868 static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req);
1078 static int php_openssl_add_oid_section(struct php_x509_request * req) /* {{{ */  in php_openssl_add_oid_section()  argument
1085 	str = php_openssl_conf_get_string(req->req_config, NULL, "oid_section");  in php_openssl_add_oid_section()
1089 	sktmp = CONF_get_section(req->req_config, str);  in php_openssl_add_oid_section()
1108 #define PHP_SSL_REQ_INIT(req)		memset(req, 0, sizeof(*req))  argument
1109 #define PHP_SSL_REQ_DISPOSE(req)	php_openssl_dispose_config(req)  argument
1110 #define PHP_SSL_REQ_PARSE(req, zval)	php_openssl_parse_config(req, zval)  argument
1112 #define PHP_SSL_CONFIG_SYNTAX_CHECK(var) if (req->var && php_openssl_config_check_syntax(#var, \
1113 			req->config_filename, req->var, req->req_config) == FAILURE) return FAILURE
1153 static int php_openssl_parse_config(struct php_x509_request * req, zval * optional_args) /* {{{ */  in php_openssl_parse_config()  argument
1158 	SET_OPTIONAL_STRING_ARG("config", req->config_filename, default_ssl_conf_filename);  in php_openssl_parse_config()
1159 	SET_OPTIONAL_STRING_ARG("config_section_name", req->section_name, "req");  in php_openssl_parse_config()
1160 	req->global_config = CONF_load(NULL, default_ssl_conf_filename, NULL);  in php_openssl_parse_config()
1161 	if (req->global_config == NULL) {  in php_openssl_parse_config()
1164 	req->req_config = CONF_load(NULL, req->config_filename, NULL);  in php_openssl_parse_config()
1165 	if (req->req_config == NULL) {  in php_openssl_parse_config()
1171 	str = php_openssl_conf_get_string(req->req_config, NULL, "oid_file");  in php_openssl_parse_config()
1180 	if (php_openssl_add_oid_section(req) == FAILURE) {  in php_openssl_parse_config()
1183 	SET_OPTIONAL_STRING_ARG("digest_alg", req->digest_name,  in php_openssl_parse_config()
1184 		php_openssl_conf_get_string(req->req_config, req->section_name, "default_md"));  in php_openssl_parse_config()
1185 	SET_OPTIONAL_STRING_ARG("x509_extensions", req->extensions_section,  in php_openssl_parse_config()
1186 		php_openssl_conf_get_string(req->req_config, req->section_name, "x509_extensions"));  in php_openssl_parse_config()
1187 	SET_OPTIONAL_STRING_ARG("req_extensions", req->request_extensions_section,  in php_openssl_parse_config()
1188 		php_openssl_conf_get_string(req->req_config, req->section_name, "req_extensions"));  in php_openssl_parse_config()
1189 	SET_OPTIONAL_LONG_ARG("private_key_bits", req->priv_key_bits,  in php_openssl_parse_config()
1190 		CONF_get_number(req->req_config, req->section_name, "default_bits"));  in php_openssl_parse_config()
1192 	SET_OPTIONAL_LONG_ARG("private_key_type", req->priv_key_type, OPENSSL_KEYTYPE_DEFAULT);  in php_openssl_parse_config()
1195 		req->priv_key_encrypt = Z_TYPE_P(item) == IS_TRUE ? 1 : 0;  in php_openssl_parse_config()
1197 		str = php_openssl_conf_get_string(req->req_config, req->section_name, "encrypt_rsa_key");  in php_openssl_parse_config()
1199 			str = php_openssl_conf_get_string(req->req_config, req->section_name, "encrypt_key");  in php_openssl_parse_config()
1202 			req->priv_key_encrypt = 0;  in php_openssl_parse_config()
1204 			req->priv_key_encrypt = 1;  in php_openssl_parse_config()
1208 	if (req->priv_key_encrypt &&  in php_openssl_parse_config()
1219 			req->priv_key_encrypt_cipher = cipher;  in php_openssl_parse_config()
1222 		req->priv_key_encrypt_cipher = NULL;  in php_openssl_parse_config()
1226 	if (req->digest_name == NULL) {  in php_openssl_parse_config()
1227 		req->digest_name = php_openssl_conf_get_string(req->req_config, req->section_name, "default_md");  in php_openssl_parse_config()
1229 	if (req->digest_name != NULL) {  in php_openssl_parse_config()
