diff options
| author | Henrique do Nascimento Angelo <hnangelo@php.net> | 2008-07-18 23:59:49 +0000 |
|---|---|---|
| committer | Henrique do Nascimento Angelo <hnangelo@php.net> | 2008-07-18 23:59:49 +0000 |
| commit | dfa9ff56244de0b1e74345ac08b534680307e4a1 (patch) | |
| tree | 597bd2ee2f16a77635535955ca20d1fc109011de /ext/openssl/openssl.c | |
| parent | 998bd9d485cbeaa0a82fb603457c0e25c782278b (diff) | |
| download | php-git-dfa9ff56244de0b1e74345ac08b534680307e4a1.tar.gz | |
Add unicode suport to ext/openssl
Diffstat (limited to 'ext/openssl/openssl.c')
| -rw-r--r-- | ext/openssl/openssl.c | 581 |
1 files changed, 404 insertions, 177 deletions
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c index 4d8c4a68ba..890186214f 100644 --- a/ext/openssl/openssl.c +++ b/ext/openssl/openssl.c @@ -545,7 +545,7 @@ static X509_REQ * php_openssl_csr_from_zval(zval ** val, int makeresource, long static EVP_PKEY * php_openssl_generate_private_key(struct php_x509_request * req TSRMLS_DC); -static void add_assoc_name_entry(zval * val, char * key, X509_NAME * name, int shortname TSRMLS_DC) /* {{{ */ +static void add_ascii_assoc_name_entry(zval * val, char * key, X509_NAME * name, int shortname TSRMLS_DC) /* {{{ */ { zval *subitem, *subentries; int i, j = -1, last = -1, obj_cnt = 0; @@ -619,7 +619,7 @@ static void add_assoc_name_entry(zval * val, char * key, X509_NAME * name, int s } /* }}} */ -static void add_assoc_asn1_string(zval * val, char * key, ASN1_STRING * str) /* {{{ */ +static void add_ascii_assoc_asn1_string(zval * val, char * key, ASN1_STRING * str) /* {{{ */ { unsigned char *data; int data_len; @@ -764,7 +764,8 @@ static int add_oid_section(struct php_x509_request * req TSRMLS_DC) /* {{{ */ req->config_filename, req->var, req->req_config TSRMLS_CC) == FAILURE) return FAILURE #define SET_OPTIONAL_STRING_ARG(key, varname, defval) \ - if (optional_args && zend_ascii_hash_find(Z_ARRVAL_P(optional_args), key, sizeof(key), (void**)&item) == SUCCESS) { \ + if (optional_args && (zend_hash_find(Z_ARRVAL_P(optional_args), key, sizeof(key), (void**)&item) == SUCCESS || \ + zend_ascii_hash_find(Z_ARRVAL_P(optional_args), key, sizeof(key), (void**)&item) == SUCCESS)) { \ convert_to_string_ex(item); \ varname = Z_STRVAL_PP(item); \ } else \ @@ -772,7 +773,8 @@ static int add_oid_section(struct php_x509_request * req TSRMLS_DC) /* {{{ */ #define SET_OPTIONAL_LONG_ARG(key, varname, defval) \ - if (optional_args && zend_ascii_hash_find(Z_ARRVAL_P(optional_args), key, sizeof(key), (void**)&item) == SUCCESS) \ + if (optional_args && (zend_hash_find(Z_ARRVAL_P(optional_args), key, sizeof(key), (void**)&item) == SUCCESS || \ + zend_ascii_hash_find(Z_ARRVAL_P(optional_args), key, sizeof(key), (void**)&item) == SUCCESS)) \ varname = Z_LVAL_PP(item); \ else \ varname = defval @@ -820,7 +822,8 @@ static int php_openssl_parse_config( SET_OPTIONAL_LONG_ARG("private_key_type", req->priv_key_type, OPENSSL_KEYTYPE_DEFAULT); - if (optional_args && zend_hash_find(Z_ARRVAL_P(optional_args), "encrypt_key", sizeof("encrypt_key"), (void**)&item) == SUCCESS) { + if (optional_args && (zend_ascii_hash_find(Z_ARRVAL_P(optional_args), "encrypt_key", sizeof("encrypt_key"), (void**)&item) == SUCCESS || + zend_hash_find(Z_ARRVAL_P(optional_args), "encrypt_key", sizeof("encrypt_key"), (void**)&item) == SUCCESS)) { req->priv_key_encrypt = Z_BVAL_PP(item); } else { str = CONF_get_string(req->req_config, req->section_name, "encrypt_rsa_key"); @@ -1140,6 +1143,9 @@ PHP_MSHUTDOWN_FUNCTION(openssl) static X509 * php_openssl_x509_from_zval(zval ** val, int makeresource, long * resourceval TSRMLS_DC) { X509 *cert = NULL; + char *filename = NULL; + int filename_len; + UChar *unicode_tmp; if (resourceval) { *resourceval = -1; @@ -1165,22 +1171,34 @@ static X509 * php_openssl_x509_from_zval(zval ** val, int makeresource, long * r return NULL; } - if (!(Z_TYPE_PP(val) == IS_STRING || Z_TYPE_PP(val) == IS_OBJECT)) { + if (!(Z_TYPE_PP(val) == IS_STRING || Z_TYPE_PP(val) == IS_UNICODE || Z_TYPE_PP(val) == IS_OBJECT)) { return NULL; } /* force it to be a string and check if it refers to a file */ - convert_to_string_ex(val); + if (Z_TYPE_PP(val) == IS_OBJECT) { + convert_to_string_ex(val); + } + + /* use u_memcp() if type is unicode */ + unicode_tmp = USTR_MAKE("file://"); + if (Z_STRLEN_PP(val) > 7 && (memcmp(Z_STRVAL_PP(val), "file://", sizeof("file://") - 1) == 0 || u_memcmp(Z_USTRVAL_PP(val), unicode_tmp, sizeof("file://") - 1) == 0)) { + if (php_stream_path_param_encode(val, &filename, &filename_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { + USTR_FREE(unicode_tmp); + return NULL; + } + filename += sizeof("file://") - 1; + } + USTR_FREE(unicode_tmp); - if (Z_STRLEN_PP(val) > 7 && memcmp(Z_STRVAL_PP(val), "file://", sizeof("file://") - 1) == 0) { - /* read cert from the named file */ + if (filename) { BIO *in; - if (php_check_open_basedir(Z_STRVAL_PP(val) + (sizeof("file://") - 1) TSRMLS_CC)) { + if (php_check_open_basedir(filename TSRMLS_CC)) { return NULL; } - in = BIO_new_file(Z_STRVAL_PP(val) + (sizeof("file://") - 1), "r"); + in = BIO_new_file(filename, "r"); if (in == NULL) { return NULL; } @@ -1189,14 +1207,19 @@ static X509 * php_openssl_x509_from_zval(zval ** val, int makeresource, long * r } else { BIO *in; + if (Z_TYPE_PP(val) == IS_UNICODE) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Binary string expected, Unicode string received"); + return NULL; + } + in = BIO_new_mem_buf(Z_STRVAL_PP(val), Z_STRLEN_PP(val)); if (in == NULL) { return NULL; } + cert = (X509 *) PEM_ASN1_read_bio((char *(*)())d2i_X509, PEM_STRING_X509, in, NULL, NULL, NULL); BIO_free(in); } - if (cert && makeresource && resourceval) { *resourceval = zend_list_insert(cert, le_x509); } @@ -1205,7 +1228,7 @@ static X509 * php_openssl_x509_from_zval(zval ** val, int makeresource, long * r /* }}} */ -/* {{{ proto bool openssl_x509_export_to_file(mixed x509, string outfilename [, bool notext = true]) +/* {{{ proto bool openssl_x509_export_to_file(mixed x509, string outfilename [, bool notext = true]) U Exports a CERT to file or a var */ PHP_FUNCTION(openssl_x509_export_to_file) { @@ -1214,10 +1237,12 @@ PHP_FUNCTION(openssl_x509_export_to_file) zend_bool notext = 1; BIO * bio_out; long certresource; + zval **ppfilename; char * filename; int filename_len; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Zs|b", &zcert, &filename, &filename_len, ¬ext) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ZZ|b", &zcert, &ppfilename, ¬ext) == FAILURE || + php_stream_path_param_encode(ppfilename, &filename, &filename_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { return; } RETVAL_FALSE; @@ -1250,7 +1275,7 @@ PHP_FUNCTION(openssl_x509_export_to_file) } /* }}} */ -/* {{{ proto bool openssl_x509_export(mixed x509, string &out [, bool notext = true]) +/* {{{ proto bool openssl_x509_export(mixed x509, string &out [, bool notext = true]) U Exports a CERT to file or a var */ PHP_FUNCTION(openssl_x509_export) { @@ -1292,7 +1317,7 @@ PHP_FUNCTION(openssl_x509_export) } /* }}} */ -/* {{{ proto bool openssl_x509_check_private_key(mixed cert, mixed key) +/* {{{ proto bool openssl_x509_check_private_key(mixed cert, mixed key) U Checks if a private key corresponds to a CERT */ PHP_FUNCTION(openssl_x509_check_private_key) { @@ -1324,7 +1349,7 @@ PHP_FUNCTION(openssl_x509_check_private_key) } /* }}} */ -/* {{{ proto array openssl_x509_parse(mixed x509 [, bool shortnames=true]) +/* {{{ proto array openssl_x509_parse(mixed x509 [, bool shortnames=true]) U Returns an array of the fields/values of the CERT */ PHP_FUNCTION(openssl_x509_parse) { @@ -1356,7 +1381,7 @@ PHP_FUNCTION(openssl_x509_parse) } /* add_ascii_assoc_bool(return_value, "valid", cert->valid); */ - add_assoc_name_entry(return_value, "subject", X509_get_subject_name(cert), useshortnames TSRMLS_CC); + add_ascii_assoc_name_entry(return_value, "subject", X509_get_subject_name(cert), useshortnames TSRMLS_CC); /* hash as used in CA directories to lookup cert by subject name */ { char buf[32]; @@ -1364,13 +1389,13 @@ PHP_FUNCTION(openssl_x509_parse) add_ascii_assoc_string(return_value, "hash", buf, 1); } - add_assoc_name_entry(return_value, "issuer", X509_get_issuer_name(cert), useshortnames TSRMLS_CC); + add_ascii_assoc_name_entry(return_value, "issuer", X509_get_issuer_name(cert), useshortnames TSRMLS_CC); add_ascii_assoc_long(return_value, "version", X509_get_version(cert)); add_ascii_assoc_string(return_value, "serialNumber", i2s_ASN1_INTEGER(NULL, X509_get_serialNumber(cert)), 1); - add_assoc_asn1_string(return_value, "validFrom", X509_get_notBefore(cert)); - add_assoc_asn1_string(return_value, "validTo", X509_get_notAfter(cert)); + add_ascii_assoc_asn1_string(return_value, "validFrom", X509_get_notBefore(cert)); + add_ascii_assoc_asn1_string(return_value, "validTo", X509_get_notAfter(cert)); add_ascii_assoc_long(return_value, "validFrom_time_t", asn1_time_to_time_t(X509_get_notBefore(cert) TSRMLS_CC)); add_ascii_assoc_long(return_value, "validTo_time_t", asn1_time_to_time_t(X509_get_notAfter(cert) TSRMLS_CC)); @@ -1432,7 +1457,7 @@ PHP_FUNCTION(openssl_x509_parse) BIO_get_mem_ptr(bio_out, &bio_buf); add_ascii_assoc_utf8_stringl(subitem, extname, bio_buf->data, bio_buf->length, 1); } else { - add_assoc_asn1_string(subitem, extname, X509_EXTENSION_get_data(extension)); + add_ascii_assoc_asn1_string(subitem, extname, X509_EXTENSION_get_data(extension)); } BIO_free(bio_out); } @@ -1523,7 +1548,7 @@ static int check_cert(X509_STORE *ctx, X509 *x, STACK_OF(X509) *untrustedchain, } /* }}} */ -/* {{{ proto int openssl_x509_checkpurpose(mixed x509cert, int purpose, array cainfo [, string untrustedfile]) +/* {{{ proto int openssl_x509_checkpurpose(mixed x509cert, int purpose [, array cainfo [, string untrustedfile]]) U Checks the CERT to see if it can be used for the purpose in purpose. cainfo holds information about trusted CAs */ PHP_FUNCTION(openssl_x509_checkpurpose) { @@ -1533,17 +1558,20 @@ PHP_FUNCTION(openssl_x509_checkpurpose) long certresource = -1; STACK_OF(X509) * untrustedchain = NULL; long purpose; + zval **ppuntrusted=NULL; char * untrusted = NULL; int untrusted_len; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Zl|a!s", &zcert, &purpose, &zcainfo, &untrusted, &untrusted_len) - == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Zl|a!Z", &zcert, &purpose, &zcainfo, &ppuntrusted) == FAILURE) { return; } RETVAL_LONG(-1); - if (untrusted) { + if (ppuntrusted) { + if (php_stream_path_param_encode(ppuntrusted, &untrusted, &untrusted_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { + return; + } untrustedchain = load_all_certs_from_file(untrusted); if (untrustedchain == NULL) { goto clean_exit; @@ -1595,29 +1623,34 @@ static X509_STORE * setup_verify(zval * calist TSRMLS_DC) for (;; zend_hash_move_forward_ex(HASH_OF(calist), &pos)) { zval ** item; struct stat sb; + char *caitem; + int caitem_len; if (zend_hash_get_current_data_ex(HASH_OF(calist), (void**)&item, &pos) == FAILURE) { break; } - convert_to_string_ex(item); + if (php_stream_path_param_encode(item, &caitem, &caitem_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { + continue; + } + /* convert_to_string_ex(item); */ - if (VCWD_STAT(Z_STRVAL_PP(item), &sb) == -1) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "unable to stat %s", Z_STRVAL_PP(item)); + if (VCWD_STAT(caitem, &sb) == -1) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "unable to stat %s", caitem); continue; } if ((sb.st_mode & S_IFREG) == S_IFREG) { file_lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()); - if (file_lookup == NULL || !X509_LOOKUP_load_file(file_lookup, Z_STRVAL_PP(item), X509_FILETYPE_PEM)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "error loading file %s", Z_STRVAL_PP(item)); + if (file_lookup == NULL || !X509_LOOKUP_load_file(file_lookup, caitem, X509_FILETYPE_PEM)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "error loading file %s", caitem); } else { nfiles++; } file_lookup = NULL; } else { dir_lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir()); - if (dir_lookup == NULL || !X509_LOOKUP_add_dir(dir_lookup, Z_STRVAL_PP(item), X509_FILETYPE_PEM)) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "error loading directory %s", Z_STRVAL_PP(item)); + if (dir_lookup == NULL || !X509_LOOKUP_add_dir(dir_lookup, caitem, X509_FILETYPE_PEM)) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "error loading directory %s", caitem); } else { ndirs++; } @@ -1641,7 +1674,7 @@ static X509_STORE * setup_verify(zval * calist TSRMLS_DC) } /* }}} */ -/* {{{ proto resource openssl_x509_read(mixed cert) +/* {{{ proto resource openssl_x509_read(mixed cert) U Reads X.509 certificates */ PHP_FUNCTION(openssl_x509_read) { @@ -1661,7 +1694,7 @@ PHP_FUNCTION(openssl_x509_read) } /* }}} */ -/* {{{ proto void openssl_x509_free(resource x509) +/* {{{ proto void openssl_x509_free(resource x509) U Frees X.509 certificates */ PHP_FUNCTION(openssl_x509_free) { @@ -1745,7 +1778,7 @@ static STACK_OF(X509) * php_array_to_X509_sk(zval ** zcerts TSRMLS_DC) /* {{{ */ } /* }}} */ -/* {{{ proto bool openssl_pkcs12_export_to_file(mixed x509, string filename, mixed priv_key, string pass[, array args]) +/* {{{ proto bool openssl_pkcs12_export_to_file(mixed x509, string filename, mixed priv_key, string pass[, array args]) U Creates and exports a PKCS to file */ PHP_FUNCTION(openssl_pkcs12_export_to_file) { @@ -1757,24 +1790,26 @@ PHP_FUNCTION(openssl_pkcs12_export_to_file) int filename_len; char * pass; int pass_len; - zval *zcert = NULL, *zpkey = NULL, *args = NULL; + zval **zcert = NULL, **zpkey = NULL, *args = NULL, **ppfilename; EVP_PKEY *priv_key = NULL; long certresource, keyresource; zval ** item; STACK_OF(X509) *ca = NULL; + int free_friendly=0; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "zszs|a", &zcert, &filename, &filename_len, &zpkey, &pass, &pass_len, &args) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ZZZs&|a", &zcert, &ppfilename, &zpkey, &pass, &pass_len, UG(ascii_conv), &args) == FAILURE || + php_stream_path_param_encode(ppfilename, &filename, &filename_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { return; } RETVAL_FALSE; - cert = php_openssl_x509_from_zval(&zcert, 0, &certresource TSRMLS_CC); + cert = php_openssl_x509_from_zval(zcert, 0, &certresource TSRMLS_CC); if (cert == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "cannot get cert from parameter 1"); return; } - priv_key = php_openssl_evp_from_zval(&zpkey, 0, "", 1, &keyresource TSRMLS_CC); + priv_key = php_openssl_evp_from_zval(zpkey, 0, "", 1, &keyresource TSRMLS_CC); if (priv_key == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "cannot get private key from parameter 3"); goto cleanup; @@ -1788,17 +1823,28 @@ PHP_FUNCTION(openssl_pkcs12_export_to_file) } /* parse extra config from args array, promote this to an extra function */ - if (args && zend_hash_find(Z_ARRVAL_P(args), "friendly_name", sizeof("friendly_name"), (void**)&item) == SUCCESS) { - friendly_name = Z_STRVAL_PP(item); - } + if (args) { + if (zend_ascii_hash_find(Z_ARRVAL_P(args), "friendly_name", sizeof("friendly_name"), (void**)&item) == SUCCESS || + zend_hash_find(Z_ARRVAL_P(args), "friendly_name", sizeof("friendly_name"), (void**)&item) == SUCCESS) { + if (Z_TYPE_PP(item) == IS_STRING) { + friendly_name = Z_STRVAL_PP(item); + } else if (Z_TYPE_PP(item) == IS_UNICODE) { + friendly_name = zend_unicode_to_ascii(Z_USTRVAL_PP(item), Z_USTRLEN_PP(item) TSRMLS_CC); + if (friendly_name) { + free_friendly = 1; + } + } + } /* certpbe (default RC2-40) keypbe (default 3DES) friendly_caname */ - if (args && zend_hash_find(Z_ARRVAL_P(args), "extracerts", sizeof("extracerts"), (void**)&item) == SUCCESS) { - ca = php_array_to_X509_sk(item TSRMLS_CC); + if (zend_ascii_hash_find(Z_ARRVAL_P(args), "extracerts", sizeof("extracerts"), (void**)&item) == SUCCESS || + zend_hash_find(Z_ARRVAL_P(args), "extracerts", sizeof("extracerts"), (void**)&item) == SUCCESS) { + ca = php_array_to_X509_sk(item TSRMLS_CC); + } } /* end parse extra config */ @@ -1825,6 +1871,9 @@ PHP_FUNCTION(openssl_pkcs12_export_to_file) cleanup: + if (free_friendly) { + efree(friendly_name); + } if (keyresource == -1 && priv_key) { EVP_PKEY_free(priv_key); } @@ -1834,14 +1883,14 @@ cleanup: } /* }}} */ -/* {{{ proto bool openssl_pkcs12_export(mixed x509, string &out, mixed priv_key, string pass[, array args]) +/* {{{ proto bool openssl_pkcs12_export(mixed x509, string &out, mixed priv_key, string pass[, array args]) U Creates and exports a PKCS12 to a var */ PHP_FUNCTION(openssl_pkcs12_export) { X509 * cert = NULL; BIO * bio_out; PKCS12 * p12 = NULL; - zval * zcert = NULL, *zout = NULL, *zpkey, *args = NULL; + zval ** zcert = NULL, *zout = NULL, **zpkey, *args = NULL; EVP_PKEY *priv_key = NULL; long certresource, keyresource; char * pass; @@ -1849,19 +1898,19 @@ PHP_FUNCTION(openssl_pkcs12_export) char * friendly_name = NULL; zval ** item; STACK_OF(X509) *ca = NULL; + int free_friendly=0; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "zzzs|a", &zcert, &zout, &zpkey, &pass, &pass_len, &args) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ZzZs&|a", &zcert, &zout, &zpkey, &pass, &pass_len, UG(ascii_conv), &args) == FAILURE) { return; } - RETVAL_FALSE; - cert = php_openssl_x509_from_zval(&zcert, 0, &certresource TSRMLS_CC); + cert = php_openssl_x509_from_zval(zcert, 0, &certresource TSRMLS_CC); if (cert == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "cannot get cert from parameter 1"); return; } - priv_key = php_openssl_evp_from_zval(&zpkey, 0, "", 1, &keyresource TSRMLS_CC); + priv_key = php_openssl_evp_from_zval(zpkey, 0, "", 1, &keyresource TSRMLS_CC); if (priv_key == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "cannot get private key from parameter 3"); goto cleanup; @@ -1872,12 +1921,23 @@ PHP_FUNCTION(openssl_pkcs12_export) } /* parse extra config from args array, promote this to an extra function */ - if (args && zend_hash_find(Z_ARRVAL_P(args), "friendly_name", sizeof("friendly_name"), (void**)&item) == SUCCESS) { - friendly_name = Z_STRVAL_PP(item); - } - - if (args && zend_hash_find(Z_ARRVAL_P(args), "extracerts", sizeof("extracerts"), (void**)&item) == SUCCESS) { - ca = php_array_to_X509_sk(item TSRMLS_CC); + if (args) { + if (zend_ascii_hash_find(Z_ARRVAL_P(args), "friendly_name", sizeof("friendly_name"), (void**)&item) == SUCCESS || + zend_hash_find(Z_ARRVAL_P(args), "friendly_name", sizeof("friendly_name"), (void**)&item) == SUCCESS) { + if (Z_TYPE_PP(item) == IS_STRING) { + friendly_name = Z_STRVAL_PP(item); + } else if (Z_TYPE_PP(item) == IS_UNICODE) { + friendly_name = zend_unicode_to_ascii(Z_USTRVAL_PP(item), Z_USTRLEN_PP(item) TSRMLS_CC); + free_friendly = 1; + if (!friendly_name) { + free_friendly = 0; + } + } + } + if (zend_ascii_hash_find(Z_ARRVAL_P(args), "extracerts", sizeof("extracerts"), (void**)&item) == SUCCESS || + zend_hash_find(Z_ARRVAL_P(args), "extracerts", sizeof("extracerts"), (void**)&item) == SUCCESS) { + ca = php_array_to_X509_sk(item TSRMLS_CC); + } } /* end parse extra config */ @@ -1899,7 +1959,9 @@ PHP_FUNCTION(openssl_pkcs12_export) php_sk_X509_free(ca); cleanup: - + if (free_friendly) { + efree(friendly_name); + } if (keyresource == -1 && priv_key) { EVP_PKEY_free(priv_key); } @@ -1909,7 +1971,7 @@ cleanup: } /* }}} */ -/* {{{ proto bool openssl_pkcs12_read(string PKCS12, array &certs, string pass) +/* {{{ proto bool openssl_pkcs12_read(string PKCS12, array &certs, string pass) U Parses a PKCS12 to an array */ PHP_FUNCTION(openssl_pkcs12_read) { @@ -1923,7 +1985,7 @@ PHP_FUNCTION(openssl_pkcs12_read) BIO * bio_in = NULL; int i; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szs", &zp12, &zp12_len, &zout, &pass, &pass_len) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Szs&", &zp12, &zp12_len, &zout, &pass, &pass_len, UG(ascii_conv)) == FAILURE) { return; } @@ -2202,7 +2264,9 @@ static X509_REQ * php_openssl_csr_from_zval(zval ** val, int makeresource, long { X509_REQ * csr = NULL; char * filename = NULL; + int filename_len; BIO * in; + UChar *unicode_tmp; if (resourceval) { *resourceval = -1; @@ -2219,19 +2283,30 @@ static X509_REQ * php_openssl_csr_from_zval(zval ** val, int makeresource, long return (X509_REQ*)what; } return NULL; - } else if (Z_TYPE_PP(val) != IS_STRING) { + } else if (Z_TYPE_PP(val) != IS_STRING && Z_TYPE_PP(val) != IS_UNICODE) { return NULL; } - if (Z_STRLEN_PP(val) > 7 && memcmp(Z_STRVAL_PP(val), "file://", sizeof("file://") - 1) == 0) { - filename = Z_STRVAL_PP(val) + (sizeof("file://") - 1); + unicode_tmp = USTR_MAKE("file://"); + if (Z_STRLEN_PP(val) > 7 && (memcmp(Z_STRVAL_PP(val), "file://", sizeof("file://") - 1) == 0 || u_memcmp(Z_USTRVAL_PP(val), unicode_tmp, sizeof("file://") - 1) == 0)) { + if (php_stream_path_param_encode(val, &filename, &filename_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { + USTR_FREE(unicode_tmp); + return NULL; + } + filename += sizeof("file://") - 1; } + USTR_FREE(unicode_tmp); + if (filename) { if (php_check_open_basedir(filename TSRMLS_CC)) { return NULL; } in = BIO_new_file(filename, "r"); } else { + if (Z_TYPE_PP(val) == IS_UNICODE) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Binary string expected, Unicode string received"); + return NULL; + } in = BIO_new_mem_buf(Z_STRVAL_PP(val), Z_STRLEN_PP(val)); } csr = PEM_read_bio_X509_REQ(in, NULL,NULL,NULL); @@ -2241,7 +2316,7 @@ static X509_REQ * php_openssl_csr_from_zval(zval ** val, int makeresource, long } /* }}} */ -/* {{{ proto bool openssl_csr_export_to_file(resource csr, string outfilename [, bool notext=true]) +/* {{{ proto bool openssl_csr_export_to_file(resource csr, string outfilename [, bool notext=true]) U Exports a CSR to file */ PHP_FUNCTION(openssl_csr_export_to_file) { @@ -2251,8 +2326,10 @@ PHP_FUNCTION(openssl_csr_export_to_file) char * filename = NULL; int filename_len; BIO * bio_out; long csr_resource; + zval **ppfilename; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs|b", &zcsr, &filename, &filename_len, ¬ext) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rZ|b", &zcsr, &ppfilename, ¬ext) == FAILURE || + php_stream_path_param_encode(ppfilename, &filename, &filename_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { return; } RETVAL_FALSE; @@ -2285,7 +2362,7 @@ PHP_FUNCTION(openssl_csr_export_to_file) } /* }}} */ -/* {{{ proto bool openssl_csr_export(resource csr, string &out [, bool notext=true]) +/* {{{ proto bool openssl_csr_export(resource csr, string &out [, bool notext=true]) U Exports a CSR to file or a var */ PHP_FUNCTION(openssl_csr_export) { @@ -2331,7 +2408,7 @@ PHP_FUNCTION(openssl_csr_export) } /* }}} */ -/* {{{ proto resource openssl_csr_sign(mixed csr, mixed x509, mixed priv_key, long days [, array config_args [, long serial]]) +/* {{{ proto resource openssl_csr_sign(mixed csr, mixed x509, mixed priv_key, long days [, array config_args [, long serial]]) U Signs a cert with another CERT */ PHP_FUNCTION(openssl_csr_sign) { @@ -2466,7 +2543,7 @@ cleanup: } /* }}} */ -/* {{{ proto bool openssl_csr_new(array dn, resource &privkey [, array configargs [, array extraattribs]]) +/* {{{ proto bool openssl_csr_new(array dn, resource &privkey [, array configargs [, array extraattribs]]) U Generates a privkey and CSR */ PHP_FUNCTION(openssl_csr_new) { @@ -2547,7 +2624,7 @@ PHP_FUNCTION(openssl_csr_new) } /* }}} */ -/* {{{ proto mixed openssl_csr_get_subject(mixed csr) +/* {{{ proto mixed openssl_csr_get_subject(mixed csr) U Returns the subject of a CERT or FALSE on error */ PHP_FUNCTION(openssl_csr_get_subject) { @@ -2570,12 +2647,12 @@ PHP_FUNCTION(openssl_csr_get_subject) subject = X509_REQ_get_subject_name(csr); array_init(return_value); - add_assoc_name_entry(return_value, NULL, subject, use_shortnames TSRMLS_CC); + add_ascii_assoc_name_entry(return_value, NULL, subject, use_shortnames TSRMLS_CC); return; } /* }}} */ -/* {{{ proto mixed openssl_csr_get_public_key(mixed csr) +/* {{{ proto mixed openssl_csr_get_public_key(mixed csr) U Returns the subject of a CERT or FALSE on error */ PHP_FUNCTION(openssl_csr_get_public_key) { @@ -2626,7 +2703,10 @@ static EVP_PKEY * php_openssl_evp_from_zval(zval ** val, int public_key, char * int free_cert = 0; long cert_res = -1; char * filename = NULL; + int filename_len; zval tmp; + UChar *unicode_tmp; + int free_phrase = 0; Z_TYPE(tmp) = IS_NULL; @@ -2651,6 +2731,13 @@ static EVP_PKEY * php_openssl_evp_from_zval(zval ** val, int public_key, char * if (Z_TYPE_PP(zphrase) == IS_STRING) { passphrase = Z_STRVAL_PP(zphrase); + } else if (Z_TYPE_PP(zphrase) == IS_UNICODE) { + passphrase = zend_unicode_to_ascii(Z_USTRVAL_PP(zphrase), Z_USTRLEN_PP(zphrase) TSRMLS_CC); + if (!passphrase) { + /* php_error_docref(NULL TSRMLS_CC, E_WARNING, "Binary or ASCII-Unicode string expected, non-ASCII-Unicode string received"); */ + return NULL; + } + free_phrase = 1; } else { tmp = **zphrase; zval_copy_ctor(&tmp); @@ -2713,11 +2800,27 @@ static EVP_PKEY * php_openssl_evp_from_zval(zval ** val, int public_key, char * if (!