xref: /PHP-8.4/ext/openssl/tests/bug50713.phpt (revision 55e07484)
1--TEST--
2Bug #50713 (openssl_pkcs7_verify() may ignore untrusted CAs)
3--EXTENSIONS--
4openssl
5--FILE--
6<?php
7$inFile =  __DIR__ . "/plain.txt";
8$outFile = __DIR__ . '/bug50713-out.pem';
9$signersFile = __DIR__ . '/bug50713-signers.pem';
10$keyFile = __DIR__ . '/bug50713-key.pem';
11$certFile = __DIR__ . '/bug50713-crt.pem';
12$cacertFile = __DIR__ . '/bug50713-ca.pem';
13
14include 'CertificateGenerator.inc';
15$certificateGenerator = new CertificateGenerator();
16$certificateGenerator->saveCaCert($cacertFile);
17$certificateGenerator->saveNewCertAndKey('bug50713', $certFile, $keyFile, 1024);
18
19var_dump(openssl_pkcs7_sign($inFile, $outFile, 'file://' . $certFile, 'file://' . $keyFile, [], PKCS7_NOCERTS));
20var_dump(openssl_pkcs7_verify($outFile, 0, $signersFile, [$cacertFile], $certFile));
21var_dump(strlen(file_get_contents($signersFile)) > 0);
22?>
23--CLEAN--
24<?php
25$outFile = __DIR__ . '/bug50713-out.pem';
26$signersFile = __DIR__ . '/bug50713-signers.pem';
27$keyFile = __DIR__ . '/bug50713-key.pem';
28$certFile = __DIR__ . '/bug50713-crt.pem';
29$cacertFile = __DIR__ . '/bug50713-ca.pem';
30
31@unlink($signersFile);
32@unlink($outFile);
33@unlink($keyFile);
34@unlink($certFile);
35@unlink($cacertFile);
36?>
37--EXPECT--
38bool(true)
39bool(true)
40bool(true)
41