xref: /php-src/ext/openssl/tests/ecc.phpt (revision 0dadd661)
1--TEST--
2openssl_*() with OPENSSL_KEYTYPE_EC
3--EXTENSIONS--
4openssl
5--SKIPIF--
6<?php
7if (!defined("OPENSSL_KEYTYPE_EC")) die("skip EC disabled");
8?>
9--FILE--
10<?php
11$config =  __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf';
12$args = array(
13    "curve_name" => "secp384r1",
14    "private_key_type" => OPENSSL_KEYTYPE_EC,
15    "config" => $config,
16);
17echo "Testing openssl_pkey_new\n";
18$key1 = openssl_pkey_new($args);
19var_dump($key1);
20
21$argsFailed = array(
22    "curve_name" => "invalid_cuve_name",
23    "private_key_type" => OPENSSL_KEYTYPE_EC,
24    "config" => $config,
25);
26
27$keyFailed = openssl_pkey_new($argsFailed);
28var_dump($keyFailed);
29
30$d1 = openssl_pkey_get_details($key1);
31var_dump($d1["bits"]);
32var_dump(strlen($d1["key"]));
33var_dump($d1["ec"]["curve_name"]);
34var_dump($d1["type"] == OPENSSL_KEYTYPE_EC);
35
36$key2 = openssl_pkey_new($d1);
37var_dump($key2);
38
39$d2 = openssl_pkey_get_details($key2);
40// Compare array
41var_dump($d1 === $d2);
42
43// Check that the public key info is computed from the private key if it is missing.
44$d1_priv = $d1;
45unset($d1_priv["ec"]["x"]);
46unset($d1_priv["ec"]["y"]);
47
48$key3 = openssl_pkey_new($d1_priv);
49var_dump($key3);
50$d3 = openssl_pkey_get_details($key3);
51var_dump($d1 === $d3);
52
53$dn = array(
54    "countryName" => "BR",
55    "stateOrProvinceName" => "Rio Grande do Sul",
56    "localityName" => "Porto Alegre",
57    "commonName" => "Henrique do N. Angelo",
58    "emailAddress" => "hnangelo@php.net"
59);
60
61// openssl_csr_new creates a new public key pair if the key argument is null
62echo "Testing openssl_csr_new with key generation\n";
63$keyGenerate = null;
64var_dump($keyGenerate);
65$csr = openssl_csr_new($dn, $keyGenerate, $args);
66
67var_dump($keyGenerate);
68
69$args["digest_alg"] = "sha256";
70echo "Testing openssl_csr_new with existing ecc key\n";
71$csr = openssl_csr_new($dn, $key1, $args);
72var_dump($csr);
73
74$pubkey1 = openssl_pkey_get_details(openssl_csr_get_public_key($csr));
75var_dump(isset($pubkey1["ec"]["priv_key"]));
76unset($d1["ec"]["priv_key"]);
77$diff = array_diff($d1["ec"], $pubkey1["ec"]);
78var_dump(isset($diff["d"]) && is_string($diff["d"]) && strlen($diff["d"]) > 0);
79
80$x509 = openssl_csr_sign($csr, null, $key1, 365, $args);
81var_dump($x509);
82
83echo "Testing openssl_x509_check_private_key\n";
84var_dump(openssl_x509_check_private_key($x509, $key1));
85
86$key3 = openssl_pkey_new($args);
87var_dump(openssl_x509_check_private_key($x509, $key3));
88
89echo "Testing openssl_get_curve_names\n";
90$curve_names = openssl_get_curve_names();
91
92var_dump(is_array($curve_names));
93
94foreach ($curve_names as $curve_name) {
95    if ("secp384r1" === $curve_name) {
96        echo "Found secp384r1 in curve names\n";
97    }
98}
99?>
100--EXPECTF--
101Testing openssl_pkey_new
102object(OpenSSLAsymmetricKey)#1 (0) {
103}
104
105Warning: openssl_pkey_new(): Unknown elliptic curve (short) name invalid_cuve_name in %s on line %d
106bool(false)
107int(384)
108int(215)
109string(9) "secp384r1"
110bool(true)
111object(OpenSSLAsymmetricKey)#%d (0) {
112}
113bool(true)
114object(OpenSSLAsymmetricKey)#%d (0) {
115}
116bool(true)
117Testing openssl_csr_new with key generation
118NULL
119object(OpenSSLAsymmetricKey)#%d (0) {
120}
121Testing openssl_csr_new with existing ecc key
122object(OpenSSLCertificateSigningRequest)#%d (0) {
123}
124bool(false)
125bool(true)
126object(OpenSSLCertificate)#%d (0) {
127}
128Testing openssl_x509_check_private_key
129bool(true)
130bool(false)
131Testing openssl_get_curve_names
132bool(true)
133Found secp384r1 in curve names
134