835 static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req);
1034 static int php_openssl_add_oid_section(struct php_x509_request * req) /* {{{ */  in php_openssl_add_oid_section()  argument
1041 	str = CONF_get_string(req->req_config, NULL, "oid_section");  in php_openssl_add_oid_section()
1046 	sktmp = CONF_get_section(req->req_config, str);  in php_openssl_add_oid_section()
1065 #define PHP_SSL_REQ_INIT(req)		memset(req, 0, sizeof(*req))  argument
1066 #define PHP_SSL_REQ_DISPOSE(req)	php_openssl_dispose_config(req)  argument
1067 #define PHP_SSL_REQ_PARSE(req, zval)	php_openssl_parse_config(req, zval)  argument
1069 #define PHP_SSL_CONFIG_SYNTAX_CHECK(var) if (req->var && php_openssl_config_check_syntax(#var, \
1070 			req->config_filename, req->var, req->req_config) == FAILURE) return FAILURE
1110 static int php_openssl_parse_config(struct php_x509_request * req, zval * optional_args) /* {{{ */  in php_openssl_parse_config()  argument
1115 	SET_OPTIONAL_STRING_ARG("config", req->config_filename, default_ssl_conf_filename);  in php_openssl_parse_config()
1116 	SET_OPTIONAL_STRING_ARG("config_section_name", req->section_name, "req");  in php_openssl_parse_config()
1117 	req->global_config = CONF_load(NULL, default_ssl_conf_filename, NULL);  in php_openssl_parse_config()
1118 	if (req->global_config == NULL) {  in php_openssl_parse_config()
1121 	req->req_config = CONF_load(NULL, req->config_filename, NULL);  in php_openssl_parse_config()
1122 	if (req->req_config == NULL) {  in php_openssl_parse_config()
1128 	str = CONF_get_string(req->req_config, NULL, "oid_file");  in php_openssl_parse_config()
1139 	if (php_openssl_add_oid_section(req) == FAILURE) {  in php_openssl_parse_config()
1142 	SET_OPTIONAL_STRING_ARG("digest_alg", req->digest_name,  in php_openssl_parse_config()
1143 		CONF_get_string(req->req_config, req->section_name, "default_md"));  in php_openssl_parse_config()
1144 	SET_OPTIONAL_STRING_ARG("x509_extensions", req->extensions_section,  in php_openssl_parse_config()
1145 		CONF_get_string(req->req_config, req->section_name, "x509_extensions"));  in php_openssl_parse_config()
1146 	SET_OPTIONAL_STRING_ARG("req_extensions", req->request_extensions_section,  in php_openssl_parse_config()
1147 		CONF_get_string(req->req_config, req->section_name, "req_extensions"));  in php_openssl_parse_config()
1148 	SET_OPTIONAL_LONG_ARG("private_key_bits", req->priv_key_bits,  in php_openssl_parse_config()
1149 		CONF_get_number(req->req_config, req->section_name, "default_bits"));  in php_openssl_parse_config()
1151 	SET_OPTIONAL_LONG_ARG("private_key_type", req->priv_key_type, OPENSSL_KEYTYPE_DEFAULT);  in php_openssl_parse_config()
1154 		req->priv_key_encrypt = Z_TYPE_P(item) == IS_TRUE ? 1 : 0;  in php_openssl_parse_config()
1156 		str = CONF_get_string(req->req_config, req->section_name, "encrypt_rsa_key");  in php_openssl_parse_config()
1158 			str = CONF_get_string(req->req_config, req->section_name, "encrypt_key");  in php_openssl_parse_config()
1163 			req->priv_key_encrypt = 0;  in php_openssl_parse_config()
1165 			req->priv_key_encrypt = 1;  in php_openssl_parse_config()
1169 	if (req->priv_key_encrypt &&  in php_openssl_parse_config()
1180 			req->priv_key_encrypt_cipher = cipher;  in php_openssl_parse_config()
1183 		req->priv_key_encrypt_cipher = NULL;  in php_openssl_parse_config()
1187 	if (req->digest_name == NULL) {  in php_openssl_parse_config()
1188 		req->digest_name = CONF_get_string(req->req_config, req->section_name, "default_md");  in php_openssl_parse_config()
1190 	if (req->digest_name != NULL) {  in php_openssl_parse_config()
1191 		req->digest = req->md_alg = EVP_get_digestbyname(req->digest_name);  in php_openssl_parse_config()
