From: Antony Dovgal Date: Fri, 8 Sep 2006 20:10:47 +0000 (+0000) Subject: implement feature request #38731 (openssl_pkey_new does not support DSA key generation) X-Git-Tag: php-5.2.0RC4~67 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=5c6f43831917196912006c0246c6e3f4c7324b01;p=php implement feature request #38731 (openssl_pkey_new does not support DSA key generation) patch by marci at balabit dot hu --- diff --git a/NEWS b/NEWS index 4d92272370..4f2f1bb678 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,8 @@ 'PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? Sep 2006, PHP 5.2.0RC4 +- Added DSA key generation support to openssl_pkey_new(), FR #38731 + (marci at balabit dot hu, Tony) - Removed current working directory from the php.ini search path for CLI and readded it for other SAPIs (restore to pre 5.1.x behaviour). (Edin) - Fixed bug #38700 (SoapClient::__getTypes never returns). (Dmitry) diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 9eb2f40846..5dd08c3e9c 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -2051,9 +2051,27 @@ static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req if ((req->priv_key = EVP_PKEY_new()) != NULL) { switch(req->priv_key_type) { case OPENSSL_KEYTYPE_RSA: - if (EVP_PKEY_assign_RSA(req->priv_key, RSA_generate_key(req->priv_key_bits, 0x10001, NULL, NULL))) + if (EVP_PKEY_assign_RSA(req->priv_key, RSA_generate_key(req->priv_key_bits, 0x10001, NULL, NULL))) { return_val = req->priv_key; + } + break; +#ifndef NO_DSA + case OPENSSL_KEYTYPE_DSA: + { + DSA *dsapar = DSA_generate_parameters(req->priv_key_bits, NULL, 0, NULL, NULL, NULL, NULL); + if (dsapar) { + DSA_set_method(dsapar, DSA_get_default_method()); + if (DSA_generate_key(dsapar)) { + if (EVP_PKEY_assign_DSA(req->priv_key, dsapar)) { + return_val = req->priv_key; + } + } else { + DSA_free(dsapar); + } + } + } break; +#endif default: php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unsupported private key type"); }