1230 		req->digest = req->md_alg = EVP_get_digestbyname(req->digest_name);  in php_openssl_parse_config()
1232 	if (req->md_alg == NULL) {  in php_openssl_parse_config()
1233 		req->md_alg = req->digest = EVP_sha1();  in php_openssl_parse_config()
1240 	req->curve_name = NID_undef;  in php_openssl_parse_config()
1243 		req->curve_name = OBJ_sn2nid(Z_STRVAL_P(item));  in php_openssl_parse_config()
1244 		if (req->curve_name == NID_undef) {  in php_openssl_parse_config()
1252 	str = php_openssl_conf_get_string(req->req_config, req->section_name, "string_mask");  in php_openssl_parse_config()
1264 static void php_openssl_dispose_config(struct php_x509_request * req) /* {{{ */  in php_openssl_dispose_config()  argument
1266 	if (req->priv_key) {  in php_openssl_dispose_config()
1267 		EVP_PKEY_free(req->priv_key);  in php_openssl_dispose_config()
1268 		req->priv_key = NULL;  in php_openssl_dispose_config()
1270 	if (req->global_config) {  in php_openssl_dispose_config()
1271 		CONF_free(req->global_config);  in php_openssl_dispose_config()
1272 		req->global_config = NULL;  in php_openssl_dispose_config()
1274 	if (req->req_config) {  in php_openssl_dispose_config()
1275 		CONF_free(req->req_config);  in php_openssl_dispose_config()
1276 		req->req_config = NULL;  in php_openssl_dispose_config()
3128 static int php_openssl_make_REQ(struct php_x509_request * req, X509_REQ * csr, zval * dn, zval * at…  in php_openssl_make_REQ()  argument
3133 	dn_sect = CONF_get_string(req->req_config, req->section_name, "distinguished_name");  in php_openssl_make_REQ()
3138 	dn_sk = CONF_get_section(req->req_config, dn_sect);  in php_openssl_make_REQ()
3143 	attr_sect = php_openssl_conf_get_string(req->req_config, req->section_name, "attributes");  in php_openssl_make_REQ()
3147 		attr_sk = CONF_get_section(req->req_config, attr_sect);  in php_openssl_make_REQ()
3288 	if (!X509_REQ_set_pubkey(csr, req->priv_key)) {  in php_openssl_make_REQ()
3461 	struct php_x509_request req;  in PHP_FUNCTION()  local
3467 	PHP_SSL_REQ_INIT(&req);  in PHP_FUNCTION()
3492 	if (PHP_SSL_REQ_PARSE(&req, args) == FAILURE) {  in PHP_FUNCTION()
3549 	if (req.extensions_section) {  in PHP_FUNCTION()
3553 		X509V3_set_conf_lhash(&ctx, req.req_config);  in PHP_FUNCTION()
3554 		if (!X509V3_EXT_add_conf(req.req_config, &ctx, req.extensions_section, new_cert)) {  in PHP_FUNCTION()
3561 	if (!X509_sign(new_cert, priv_key, req.digest)) {  in PHP_FUNCTION()
3576 	PHP_SSL_REQ_DISPOSE(&req);  in PHP_FUNCTION()
3600 	struct php_x509_request req;  in PHP_FUNCTION()  local
3612 	PHP_SSL_REQ_INIT(&req);  in PHP_FUNCTION()
3614 	if (PHP_SSL_REQ_PARSE(&req, args) == SUCCESS) {  in PHP_FUNCTION()
3620 			req.priv_key = php_openssl_evp_from_zval(out_pkey_val, 0, NULL, 0, 0, &key_resource);  in PHP_FUNCTION()
3621 			if (req.priv_key != NULL) {  in PHP_FUNCTION()
3625 		if (req.priv_key == NULL) {  in PHP_FUNCTION()
3626 			php_openssl_generate_private_key(&req);  in PHP_FUNCTION()
3628 		if (req.priv_key == NULL) {  in PHP_FUNCTION()
3633 				if (php_openssl_make_REQ(&req, csr, dn, attribs) == SUCCESS) {  in PHP_FUNCTION()
3637 					X509V3_set_conf_lhash(&ext_ctx, req.req_config);  in PHP_FUNCTION()
3640 					if (req.request_extensions_section && !X509V3_EXT_REQ_add_conf(req.req_config,  in PHP_FUNCTION()
3641 								&ext_ctx, req.request_extensions_section, csr))  in PHP_FUNCTION()
3644 …php_error_docref(NULL, E_WARNING, "Error loading extension section %s", req.request_extensions_sec…  in PHP_FUNCTION()
3648 						if (X509_REQ_sign(csr, req.priv_key, req.digest)) {  in PHP_FUNCTION()
3658 							ZEND_TRY_ASSIGN_REF_RES(out_pkey, zend_register_resource(req.priv_key, le_key));  in PHP_FUNCTION()
3659 							req.priv_key = NULL; /* make sure the cleanup code doesn't zap it! */  in PHP_FUNCTION()
