1--TEST-- 2openssl_*() with OPENSSL_KEYTYPE_EC 3--SKIPIF-- 4<?php if (!extension_loaded("openssl") || !defined("OPENSSL_KEYTYPE_EC")) print "skip"; ?> 5--FILE-- 6<?php 7$args = array( 8 "curve_name" => "secp384r1", 9 "private_key_type" => OPENSSL_KEYTYPE_EC, 10); 11echo "Testing openssl_pkey_new\n"; 12$key1 = openssl_pkey_new($args); 13var_dump($key1); 14 15$argsFailed = array( 16 "curve_name" => "invalid_cuve_name", 17 "private_key_type" => OPENSSL_KEYTYPE_EC, 18); 19 20$keyFailed = openssl_pkey_new($argsFailed); 21var_dump($keyFailed); 22 23$d1 = openssl_pkey_get_details($key1); 24var_dump($d1["bits"]); 25var_dump(strlen($d1["key"])); 26var_dump($d1["ec"]["curve_name"]); 27var_dump($d1["type"] == OPENSSL_KEYTYPE_EC); 28 29$key2 = openssl_pkey_new($d1); 30var_dump($key2); 31 32$d2 = openssl_pkey_get_details($key2); 33// Compare array 34var_dump($d1 === $d2); 35 36$dn = array( 37 "countryName" => "BR", 38 "stateOrProvinceName" => "Rio Grande do Sul", 39 "localityName" => "Porto Alegre", 40 "commonName" => "Henrique do N. Angelo", 41 "emailAddress" => "hnangelo@php.net" 42); 43 44// openssl_csr_new creates a new public key pair if the key argument is null 45echo "Testing openssl_csr_new with key generation\n"; 46$keyGenerate = null; 47var_dump($keyGenerate); 48$csr = openssl_csr_new($dn, $keyGenerate, $args); 49 50var_dump($keyGenerate); 51 52$args["digest_alg"] = "sha1"; 53echo "Testing openssl_csr_new with existing ecc key\n"; 54$csr = openssl_csr_new($dn, $key1, $args); 55var_dump($csr); 56 57$pubkey1 = openssl_pkey_get_details(openssl_csr_get_public_key($csr)); 58var_dump(isset($pubkey1["ec"]["priv_key"])); 59unset($d1["ec"]["priv_key"]); 60var_dump(array_diff($d1["ec"], $pubkey1["ec"])); 61 62$x509 = openssl_csr_sign($csr, null, $key1, 365, $args); 63var_dump($x509); 64 65echo "Testing openssl_x509_check_private_key\n"; 66var_dump(openssl_x509_check_private_key($x509, $key1)); 67 68$key3 = openssl_pkey_new($args); 69var_dump(openssl_x509_check_private_key($x509, $key3)); 70 71echo "Testing openssl_get_curve_names\n"; 72$curve_names = openssl_get_curve_names(); 73 74var_dump(is_array($curve_names)); 75 76foreach ($curve_names as $curve_name) { 77 if ("secp384r1" === $curve_name) { 78 echo "Found secp384r1 in curve names\n"; 79 } 80} 81?> 82--EXPECTF-- 83Testing openssl_pkey_new 84resource(%d) of type (OpenSSL key) 85 86Warning: openssl_pkey_new(): Unknown elliptic curve (short) name invalid_cuve_name in %s on line %d 87bool(false) 88int(384) 89int(215) 90string(9) "secp384r1" 91bool(true) 92resource(%d) of type (OpenSSL key) 93bool(true) 94Testing openssl_csr_new with key generation 95NULL 96resource(%d) of type (OpenSSL key) 97Testing openssl_csr_new with existing ecc key 98resource(%d) of type (OpenSSL X.509 CSR) 99bool(false) 100array(1) { 101 ["d"]=> 102 string(%d) "%a" 103} 104resource(%d) of type (OpenSSL X.509) 105Testing openssl_x509_check_private_key 106bool(true) 107bool(false) 108Testing openssl_get_curve_names 109bool(true) 110Found secp384r1 in curve names 111