(Z_TYPE_PP(val) == IS_STRING || Z_TYPE_PP(val) == IS_UNICODE || Z_TYPE_PP(val) == IS_OBJECT)) { TMP_CLEAN; } - convert_to_string_ex(val); - if (Z_STRLEN_PP(val) > 7 && memcmp(Z_STRVAL_PP(val), "file://", sizeof("file://") - 1) == 0) { - filename = Z_STRVAL_PP(val) + (sizeof("file://") - 1); + if (Z_TYPE_PP(val) == IS_OBJECT) { + convert_to_string_ex(val); } + + /* use u_memcmp() if type is unicode */ + unicode_tmp = USTR_MAKE("file://"); + if (Z_STRLEN_PP(val) > 7 && (memcmp(Z_STRVAL_PP(val), "file://", sizeof("file://") - 1) == 0 || u_memcmp(Z_USTRVAL_PP(val), unicode_tmp, sizeof("file://") - 1) == 0)) { + if (php_stream_path_param_encode(val, &filename, &filename_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { + USTR_FREE(unicode_tmp); + return NULL; + } + filename += sizeof("file://") - 1; + } + USTR_FREE(unicode_tmp); + + if (Z_TYPE_PP(val) == IS_UNICODE && !filename) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Binary string expected, Unicode string received"); + return NULL; + } + /* it's an X509 file/cert of some kind, and we need to extract the data from that */ if (public_key) { cert = php_openssl_x509_from_zval(val, 0, &cert_res TSRMLS_CC); @@ -2758,6 +2861,10 @@ static EVP_PKEY * php_openssl_evp_from_zval(zval ** val, int public_key, char * } } + if (free_phrase) { + efree(passphrase); + } + if (public_key && cert && key == NULL) { /* extract public key from X509 cert */ key = (EVP_PKEY *) X509_get_pubkey(cert); @@ -2905,13 +3012,14 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey TSRMLS_DC) char *str = emalloc(len + 1); \ BN_bn2bin(pkey->pkey._type->_name, (unsigned char*)str); \ str[len] = 0; \ - add_assoc_stringl(_type, #_name, str, len, 0); \ + add_ascii_assoc_stringl(_type, #_name, str, len, 0); \ } \ } while (0) #define OPENSSL_PKEY_SET_BN(_ht, _type, _name) do { \ zval **bn; \ - if (zend_hash_find(_ht, #_name, sizeof(#_name), (void**)&bn) == SUCCESS && \ + if ((zend_ascii_hash_find(_ht, #_name, sizeof(#_name), (void**)&bn) == SUCCESS || \ + zend_hash_find(_ht, #_name, sizeof(#_name), (void**)&bn) == SUCCESS) && \ Z_TYPE_PP(bn) == IS_STRING) { \ _type->_name = BN_bin2bn( \ (unsigned char*)Z_STRVAL_PP(bn), \ @@ -2920,7 +3028,7 @@ static int php_openssl_is_private_key(EVP_PKEY* pkey TSRMLS_DC) } while (0); -/* {{{ proto resource openssl_pkey_new([array configargs]) +/* {{{ proto resource openssl_pkey_new([array configargs]) U Generates a new private key */ PHP_FUNCTION(openssl_pkey_new) { @@ -2936,8 +3044,8 @@ PHP_FUNCTION(openssl_pkey_new) if (args && Z_TYPE_P(args) == IS_ARRAY) { EVP_PKEY *pkey; - if (zend_hash_find(Z_ARRVAL_P(args), "rsa", sizeof("rsa"), (void**)&data) == SUCCESS && - Z_TYPE_PP(data) == IS_ARRAY) { + if ((zend_ascii_hash_find(Z_ARRVAL_P(args), "rsa", sizeof("rsa"), (void**)&data) == SUCCESS || + zend_hash_find(Z_ARRVAL_P(args), "rsa", sizeof("rsa"), (void**)&data) == SUCCESS) && Z_TYPE_PP(data) == IS_ARRAY) { pkey = EVP_PKEY_new(); if (pkey) { RSA *rsa = RSA_new(); @@ -2960,8 +3068,8 @@ PHP_FUNCTION(openssl_pkey_new) EVP_PKEY_free(pkey); } RETURN_FALSE; - } else if (zend_hash_find(Z_ARRVAL_P(args), "dsa", sizeof("dsa"), (void**)&data) == SUCCESS && - Z_TYPE_PP(data) == IS_ARRAY) { + } else if ((zend_ascii_hash_find(Z_ARRVAL_P(args), "dsa", sizeof("dsa"), (void**)&data) == SUCCESS || + zend_hash_find(Z_ARRVAL_P(args), "dsa", sizeof("dsa"), (void**)&data) == SUCCESS) && Z_TYPE_PP(data) == IS_ARRAY) { pkey = EVP_PKEY_new(); if (pkey) { DSA *dsa = DSA_new(); @@ -2984,8 +3092,8 @@ PHP_FUNCTION(openssl_pkey_new) EVP_PKEY_free(pkey); } RETURN_FALSE; - } else if (zend_hash_find(Z_ARRVAL_P(args), "dh", sizeof("dh"), (void**)&data) == SUCCESS && - Z_TYPE_PP(data) == IS_ARRAY) { + } else if ((zend_ascii_hash_find(Z_ARRVAL_P(args), "dh", sizeof("dh"), (void**)&data) == SUCCESS || + zend_hash_find(Z_ARRVAL_P(args), "dh", sizeof("dh"), (void**)&data) == SUCCESS) && Z_TYPE_PP(data) == IS_ARRAY) { pkey = EVP_PKEY_new(); if (pkey) { DH *dh = DH_new(); @@ -3025,20 +3133,22 @@ PHP_FUNCTION(openssl_pkey_new) } /* }}} */ -/* {{{ proto bool openssl_pkey_export_to_file(mixed key, string outfilename [, string passphrase, array config_args) +/* {{{ proto bool openssl_pkey_export_to_file(mixed key, string outfilename [, string passphrase [, array config_args]]) U Gets an exportable representation of a key into a file */ PHP_FUNCTION(openssl_pkey_export_to_file) { struct php_x509_request req; zval ** zpkey, * args = NULL; - char * passphrase = NULL; int passphrase_len = 0; + zval **ppfilename; + char *passphrase = NULL; int passphrase_len = 0; char * filename = NULL; int filename_len = 0; long key_resource = -1; EVP_PKEY * key; BIO * bio_out = NULL; const EVP_CIPHER * cipher; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Zs|s!a!", &zpkey, &filename, &filename_len, &passphrase, &passphrase_len, &args) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ZZ|s&!a!", &zpkey, &ppfilename, &passphrase, &passphrase_len, UG(ascii_conv), &args) == FAILURE || + php_stream_path_param_encode(ppfilename, &filename, &filename_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { return; } RETVAL_FALSE; @@ -3081,25 +3191,24 @@ PHP_FUNCTION(openssl_pkey_export_to_file) } /* }}} */ -/* {{{ proto bool openssl_pkey_export(mixed key, &mixed out [, string passphrase [, array config_args]]) +/* {{{ proto bool openssl_pkey_export(mixed key, &mixed out [, string passphrase [, array config_args]]) U Gets an exportable representation of a key into a string or file */ PHP_FUNCTION(openssl_pkey_export) { struct php_x509_request req; zval ** zpkey, * args = NULL, *out; - char * passphrase = NULL; int passphrase_len = 0; + char *passphrase=NULL; int passphrase_len = 0; long key_resource = -1; EVP_PKEY * key; BIO * bio_out = NULL; const EVP_CIPHER * cipher; - - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Zz|s!a!", &zpkey, &out, &passphrase, &passphrase_len, &args) == FAILURE) { + + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Zz|s&!a!", &zpkey, &out, &passphrase, &passphrase_len, UG(ascii_conv), &args) == FAILURE) { return; } RETVAL_FALSE; key = php_openssl_evp_from_zval(zpkey, 0, passphrase, 0, &key_resource TSRMLS_CC); - if (key == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "cannot get key from parameter 1"); RETURN_FALSE; @@ -3139,7 +3248,7 @@ PHP_FUNCTION(openssl_pkey_export) } /* }}} */ -/* {{{ proto int openssl_pkey_get_public(mixed cert) +/* {{{ proto int openssl_pkey_get_public(mixed cert) U Gets public key from X.509 certificate */ PHP_FUNCTION(openssl_pkey_get_public) { @@ -3158,7 +3267,7 @@ PHP_FUNCTION(openssl_pkey_get_public) } /* }}} */ -/* {{{ proto void openssl_pkey_free(int key) +/* {{{ proto void openssl_pkey_free(resource key) U Frees a key */ PHP_FUNCTION(openssl_pkey_free) { @@ -3173,16 +3282,16 @@ PHP_FUNCTION(openssl_pkey_free) } /* }}} */ -/* {{{ proto int openssl_pkey_get_private(string key [, string passphrase]) +/* {{{ proto int openssl_pkey_get_private(string key [, string passphrase]) U Gets private keys */ PHP_FUNCTION(openssl_pkey_get_private) { zval **cert; EVP_PKEY *pkey; - char * passphrase = ""; + char *passphrase = ""; int passphrase_len; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Z|s", &cert, &passphrase, &passphrase_len) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Z|s&", &cert, &passphrase, &passphrase_len, UG(ascii_conv)) == FAILURE) { return; } Z_TYPE_P(return_value) = IS_RESOURCE; @@ -3195,7 +3304,7 @@ PHP_FUNCTION(openssl_pkey_get_private) /* }}} */ -/* {{{ proto resource openssl_pkey_get_details(resource key) +/* {{{ proto resource openssl_pkey_get_details(resource key) U returns an array with the key details (bits, pkey, type)*/ PHP_FUNCTION(openssl_pkey_get_details) { @@ -3241,7 +3350,7 @@ PHP_FUNCTION(openssl_pkey_get_details) OPENSSL_PKEY_GET_BN(rsa, dmp1); OPENSSL_PKEY_GET_BN(rsa, dmq1); OPENSSL_PKEY_GET_BN(rsa, iqmp); - add_assoc_zval(return_value, "rsa", rsa); + add_ascii_assoc_zval(return_value, "rsa", rsa); } break; @@ -3261,7 +3370,7 @@ PHP_FUNCTION(openssl_pkey_get_details) OPENSSL_PKEY_GET_BN(dsa, g); OPENSSL_PKEY_GET_BN(dsa, priv_key); OPENSSL_PKEY_GET_BN(dsa, pub_key); - add_assoc_zval(return_value, "dsa", dsa); + add_ascii_assoc_zval(return_value, "dsa", dsa); } break; case EVP_PKEY_DH: @@ -3277,7 +3386,7 @@ PHP_FUNCTION(openssl_pkey_get_details) OPENSSL_PKEY_GET_BN(dh, g); OPENSSL_PKEY_GET_BN(dh, priv_key); OPENSSL_PKEY_GET_BN(dh, pub_key); - add_assoc_zval(return_value, "dh", dh); + add_ascii_assoc_zval(return_value, "dh", dh); } break; @@ -3300,7 +3409,7 @@ PHP_FUNCTION(openssl_pkey_get_details) /* {{{ PKCS7 S/MIME functions */ -/* {{{ proto bool openssl_pkcs7_verify(string filename, long flags [, string signerscerts [, array cainfo [, string extracerts [, string content]]]]) +/* {{{ proto bool openssl_pkcs7_verify(string filename, long flags [, string signerscerts [, array cainfo [, string extracerts [, string content]]]]) U Verifys that the data block is intact, the signer is who they say they are, and returns the CERTs of the signers */ PHP_FUNCTION(openssl_pkcs7_verify) { @@ -3311,20 +3420,26 @@ PHP_FUNCTION(openssl_pkcs7_verify) PKCS7 * p7 = NULL; BIO * in = NULL, * datain = NULL, * dataout = NULL; long flags = 0; + zval **ppfilename; char * filename; int filename_len; + zval **ppextracerts=NULL; char * extracerts = NULL; int extracerts_len; + zval **ppsignersfilename; char * signersfilename = NULL; int signersfilename_len; + zval **ppdatafilename=NULL; char * datafilename = NULL; int datafilename_len; RETVAL_LONG(-1); - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sl|sass", &filename, &filename_len, - &flags, &signersfilename, &signersfilename_len, &cainfo, - &extracerts, &extracerts_len, &datafilename, &datafilename_len) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Zl|ZaZZ", &ppfilename, &flags, &ppsignersfilename, &cainfo, &ppextracerts, &ppdatafilename) == FAILURE || + php_stream_path_param_encode(ppfilename, &filename, &filename_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { return; } - if (extracerts) { + if (ppextracerts) { + if (php_stream_path_param_encode(ppextracerts, &extracerts, &extracerts_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { + return; + } others = load_all_certs_from_file(extracerts); if (others == NULL) { goto clean_exit; @@ -3354,7 +3469,10 @@ PHP_FUNCTION(openssl_pkcs7_verify) goto clean_exit; } - if (datafilename) { + if (ppdatafilename) { + if (php_stream_path_param_encode(ppdatafilename, &datafilename, &datafilename_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { + return; + } if (php_check_open_basedir(datafilename TSRMLS_CC)) { goto clean_exit; @@ -3373,9 +3491,12 @@ PHP_FUNCTION(openssl_pkcs7_verify) RETVAL_TRUE; - if (signersfilename) { + if (ppsignersfilename) { BIO *certout; + if (php_stream_path_param_encode(ppsignersfilename, &signersfilename, &signersfilename_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { + return; + } if (php_check_open_basedir(signersfilename TSRMLS_CC)) { goto clean_exit; } @@ -3409,7 +3530,7 @@ clean_exit: } /* }}} */ -/* {{{ proto bool openssl_pkcs7_encrypt(string infile, string outfile, mixed recipcerts, array headers [, long flags [, long cipher]]) +/* {{{ proto bool openssl_pkcs7_encrypt(string infile, string outfile, mixed recipcerts, array headers [, long flags [, long cipher]]) U Encrypts the message in the file named infile with the certificates in recipcerts and output the result to the file named outfile */ PHP_FUNCTION(openssl_pkcs7_encrypt) { @@ -3426,15 +3547,21 @@ PHP_FUNCTION(openssl_pkcs7_encrypt) uint strindexlen; ulong intindex; zstr strindex; + zval **ppinfilename; char * infilename = NULL; int infilename_len; + zval **ppoutfilename; char * outfilename = NULL; int outfilename_len; RETVAL_FALSE; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssZa!