From c808d70bb3fbfd05e153c1e8c9c687b4712867b9 Mon Sep 17 00:00:00 2001 From: Pierre Joye Date: Sat, 21 Oct 2006 00:28:56 +0000 Subject: [PATCH] - #39217, use openssl i2s_ASN1_INTEGER to get a string representation of the integer (large or not). It also keeps BC by using only decimal fmt - add test --- ext/openssl/openssl.c | 39 +---------------------------- ext/openssl/tests/bug39217.phpt | 19 ++++++++++++++ ext/openssl/tests/bug39217cert1.txt | 17 +++++++++++++ ext/openssl/tests/bug39217cert2.txt | 18 +++++++++++++ 4 files changed, 55 insertions(+), 38 deletions(-) create mode 100644 ext/openssl/tests/bug39217.phpt create mode 100644 ext/openssl/tests/bug39217cert1.txt create mode 100644 ext/openssl/tests/bug39217cert2.txt diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index eb50748333..a0997a5225 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -367,40 +367,6 @@ static time_t asn1_time_to_time_t(ASN1_UTCTIME * timestr TSRMLS_DC) /* {{{ */ } /* }}} */ -static void php_asn1_integer_to_string(ASN1_INTEGER *a, char **str, int *str_len TSRMLS_DC) /* {{{ */ -{ - int i; - static const char *h="0123456789ABCDEF"; - zend_bool negative = 0; - - *str = NULL; - *str_len = 0; - - if (a == NULL) { - return; - } - - if (a->type & V_ASN1_NEG) { - negative = 1; - } - - if (a->length == 0) { - *str_len = spprintf(str, 0, "%s00", negative ? "-" : ""); - } else { - *str_len = a->length*2 + negative; - *str = emalloc(*str_len + 1); - if (negative) { - (*str)[0] = '-'; - } - for (i=0; ilength; i++) { - (*str)[i*2 + negative]=h[((unsigned char)a->data[i]>>4)&0x0f]; - (*str)[i*2 + negative + 1]=h[((unsigned char)a->data[i])&0x0f]; - } - (*str)[a->length*2 + negative] = '\0'; - } -} -/* }}} */ - static inline int php_openssl_config_check_syntax( const char * section_label, const char * config_filename, @@ -998,8 +964,6 @@ PHP_FUNCTION(openssl_x509_parse) X509_EXTENSION *extension; ASN1_OCTET_STRING *extdata; char *extname; - char *serial; - int serial_len; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Z|b", &zcert, &useshortnames) == FAILURE) { return; @@ -1026,8 +990,7 @@ PHP_FUNCTION(openssl_x509_parse) add_assoc_name_entry(return_value, "issuer", X509_get_issuer_name(cert), useshortnames TSRMLS_CC); add_assoc_long(return_value, "version", X509_get_version(cert)); - php_asn1_integer_to_string(X509_get_serialNumber(cert), &serial, &serial_len TSRMLS_CC); - add_assoc_stringl(return_value, "serialNumber", serial, serial_len, 0); + add_assoc_string(return_value, "serialNumber", i2s_ASN1_INTEGER(NULL, X509_get_serialNumber(cert)), 1); add_assoc_asn1_string(return_value, "validFrom", X509_get_notBefore(cert)); add_assoc_asn1_string(return_value, "validTo", X509_get_notAfter(cert)); diff --git a/ext/openssl/tests/bug39217.phpt b/ext/openssl/tests/bug39217.phpt new