1195 	if (req->md_alg == NULL) {  in php_openssl_parse_config()
1196 		req->md_alg = req->digest = EVP_sha1();  in php_openssl_parse_config()
1203 	req->curve_name = NID_undef;  in php_openssl_parse_config()
1206 		req->curve_name = OBJ_sn2nid(Z_STRVAL_P(item));  in php_openssl_parse_config()
1207 		if (req->curve_name == NID_undef) {  in php_openssl_parse_config()
1215 	str = CONF_get_string(req->req_config, req->section_name, "string_mask");  in php_openssl_parse_config()
1229 static void php_openssl_dispose_config(struct php_x509_request * req) /* {{{ */  in php_openssl_dispose_config()  argument
1231 	if (req->priv_key) {  in php_openssl_dispose_config()
1232 		EVP_PKEY_free(req->priv_key);  in php_openssl_dispose_config()
1233 		req->priv_key = NULL;  in php_openssl_dispose_config()
1235 	if (req->global_config) {  in php_openssl_dispose_config()
1236 		CONF_free(req->global_config);  in php_openssl_dispose_config()
1237 		req->global_config = NULL;  in php_openssl_dispose_config()
1239 	if (req->req_config) {  in php_openssl_dispose_config()
1240 		CONF_free(req->req_config);  in php_openssl_dispose_config()
1241 		req->req_config = NULL;  in php_openssl_dispose_config()
3055 static int php_openssl_make_REQ(struct php_x509_request * req, X509_REQ * csr, zval * dn, zval * at…  in php_openssl_make_REQ()  argument
3060 	dn_sect = CONF_get_string(req->req_config, req->section_name, "distinguished_name");  in php_openssl_make_REQ()
3065 	dn_sk = CONF_get_section(req->req_config, dn_sect);  in php_openssl_make_REQ()
3070 	attr_sect = CONF_get_string(req->req_config, req->section_name, "attributes");  in php_openssl_make_REQ()
3075 		attr_sk = CONF_get_section(req->req_config, attr_sect);  in php_openssl_make_REQ()
3210 	if (!X509_REQ_set_pubkey(csr, req->priv_key)) {  in php_openssl_make_REQ()
3384 	struct php_x509_request req;  in PHP_FUNCTION()  local
3390 	PHP_SSL_REQ_INIT(&req);  in PHP_FUNCTION()
3415 	if (PHP_SSL_REQ_PARSE(&req, args) == FAILURE) {  in PHP_FUNCTION()
3469 	if (req.extensions_section) {  in PHP_FUNCTION()
3473 		X509V3_set_conf_lhash(&ctx, req.req_config);  in PHP_FUNCTION()
3474 		if (!X509V3_EXT_add_conf(req.req_config, &ctx, req.extensions_section, new_cert)) {  in PHP_FUNCTION()
3481 	if (!X509_sign(new_cert, priv_key, req.digest)) {  in PHP_FUNCTION()
3496 	PHP_SSL_REQ_DISPOSE(&req);  in PHP_FUNCTION()
3520 	struct php_x509_request req;  in PHP_FUNCTION()  local
3532 	PHP_SSL_REQ_INIT(&req);  in PHP_FUNCTION()
3534 	if (PHP_SSL_REQ_PARSE(&req, args) == SUCCESS) {  in PHP_FUNCTION()
3537 			req.priv_key = php_openssl_evp_from_zval(out_pkey, 0, NULL, 0, 0, &key_resource);  in PHP_FUNCTION()
3538 			if (req.priv_key != NULL) {  in PHP_FUNCTION()
3542 		if (req.priv_key == NULL) {  in PHP_FUNCTION()
3543 			php_openssl_generate_private_key(&req);  in PHP_FUNCTION()
3545 		if (req.priv_key == NULL) {  in PHP_FUNCTION()
3550 				if (php_openssl_make_REQ(&req, csr, dn, attribs) == SUCCESS) {  in PHP_FUNCTION()
3554 					X509V3_set_conf_lhash(&ext_ctx, req.req_config);  in PHP_FUNCTION()
3557 					if (req.request_extensions_section && !X509V3_EXT_REQ_add_conf(req.req_config,  in PHP_FUNCTION()
3558 								&ext_ctx, req.request_extensions_section, csr))  in PHP_FUNCTION()
3561 …php_error_docref(NULL, E_WARNING, "Error loading extension section %s", req.request_extensions_sec…  in PHP_FUNCTION()
3565 						if (X509_REQ_sign(csr, req.priv_key, req.digest)) {  in PHP_FUNCTION()
3576 							ZVAL_RES(out_pkey, zend_register_resource(req.priv_key, le_key));  in PHP_FUNCTION()
3577 							req.priv_key = NULL; /* make sure the cleanup code doesn't zap it! */  in PHP_FUNCTION()
3579 							req.priv_key = NULL; /* make sure the cleanup code doesn't zap it! */  in PHP_FUNCTION()
