xref: /PHP-8.2/ext/openssl/tests/ecc.phpt (revision ce572213) 
1--TEST--
2openssl_*() with OPENSSL_KEYTYPE_EC
3--EXTENSIONS--
4openssl
5--SKIPIF--
6<?php
7if (!defined("OPENSSL_KEYTYPE_EC")) die("skip EC disabled");
8?>
9--FILE--
10<?php
11$config =  __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf';
12$args = array(
13    "curve_name" => "secp384r1",
14    "private_key_type" => OPENSSL_KEYTYPE_EC,
15    "config" => $config,
16);
17echo "Testing openssl_pkey_new\n";
18$key1 = openssl_pkey_new($args);
19var_dump($key1);
20
21$argsFailed = array(
22    "curve_name" => "invalid_cuve_name",
23    "private_key_type" => OPENSSL_KEYTYPE_EC,
24    "config" => $config,
25);
26
27$keyFailed = openssl_pkey_new($argsFailed);
28var_dump($keyFailed);
29
30$d1 = openssl_pkey_get_details($key1);
31var_dump($d1["bits"]);
32var_dump(strlen($d1["key"]));
33var_dump($d1["ec"]["curve_name"]);
34var_dump($d1["type"] == OPENSSL_KEYTYPE_EC);
35
36$key2 = openssl_pkey_new($d1);
37var_dump($key2);
38
39$d2 = openssl_pkey_get_details($key2);
40// Compare array
41var_dump($d1 === $d2);
42
43// Check that the public key info is computed from the private key if it is missing.
44$d1_priv = $d1;
45unset($d1_priv["ec"]["x"]);
46unset($d1_priv["ec"]["y"]);
47
48$key3 = openssl_pkey_new($d1_priv);
49var_dump($key3);
50$d3 = openssl_pkey_get_details($key3);
51var_dump($d1 === $d3);
52
53$dn = array(
54    "countryName" => "BR",
55    "stateOrProvinceName" => "Rio Grande do Sul",
56    "localityName" => "Porto Alegre",
57    "commonName" => "Henrique do N. Angelo",
58    "emailAddress" => "hnangelo@php.net"
59);
60
61// openssl_csr_new creates a new public key pair if the key argument is null
62echo "Testing openssl_csr_new with key generation\n";
63$keyGenerate = null;
64var_dump($keyGenerate);
65$csr = openssl_csr_new($dn, $keyGenerate, $args);
66
67var_dump($keyGenerate);
68
69$args["digest_alg"] = "sha256";
70echo "Testing openssl_csr_new with existing ecc key\n";
71$csr = openssl_csr_new($dn, $key1, $args);
72var_dump($csr);
73
74$pubkey1 = openssl_pkey_get_details(openssl_csr_get_public_key($csr));
75var_dump(isset($pubkey1["ec"]["priv_key"]));
76unset($d1["ec"]["priv_key"]);
77var_dump(array_diff($d1["ec"], $pubkey1["ec"]));
78
79$x509 = openssl_csr_sign($csr, null, $key1, 365, $args);
80var_dump($x509);
81
82echo "Testing openssl_x509_check_private_key\n";
83var_dump(openssl_x509_check_private_key($x509, $key1));
84
85$key3 = openssl_pkey_new($args);
86var_dump(openssl_x509_check_private_key($x509, $key3));
87
88echo "Testing openssl_get_curve_names\n";
89$curve_names = openssl_get_curve_names();
90
91var_dump(is_array($curve_names));
92
93foreach ($curve_names as $curve_name) {
94    if ("secp384r1" === $curve_name) {
95        echo "Found secp384r1 in curve names\n";
96    }
97}
98?>
99--EXPECTF--
100Testing openssl_pkey_new
101object(OpenSSLAsymmetricKey)#1 (0) {
102}
103
104Warning: openssl_pkey_new(): Unknown elliptic curve (short) name invalid_cuve_name in %s on line %d
105bool(false)
106int(384)
107int(215)
108string(9) "secp384r1"
109bool(true)
110object(OpenSSLAsymmetricKey)#%d (0) {
111}
112bool(true)
113object(OpenSSLAsymmetricKey)#%d (0) {
114}
115bool(true)
116Testing openssl_csr_new with key generation
117NULL
118object(OpenSSLAsymmetricKey)#%d (0) {
119}
120Testing openssl_csr_new with existing ecc key
121object(OpenSSLCertificateSigningRequest)#%d (0) {
122}
123bool(false)
124array(1) {
125  ["d"]=>
126  string(%d) "%a"
127}
128object(OpenSSLCertificate)#%d (0) {
129}
130Testing openssl_x509_check_private_key
131bool(true)
132bool(false)
133Testing openssl_get_curve_names
134bool(true)
135Found secp384r1 in curve names
136