1--TEST-- 2Bug #50713 (openssl_pkcs7_verify() may ignore untrusted CAs) 3--EXTENSIONS-- 4openssl 5--FILE-- 6<?php 7$inFile = __DIR__ . "/plain.txt"; 8$outFile = __DIR__ . '/bug50713-out.pem'; 9$signersFile = __DIR__ . '/bug50713-signers.pem'; 10$keyFile = __DIR__ . '/bug50713-key.pem'; 11$certFile = __DIR__ . '/bug50713-crt.pem'; 12$cacertFile = __DIR__ . '/bug50713-ca.pem'; 13 14include 'CertificateGenerator.inc'; 15$certificateGenerator = new CertificateGenerator(); 16$certificateGenerator->saveCaCert($cacertFile); 17$certificateGenerator->saveNewCertAndKey('bug50713', $certFile, $keyFile, 1024); 18 19var_dump(openssl_pkcs7_sign($inFile, $outFile, 'file://' . $certFile, 'file://' . $keyFile, [], PKCS7_NOCERTS)); 20var_dump(openssl_pkcs7_verify($outFile, 0, $signersFile, [$cacertFile], $certFile)); 21var_dump(strlen(file_get_contents($signersFile)) > 0); 22?> 23--CLEAN-- 24<?php 25$outFile = __DIR__ . '/bug50713-out.pem'; 26$signersFile = __DIR__ . '/bug50713-signers.pem'; 27$keyFile = __DIR__ . '/bug50713-key.pem'; 28$certFile = __DIR__ . '/bug50713-crt.pem'; 29$cacertFile = __DIR__ . '/bug50713-ca.pem'; 30 31@unlink($signersFile); 32@unlink($outFile); 33@unlink($keyFile); 34@unlink($certFile); 35@unlink($cacertFile); 36?> 37--EXPECT-- 38bool(true) 39bool(true) 40bool(true) 41