3661 							req.priv_key = NULL; /* make sure the cleanup code doesn't zap it! */  in PHP_FUNCTION()
3668 						req.priv_key = NULL;  in PHP_FUNCTION()
3680 	PHP_SSL_REQ_DISPOSE(&req);  in PHP_FUNCTION()
3989 static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req)  in php_openssl_generate_private_key()  argument
3995 	if (req->priv_key_bits < MIN_KEY_LENGTH) {  in php_openssl_generate_private_key()
3997 				MIN_KEY_LENGTH, req->priv_key_bits);  in php_openssl_generate_private_key()
4001 	randfile = php_openssl_conf_get_string(req->req_config, req->section_name, "RANDFILE");  in php_openssl_generate_private_key()
4004 	if ((req->priv_key = EVP_PKEY_new()) != NULL) {  in php_openssl_generate_private_key()
4005 		switch(req->priv_key_type) {  in php_openssl_generate_private_key()
4012 					rsaparam = (RSA*)RSA_generate_key(req->priv_key_bits, RSA_F4, NULL, NULL);  in php_openssl_generate_private_key()
4023 						if (rsaparam == NULL || !RSA_generate_key_ex(rsaparam, req->priv_key_bits, bne, NULL)) {  in php_openssl_generate_private_key()
4031 					if (rsaparam && EVP_PKEY_assign_RSA(req->priv_key, rsaparam)) {  in php_openssl_generate_private_key()
4032 						return_val = req->priv_key;  in php_openssl_generate_private_key()
4043 …if (dsaparam && DSA_generate_parameters_ex(dsaparam, req->priv_key_bits, NULL, 0, NULL, NULL, NULL…  in php_openssl_generate_private_key()
4046 							if (EVP_PKEY_assign_DSA(req->priv_key, dsaparam)) {  in php_openssl_generate_private_key()
4047 								return_val = req->priv_key;  in php_openssl_generate_private_key()
4067 					if (dhparam && DH_generate_parameters_ex(dhparam, req->priv_key_bits, 2, NULL)) {  in php_openssl_generate_private_key()
4070 							if (EVP_PKEY_assign_DH(req->priv_key, dhparam)) {  in php_openssl_generate_private_key()
4071 								return_val = req->priv_key;  in php_openssl_generate_private_key()
4089 					if (req->curve_name == NID_undef) {  in php_openssl_generate_private_key()
4093 					eckey = EC_KEY_new_by_curve_name(req->curve_name);  in php_openssl_generate_private_key()
4097 							EVP_PKEY_assign_EC_KEY(req->priv_key, eckey)) {  in php_openssl_generate_private_key()
4098 							return_val = req->priv_key;  in php_openssl_generate_private_key()
4116 		EVP_PKEY_free(req->priv_key);  in php_openssl_generate_private_key()
4117 		req->priv_key = NULL;  in php_openssl_generate_private_key()
4379 	struct php_x509_request req;  in PHP_FUNCTION()  local
4574 	PHP_SSL_REQ_INIT(&req);  in PHP_FUNCTION()
4576 	if (PHP_SSL_REQ_PARSE(&req, args) == SUCCESS) {  in PHP_FUNCTION()
4577 		if (php_openssl_generate_private_key(&req)) {  in PHP_FUNCTION()
4579 			RETVAL_RES(zend_register_resource(req.priv_key, le_key));  in PHP_FUNCTION()
4581 			req.priv_key = NULL;  in PHP_FUNCTION()
4584 	PHP_SSL_REQ_DISPOSE(&req);  in PHP_FUNCTION()
4592 	struct php_x509_request req;  in PHP_FUNCTION()  local
4621 	PHP_SSL_REQ_INIT(&req);  in PHP_FUNCTION()
4623 	if (PHP_SSL_REQ_PARSE(&req, args) == SUCCESS) {  in PHP_FUNCTION()
4630 		if (passphrase && req.priv_key_encrypt) {  in PHP_FUNCTION()
4631 			if (req.priv_key_encrypt_cipher) {  in PHP_FUNCTION()
4632 				cipher = req.priv_key_encrypt_cipher;  in PHP_FUNCTION()
4665 	PHP_SSL_REQ_DISPOSE(&req);  in PHP_FUNCTION()
4680 	struct php_x509_request req;  in PHP_FUNCTION()  local
4702 	PHP_SSL_REQ_INIT(&req);  in PHP_FUNCTION()
4704 	if (PHP_SSL_REQ_PARSE(&req, args) == SUCCESS) {  in PHP_FUNCTION()
4707 		if (passphrase && req.priv_key_encrypt) {  in PHP_FUNCTION()
4708 			if (req.priv_key_encrypt_cipher) {  in PHP_FUNCTION()
4709 				cipher = req.priv_key_encrypt_cipher;  in PHP_FUNCTION()
4746 	PHP_SSL_REQ_DISPOSE(&req);  in PHP_FUNCTION()

Last Index update Sat Apr 27 22:04:29 UTC 2024

Dedicated to & Maintained by Room-11