3586 						req.priv_key = NULL;  in PHP_FUNCTION()
3598 	PHP_SSL_REQ_DISPOSE(&req);  in PHP_FUNCTION()
3902 static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req)  in php_openssl_generate_private_key()  argument
3908 	if (req->priv_key_bits < MIN_KEY_LENGTH) {  in php_openssl_generate_private_key()
3910 				MIN_KEY_LENGTH, req->priv_key_bits);  in php_openssl_generate_private_key()
3914 	randfile = CONF_get_string(req->req_config, req->section_name, "RANDFILE");  in php_openssl_generate_private_key()
3920 	if ((req->priv_key = EVP_PKEY_new()) != NULL) {  in php_openssl_generate_private_key()
3921 		switch(req->priv_key_type) {  in php_openssl_generate_private_key()
3928 					rsaparam = (RSA*)RSA_generate_key(req->priv_key_bits, RSA_F4, NULL, NULL);  in php_openssl_generate_private_key()
3939 						if (rsaparam == NULL || !RSA_generate_key_ex(rsaparam, req->priv_key_bits, bne, NULL)) {  in php_openssl_generate_private_key()
3945 					if (rsaparam && EVP_PKEY_assign_RSA(req->priv_key, rsaparam)) {  in php_openssl_generate_private_key()
3946 						return_val = req->priv_key;  in php_openssl_generate_private_key()
3957 …if (dsaparam && DSA_generate_parameters_ex(dsaparam, req->priv_key_bits, NULL, 0, NULL, NULL, NULL…  in php_openssl_generate_private_key()
3960 							if (EVP_PKEY_assign_DSA(req->priv_key, dsaparam)) {  in php_openssl_generate_private_key()
3961 								return_val = req->priv_key;  in php_openssl_generate_private_key()
3981 					if (dhparam && DH_generate_parameters_ex(dhparam, req->priv_key_bits, 2, NULL)) {  in php_openssl_generate_private_key()
3984 							if (EVP_PKEY_assign_DH(req->priv_key, dhparam)) {  in php_openssl_generate_private_key()
3985 								return_val = req->priv_key;  in php_openssl_generate_private_key()
4003 					if (req->curve_name == NID_undef) {  in php_openssl_generate_private_key()
4007 					eckey = EC_KEY_new_by_curve_name(req->curve_name);  in php_openssl_generate_private_key()
4011 							EVP_PKEY_assign_EC_KEY(req->priv_key, eckey)) {  in php_openssl_generate_private_key()
4012 							return_val = req->priv_key;  in php_openssl_generate_private_key()
4030 		EVP_PKEY_free(req->priv_key);  in php_openssl_generate_private_key()
4031 		req->priv_key = NULL;  in php_openssl_generate_private_key()
4293 	struct php_x509_request req;  in PHP_FUNCTION()  local
4488 	PHP_SSL_REQ_INIT(&req);  in PHP_FUNCTION()
4490 	if (PHP_SSL_REQ_PARSE(&req, args) == SUCCESS) {  in PHP_FUNCTION()
4491 		if (php_openssl_generate_private_key(&req)) {  in PHP_FUNCTION()
4493 			RETVAL_RES(zend_register_resource(req.priv_key, le_key));  in PHP_FUNCTION()
4495 			req.priv_key = NULL;  in PHP_FUNCTION()
4498 	PHP_SSL_REQ_DISPOSE(&req);  in PHP_FUNCTION()
4506 	struct php_x509_request req;  in PHP_FUNCTION()  local
4535 	PHP_SSL_REQ_INIT(&req);  in PHP_FUNCTION()
4537 	if (PHP_SSL_REQ_PARSE(&req, args) == SUCCESS) {  in PHP_FUNCTION()
4544 		if (passphrase && req.priv_key_encrypt) {  in PHP_FUNCTION()
4545 			if (req.priv_key_encrypt_cipher) {  in PHP_FUNCTION()
4546 				cipher = req.priv_key_encrypt_cipher;  in PHP_FUNCTION()
4579 	PHP_SSL_REQ_DISPOSE(&req);  in PHP_FUNCTION()
4594 	struct php_x509_request req;  in PHP_FUNCTION()  local
4616 	PHP_SSL_REQ_INIT(&req);  in PHP_FUNCTION()
4618 	if (PHP_SSL_REQ_PARSE(&req, args) == SUCCESS) {  in PHP_FUNCTION()
4621 		if (passphrase && req.priv_key_encrypt) {  in PHP_FUNCTION()
4622 			if (req.priv_key_encrypt_cipher) {  in PHP_FUNCTION()
4623 				cipher = req.priv_key_encrypt_cipher;  in PHP_FUNCTION()
4661 	PHP_SSL_REQ_DISPOSE(&req);  in PHP_FUNCTION()

Last Index update Fri Sep 27 10:02:33 UTC 2024

Dedicated to & Maintained by Room-11