file mode 100644 index 0000000000..7d9456bd25 --- /dev/null +++ b/ext/openssl/tests/bug39217.phpt @@ -0,0 +1,19 @@ +--TEST-- +#39217, Large serial number return -1 +--SKIPIF-- + +--FILE-- + +--EXPECTF-- +163040343498260435477161879008842183802 +15 diff --git a/ext/openssl/tests/bug39217cert1.txt b/ext/openssl/tests/bug39217cert1.txt new file mode 100644 index 0000000000..c3ddfb4aee --- /dev/null +++ b/ext/openssl/tests/bug39217cert1.txt @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICvzCCAiigAwIBAgIBDzANBgkqhkiG9w0BAQUFADBbMRkwFwYDVQQKExBET0Ug +U2NpZW5jZSBHcmlkMSAwHgYDVQQLExdDZXJ0aWZpY2F0ZSBBdXRob3JpdGllczEc +MBoGA1UEAxMTQ2VydGlmaWNhdGUgTWFuYWdlcjAeFw0wMDA4MjkyMjI4MDJaFw0w +MTA4MjkyMjI4MDJaMHgxDTALBgNVBAoTBEdyaWQxLjAsBgNVBAoTJUxhd3JlbmNl +IEJlcmtlbGV5IE5hdGlvbmFsIExhYm9yYXRvcnkxIDAeBgNVBAsTF0NlcnRpZmlj +YXRlIEF1dGhvcml0aWVzMRUwEwYDVQQDEwxMQk5MLUdyaWQtQ0EwgZ8wDQYJKoZI +hvcNAQEBBQADgY0AMIGJAoGBAL2t4aX933WXYlofuY+L+16Tdl/KxpAammyfcW8u +kHHT6RYDjaQdfV1FpNEqfSrRjKNwGGGkrG4XHZWiUO0Di0AlBN04lsRY6jB68l6B +5byujfZv+8EeCI2c1ObBLYZYi4lToJf0sm0Hpn3GD7PZBv6BVHLOuwEFDl9z9Dnc +DFDdAgMBAAGjdjB0MBEGCWCGSAGG+EIBAQQEAwIAhzAOBgNVHQ8BAf8EBAMCAcYw +HQYDVR0OBBYEFIn+csPVyp+iprpYUIu1SziMQiDxMA8GA1UdEwEB/wQFMAMBAf8w +HwYDVR0jBBgwFoAUm85P8ry9WHAx1fIyDn6eveJRFOcwDQYJKoZIhvcNAQEFBQAD +gYEAHindWQ4P4VUmJVt5sUGA05hSAZriDJDDnkvkm/9AR7xgGxtsy21QruhUVe2E +eVFBws85zbwRqMpfUQyE/xHhUcka2GQTaKlBlcEjZTMnsh27Si2PMYU/UPr/PIpq +kBkoxVV1bMWRK57mG2tzzTy9j0wkct4G5IjEsrYNDzW6U3E= +-----END CERTIFICATE----- diff --git a/ext/openssl/tests/bug39217cert2.txt b/ext/openssl/tests/bug39217cert2.txt new file mode 100644 index 0000000000..399618ca50 --- /dev/null +++ b/ext/openssl/tests/bug39217cert2.txt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC3DCCAkWgAwIBAgIQeqhtj1pzHCrTTq2AldV0ejANBgkqhkiG9w0BAQQFADAy +MRcwFQYDVQQKEw5FLUFDSEFUIE1JTkRFRjEXMBUGA1UEAxMORS1BQ0hBVCBNSU5E +RUYwHhcNMDQwMTA1MDAwMDAwWhcNMDYwMTA0MjM1OTU5WjCB5DEOMAwGA1UEBxQF +UEFSSVMxCzAJBgNVBAYTAkZSMRcwFQYDVQQKFA5FLUFDSEFUIE1JTkRFRjEtMCsG +A1UECxQkRW50LiAtIENhcCBHZW1pbmkgRXJuc3QgWW91bmcgRnJhbmNlMR8wHQYD +VQQLFBZTSVJFTiAtIDMyODc4MTc4NjAwMDUzMTQwMgYDVQQDEytDR0VZIEZyYW5j +ZSAtIENhcCBHZW1pbmkgRXJuc3QgWW91bmcgRnJhbmNlMSYwJAYJKoZIhvcNAQkB +FhdkZ2FlbWEtbWNvQGNhcGdlbWluaS5mcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAw +gYkCgYEApFgcuVTuUe0z+iGTaPw7yVxhZsPq6aIqGHsCvU9fqUcymbmg9l4oTfAk +gR5bvDo+JTQb1/OPlQCKqyVa7wn6lPs97dMOZMobjCRcvw7z0jVphortA1NS8FRH +6LsWELZ13uC57IIakpW726Vz3tST9qHHbQoWbX/n8NjHcwL4zUECAwEAAaNAMD4w +CQYDVR0TBAIwADALBgNVHQ8EBAMCBaAwEQYJYIZIAYb4QgEBBAQDAgeAMBEGCmCG +SAGG+EUBBgkEAwEB/zANBgkqhkiG9w0BAQQFAAOBgQAWdmEu8TkFdgqA/xN6llo9 +zZR3EUH0X5HstxJRYgofcQyfumJHhgvaNB8vkDhZ3iJORVVxcJ27W36TAJ6b4jcr +yWjO/nc42XdgknS8r9NIV7VKzmjY7Ip2+9N6JOAWFkjGrnF1G69nrerIJavJTzrb +PYlQnzJO6SHAoi5j6WsKPw== +-----END CERTIFICATE----- -- 2.50.1