From: Pierre Joye Date: Sun, 30 Jul 2006 17:02:28 +0000 (+0000) Subject: - #28382, add support for x509 extensions X-Git-Tag: RELEASE_1_0_0RC1~2165 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6dc7a18d7cabb0db488791add03c8752810a2269;p=php - #28382, add support for x509 extensions --- diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 993023ba9b..eab8115466 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -940,6 +940,9 @@ PHP_FUNCTION(openssl_x509_parse) zend_bool useshortnames = 1; char * tmpstr; zval * subitem; + X509_EXTENSION *extension; + ASN1_OCTET_STRING *extdata; + char *extname; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "z|b", &zcert, &useshortnames) == FAILURE) { return; @@ -1014,6 +1017,18 @@ PHP_FUNCTION(openssl_x509_parse) } add_assoc_zval(return_value, "purposes", subitem); + MAKE_STD_ZVAL(subitem); + array_init(subitem); + + + for (i = 0; i < X509_get_ext_count(cert); i++) { + extension = X509_get_ext(cert, i); + extdata = X509_EXTENSION_get_data(extension); + extname = strdup(OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(extension)))); + add_assoc_asn1_string(subitem, extname, extdata); + } + add_assoc_zval(return_value, "extensions", subitem); + if (certresource == -1 && cert) { X509_free(cert); } diff --git a/ext/openssl/tests/bug28382.phpt b/ext/openssl/tests/bug28382.phpt new file mode 100644 index 0000000000..63900ae6d7 --- /dev/null +++ b/ext/openssl/tests/bug28382.phpt @@ -0,0 +1,37 @@ +--TEST-- +#28382, openssl_x509_parse extensions support +--SKIPIF-- + +--FILE-- + +--EXPECTF-- +array(11) { + ["basicConstraints"]=> + string(2) "%s" + ["nsComment"]=> + string(40) "%s" + ["nsCertType"]=> + string(4) "%s" + ["crlDistributionPoints"]=> + string(56) "%s" + ["nsCaPolicyUrl"]=> + string(40) "%s" + ["subjectAltName"]=> + string(26) "%s" + ["subjectKeyIdentifier"]=> + string(22) "%s" + ["authorityKeyIdentifier"]=> + string(159) "%s" + ["keyUsage"]=> + string(4) "%s" + ["nsBaseUrl"]=> + string(22) "%s" + ["UNDEF"]=> + string(4) "%s" +} diff --git a/ext/openssl/tests/bug28382cert.txt b/ext/openssl/tests/bug28382cert.txt new file mode 100644 index 0000000000..cce8d42242 --- /dev/null +++ b/ext/openssl/tests/bug28382cert.txt @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEoDCCBAmgAwIBAgIBJzANBgkqhkiG9w0BAQQFADCBkDELMAkGA1UEBhMCUk8x +EDAOBgNVBAgTB1JvbWFuaWExEDAOBgNVBAcTB0NyYWlvdmExDzANBgNVBAoTBlNl +cmdpdTETMBEGA1UECxMKU2VyZ2l1IFNSTDESMBAGA1UEAxMJU2VyZ2l1IENBMSMw +IQYJKoZIhvcNAQkBFhRuX3NlcmdpdUBob3RtYWlsLmNvbTAeFw0wNDA1MTQxMzM0 +NTZaFw0wNTA1MTQxMzM0NTZaMIGaMQswCQYDVQQGEwJSTzEQMA4GA1UECBMHUm9t +YW5pYTEQMA4GA1UEBxMHQ3JhaW92YTETMBEGA1UEChMKU2VyZ2l1IFNSTDETMBEG +A1UECxMKU2VyZ2l1IFNSTDEYMBYGA1UEAxMPU2VyZ2l1IHBlcnNvbmFsMSMwIQYJ +KoZIhvcNAQkBFhRuX3NlcmdpdUBob3RtYWlsLmNvbTCBnzANBgkqhkiG9w0BAQEF +AAOBjQAwgYkCgYEApNj7XXz8T8FcLIWpBniPYom3QcT6T7u0xRPHqtqzj5oboBYp +DJe5d354/y0gJTpiLt8+fTrPgWXnbHm3pOHgXzTcX6Arani0GDU0/xDi4VkCRGcS +YqX2sJpcDzAbmK9UDMt3xf/O1B8AJan3RfO0Bm3ozTEPziLMkmsiYr5b/L8CAwEA +AaOCAfwwggH4MAkGA1UdEwQCMAAwNQYJYIZIAYb4QgENBCgWJkZvciBHcmlkIHVz +ZSBvbmx5OyByZXF1ZXN0IHRhZyB1c2VyVGFnMBEGCWCGSAGG+EIBAQQEAwIF4DA/ +BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vbW9iaWxlLmJsdWUtc29mdHdhcmUucm86 +OTAvY2EvY3JsLnNodG1sMDUGCWCGSAGG+EIBCAQoFiZodHRwOi8vbW9iaWxlLmJs +dWUtc29mdHdhcmUucm86OTAvcHViLzAhBgNVHREEGjAYgRZzZXJnaXVAYmx1ZXNv +ZnR3YXJlLnJvMB0GA1UdDgQWBBSwp//5QRXeIzm93TEPl6CyonTg/DCBpwYDVR0j +BIGfMIGcoYGWpIGTMIGQMQswCQYDVQQGEwJSTzEQMA4GA1UECBMHUm9tYW5pYTEQ +MA4GA1UEBxMHQ3JhaW92YTEPMA0GA1UEChMGU2VyZ2l1MRMwEQYDVQQLEwpTZXJn +aXUgU1JMMRIwEAYDVQQDEwlTZXJnaXUgQ0ExIzAhBgkqhkiG9w0BCQEWFG5fc2Vy +Z2l1QGhvdG1haWwuY29tggEAMAsGA1UdDwQEAwIE8DAjBglghkgBhvhCAQIEFhYU +aHR0cDovLzYyLjIzMS45OC41Mi8wCwYDKgMEBAQ+52I0MA0GCSqGSIb3DQEBBAUA +A4GBAIBIOJ+iiLyQfNJEY+IMefayQea0nmuXYY+F+L1DFjSC7xChytgYoPNnKkhh +3dWPtxbswiqKYUnGi6y3Hi4UhDsOaDW29t2S305hSc2qgjOiNtRYQIVYQ8EHG1k7 +Fl63S7uCOhnVJt+4MnUK1N6/pwgsp+Z2GvEsDG1qCKnvNpf6 +-----END CERTIFICATE-----