From 2d4242395394b4668fb1ada91e873a84d5bcadef Mon Sep 17 00:00:00 2001 From: Joe Watkins Date: Fri, 6 Jan 2017 07:40:20 +0000 Subject: [PATCH] Merge branch 'pull-request/1755' * pull-request/1755: Fix bug #71519 Add 'serialNumberHex' variable to openssl_x509_parse --- NEWS | 9 ++++++--- ext/openssl/openssl.c | 13 +++++++++++++ ext/openssl/tests/openssl_x509_parse_basic.phpt | 8 ++++++-- 3 files changed, 25 insertions(+), 5 deletions(-) diff --git a/NEWS b/NEWS index d1442272ce..3d7a45f027 100644 --- a/NEWS +++ b/NEWS @@ -2,18 +2,21 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? 2017 PHP 7.0.16 +- OpenSSL: + . Fixed bug #71519 (add serial hex to return value array). (xrobau) + - Phar: . Fixed bug #70417 (PharData::compress() doesn't close temp file). (cmb) -- ZIP: - . Fixed bug #70103 (ZipArchive::addGlob ignores remove_all_path option). (cmb) - - Session: . Fixed bug #69582 (session not readable by root in CLI). (EvgeniySpinov) - Standard: . Fixed bug #69442 (closing of fd incorrect when PTS enabled). (jaytaph) +- ZIP: + . Fixed bug #70103 (ZipArchive::addGlob ignores remove_all_path option). (cmb) + 19 Jan 2017 PHP 7.0.15 - Core: diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index be42f76de7..6d3f9ef4bb 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -2004,6 +2004,7 @@ PHP_FUNCTION(openssl_x509_parse) char *extname; BIO *bio_out; BUF_MEM *bio_buf; + char * hexserial; char buf[256]; if (zend_parse_parameters(ZEND_NUM_ARGS(), "z|b", &zcert, &useshortnames) == FAILURE) { @@ -2033,6 +2034,18 @@ PHP_FUNCTION(openssl_x509_parse) add_assoc_string(return_value, "serialNumber", i2s_ASN1_INTEGER(NULL, X509_get_serialNumber(cert))); + /* Return the hex representation of the serial number, as defined by OpenSSL */ + hexserial = BN_bn2hex(ASN1_INTEGER_to_BN(X509_get_serialNumber(cert), NULL)); + + /* If we received null back from BN_bn2hex, there was a critical error in openssl, + * and we should not continue. + */ + if (!hexserial) { + RETURN_FALSE; + } + add_assoc_string(return_value, "serialNumberHex", hexserial); + OPENSSL_free(hexserial); + add_assoc_asn1_string(return_value, "validFrom", X509_get_notBefore(cert)); add_assoc_asn1_string(return_value, "validTo", X509_get_notAfter(cert)); diff --git a/ext/openssl/tests/openssl_x509_parse_basic.phpt b/ext/openssl/tests/openssl_x509_parse_basic.phpt index 9c2669e73b..f19e895a4a 100644 --- a/ext/openssl/tests/openssl_x509_parse_basic.phpt +++ b/ext/openssl/tests/openssl_x509_parse_basic.phpt @@ -20,7 +20,7 @@ var_dump(openssl_x509_parse($cert)); var_dump(openssl_x509_parse($cert, false)); ?> --EXPECTF-- -array(15) { +array(16) { ["name"]=> string(96) "/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net" ["subject"]=> @@ -55,6 +55,8 @@ array(15) { int(2) ["serialNumber"]=> string(20) "12593567369101004962" + ["serialNumberHex"]=> + string(16) "AEC556CC723750A2" ["validFrom"]=> string(13) "080630102843Z" ["validTo"]=> @@ -166,7 +168,7 @@ serial:AE:C5:56:CC:72:37:50:A2 string(7) "CA:TRUE" } } -array(15) { +array(16) { ["name"]=> string(96) "/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net" ["subject"]=> @@ -201,6 +203,8 @@ array(15) { int(2) ["serialNumber"]=> string(20) "12593567369101004962" + ["serialNumberHex"]=> + string(16) "AEC556CC723750A2" ["validFrom"]=> string(13) "080630102843Z" ["validTo"]=> -- 2.40.0