt
@@ -0,0 +1,11 @@
+--TEST--
+openssl: get public key from generated private key
+--SKIPIF--
+<?php if (!extension_loaded("openssl")) print "skip"; ?>
+--FILE--
+<?php 
+$priv = openssl_pkey_new();
+$pub = openssl_pkey_get_public($priv);
+?>
+--EXPECTF--
+Warning: openssl_pkey_get_public(): Don't know how to get public key from this private key (the documentation lied) %s
Unnamed repository; edit this file 'description' to name the repository.