|ll", &infilename, &infilename_len, - &outfilename, &outfilename_len, &zrecipcerts, &zheaders, &flags, &cipherid) == FAILURE) + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ZZZa!|ll", &ppinfilename, &ppoutfilename, &zrecipcerts, &zheaders, &flags, &cipherid) == FAILURE) { return; + } + if (php_stream_path_param_encode(ppinfilename, &infilename, &infilename_len, REPORT_ERRORS, FG(default_context)) == FAILURE || + php_stream_path_param_encode(ppoutfilename, &outfilename, &outfilename_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { + return; + } if (php_check_open_basedir(infilename TSRMLS_CC) || php_check_open_basedir(outfilename TSRMLS_CC)) { return; @@ -3511,17 +3638,51 @@ PHP_FUNCTION(openssl_pkcs7_encrypt) /* tack on extra headers */ if (zheaders) { + char *tmp; + int free_certval; + tmp = NULL; + zend_hash_internal_pointer_reset_ex(HASH_OF(zheaders), &hpos); while(zend_hash_get_current_data_ex(HASH_OF(zheaders), (void**)&zcertval, &hpos) == SUCCESS) { + zend_uchar type; strindex.s = NULL; - zend_hash_get_current_key_ex(HASH_OF(zheaders), &strindex, &strindexlen, &intindex, 0, &hpos); - - convert_to_string_ex(zcertval); + free_certval = 0; + type = zend_hash_get_current_key_ex(HASH_OF(zheaders), &strindex, &strindexlen, &intindex, 0, &hpos); + + if (Z_TYPE_PP(zcertval) == IS_UNICODE) { + tmp = zend_unicode_to_ascii(Z_USTRVAL_PP(zcertval), Z_USTRLEN_PP(zcertval) TSRMLS_CC); + if (!tmp) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Binary or ASCII-Unicode string expected, non-ASCII-Unicode string received. Skipping it."); + zend_hash_move_forward_ex(HASH_OF(zheaders), &hpos); + continue; + } + free_certval = 1; + } else { + convert_to_string_ex(zcertval); + tmp = Z_STRVAL_PP(zcertval); + } + if (type == IS_UNICODE) { + strindex.s = zend_unicode_to_ascii(strindex.u, strindexlen TSRMLS_CC); + if (!strindex.s) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Binary or ASCII-Unicode string expected, non-ASCII-Unicode string received. Skipping it."); + if (free_certval) { + efree(tmp); + } + zend_hash_move_forward_ex(HASH_OF(zheaders), &hpos); + continue; + } + } if (strindex.s) { - BIO_printf(outfile, "%s: %s\n", strindex.s, Z_STRVAL_PP(zcertval)); + BIO_printf(outfile, "%s: %s\n", strindex.s, tmp); + if (type == IS_UNICODE) { + efree(strindex.s); + } } else { - BIO_printf(outfile, "%s\n", Z_STRVAL_PP(zcertval)); + BIO_printf(outfile, "%s\n", tmp); + } + if (free_certval) { + efree(tmp); } zend_hash_move_forward_ex(HASH_OF(zheaders), &hpos); @@ -3545,7 +3706,7 @@ clean_exit: } /* }}} */ -/* {{{ proto bool openssl_pkcs7_sign(string infile, string outfile, mixed signcert, mixed signkey, array headers [, long flags [, string extracertsfilename]]) +/* {{{ proto bool openssl_pkcs7_sign(string infile, string outfile, mixed signcert, mixed signkey, array headers [, long flags [, string extracertsfilename]]) U Signs the MIME message in the file named infile with signcert/signkey and output the result to file name outfile. headers lists plain text headers to exclude from the signed portion of the message, and should include to, from and subject as a minimum */ PHP_FUNCTION(openssl_pkcs7_sign) @@ -3563,20 +3724,26 @@ PHP_FUNCTION(openssl_pkcs7_sign) uint strindexlen; HashPosition hpos; zstr strindex; + zval **ppinfilename, **ppoutfilename, **ppextracertsfilename=NULL; char * infilename; int infilename_len; char * outfilename; int outfilename_len; - char * extracertsfilename = NULL; int extracertsfilename_len; + char * extracertsfilename; int extracertsfilename_len; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssZZa!|ls", - &infilename, &infilename_len, &outfilename, &outfilename_len, - &zcert, &zprivkey, &zheaders, &flags, &extracertsfilename, - &extracertsfilename_len) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ZZZZa!|ls", &ppinfilename, + &ppoutfilename, &zcert, &zprivkey, &zheaders, &flags, &ppextracertsfilename) == FAILURE) { return; } - RETVAL_FALSE; - if (extracertsfilename) { + if (php_stream_path_param_encode(ppinfilename, &infilename, &infilename_len, REPORT_ERRORS, FG(default_context)) == FAILURE || + php_stream_path_param_encode(ppoutfilename, &outfilename, &outfilename_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { + return; + } + + if (ppextracertsfilename) { + if (php_stream_path_param_encode(ppextracertsfilename, &extracertsfilename, &extracertsfilename_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { + return; + } others = load_all_certs_from_file(extracertsfilename); if (others == NULL) { goto clean_exit; @@ -3621,17 +3788,52 @@ PHP_FUNCTION(openssl_pkcs7_sign) /* tack on extra headers */ if (zheaders) { + char *tmp; + int free_certval; + tmp = NULL; + zend_hash_internal_pointer_reset_ex(HASH_OF(zheaders), &hpos); while(zend_hash_get_current_data_ex(HASH_OF(zheaders), (void**)&hval, &hpos) == SUCCESS) { + zend_uchar type; strindex.s = NULL; - zend_hash_get_current_key_ex(HASH_OF(zheaders), &strindex, &strindexlen, &intindex, 0, &hpos); - - convert_to_string_ex(hval); + free_certval = 0; + type = zend_hash_get_current_key_ex(HASH_OF(zheaders), &strindex, &strindexlen, &intindex, 0, &hpos); + + if (Z_TYPE_PP(hval) == IS_UNICODE) { + tmp = zend_unicode_to_ascii(Z_USTRVAL_PP(hval), Z_USTRLEN_PP(hval) TSRMLS_CC); + if (!tmp) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Binary or ASCII-Unicode string expected, non-ASCII-Unicode string received. Skipping it."); + zend_hash_move_forward_ex(HASH_OF(zheaders), &hpos); + continue; + } + free_certval = 1; + } else { + convert_to_string_ex(hval); + tmp = Z_STRVAL_PP(hval); + } + if (type == IS_UNICODE) { + strindex.s = zend_unicode_to_ascii(strindex.u, strindexlen TSRMLS_CC); + if (!strindex.s) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Binary or ASCII-Unicode string expected, non-ASCII-Unicode string received. Skipping it."); + if (free_certval) { + efree(tmp); + } + zend_hash_move_forward_ex(HASH_OF(zheaders), &hpos); + continue; + } + } + if (strindex.s) { - BIO_printf(outfile, "%s: %s\n", strindex.s, Z_STRVAL_PP(hval)); + BIO_printf(outfile, "%s: %s\n", strindex.s, tmp); + if (type == IS_UNICODE) { + efree(strindex.s); + } } else { - BIO_printf(outfile, "%s\n", Z_STRVAL_PP(hval)); + BIO_printf(outfile, "%s\n", tmp); + } + if (free_certval) { + efree(tmp); } zend_hash_move_forward_ex(HASH_OF(zheaders), &hpos); } @@ -3657,7 +3859,7 @@ clean_exit: } /* }}} */ -/* {{{ proto bool openssl_pkcs7_decrypt(string infilename, string outfilename, mixed recipcert [, mixed recipkey]) +/* {{{ proto bool openssl_pkcs7_decrypt(string infilename, string outfilename, mixed recipcert [, mixed recipkey]) U Decrypts the S/MIME message in the file name infilename and output the results to the file name outfilename. recipcert is a CERT for one of the recipients. recipkey specifies the private key matching recipcert, if recipcert does not include the key */ PHP_FUNCTION(openssl_pkcs7_decrypt) @@ -3668,16 +3870,21 @@ PHP_FUNCTION(openssl_pkcs7_decrypt) long certresval, keyresval; BIO * in = NULL, * out = NULL, * datain = NULL; PKCS7 * p7 = NULL; + zval **ppinfilename, **ppoutfilename; char * infilename; int infilename_len; char * outfilename; int outfilename_len; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssZ|Z", &infilename, &infilename_len, - &outfilename, &outfilename_len, &recipcert, &recipkey) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ZZZ|Z", &ppinfilename, + &ppoutfilename, &recipcert, &recipkey) == FAILURE) { return; } - RETVAL_FALSE; + if (php_stream_path_param_encode(ppinfilename, &infilename, &infilename_len, REPORT_ERRORS, FG(default_context)) == FAILURE || + php_stream_path_param_encode(ppoutfilename, &outfilename, &outfilename_len, REPORT_ERRORS, FG(default_context)) == FAILURE) { + return; + } + cert = php_openssl_x509_from_zval(recipcert, 0, &certresval TSRMLS_CC); if (cert == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "unable to coerce parameter 3 to x509 cert"); @@ -3727,7 +3934,7 @@ clean_exit: /* }}} */ -/* {{{ proto bool openssl_private_encrypt(string data, string &crypted, mixed key [, int padding]) +/* {{{ proto bool openssl_private_encrypt(string data, string &crypted, mixed key [, int padding]) U Encrypts data with private key */ PHP_FUNCTION(openssl_private_encrypt) { @@ -3737,17 +3944,16 @@ PHP_FUNCTION(openssl_private_encrypt) unsigned char *cryptedbuf = NULL; int successful = 0; long keyresource = -1; - char * data; + char *data; int data_len; long padding = RSA_PKCS1_PADDING; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szZ|l", &data, &data_len, &crypted, &key, &padding) == FAILURE) { - return; + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "SzZ|l", &data, &data_len, &crypted, &key, &padding) == FAILURE) { + RETURN_FALSE; } RETVAL_FALSE; pkey = php_openssl_evp_from_zval(key, 0, "", 0, &keyresource TSRMLS_CC); - if (pkey == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "key param is not a valid private key"); RETURN_FALSE; @@ -3785,7 +3991,7 @@ PHP_FUNCTION(openssl_private_encrypt) } /* }}} */ -/* {{{ proto bool openssl_private_decrypt(string data, string &decrypted, mixed key [, int padding]) +/* {{{ proto bool openssl_private_decrypt(string data, string &decrypted, mixed key [, int padding]) U Decrypts data with private key */ PHP_FUNCTION(openssl_private_decrypt) { @@ -3800,8 +4006,8 @@ PHP_FUNCTION(openssl_private_decrypt) char * data; int data_len; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szZ|l", &data, &data_len, &crypted, &key, &padding) == FAILURE) { - return; + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "SzZ|l", &data, &data_len, &crypted, &key, &padding) == FAILURE) { + RETURN_FALSE; } RETVAL_FALSE; @@ -3851,7 +4057,7 @@ PHP_FUNCTION(openssl_private_decrypt) } /* }}} */ -/* {{{ proto bool openssl_public_encrypt(string data, string &crypted, mixed key [, int padding]) +/* {{{ proto bool openssl_public_encrypt(string data, string &crypted, mixed key [, int padding]) U Encrypts data with public key */ PHP_FUNCTION(openssl_public_encrypt) { @@ -3862,14 +4068,14 @@ PHP_FUNCTION(openssl_public_encrypt) int successful = 0; long keyresource = -1; long padding = RSA_PKCS1_PADDING; - char * data; + char *data; int data_len; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szZ|l", &data, &data_len, &crypted, &key, &padding) == FAILURE) + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "SzZ|l", &data, &data_len, &crypted, &key, &padding) == FAILURE) { return; - + } RETVAL_FALSE; - + pkey = php_openssl_evp_from_zval(key, 1, NULL, 0, &keyresource TSRMLS_CC); if (pkey == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "key parameter is not a valid public key"); @@ -3909,7 +4115,7 @@ PHP_FUNCTION(openssl_public_encrypt) } /* }}} */ -/* {{{ proto bool openssl_public_decrypt(string data, string &crypted, resource key [, int padding]) +/* {{{ proto bool openssl_public_decrypt(string data, string &crypted, resource key [, int padding]) U Decrypts data with public key */ PHP_FUNCTION(openssl_public_decrypt) { @@ -3924,8 +4130,8 @@ PHP_FUNCTION(openssl_public_decrypt) char * data; int data_len; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szZ|l", &data, &data_len, &crypted, &key, &padding) == FAILURE) { - return; + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "SzZ|l", &data, &data_len, &crypted, &key, &padding) == FAILURE) { + RETURN_FALSE; } RETVAL_FALSE; @@ -3977,7 +4183,7 @@ PHP_FUNCTION(openssl_public_decrypt) } /* }}} */ -/* {{{ proto mixed openssl_error_string(void) +/* {{{ proto mixed openssl_error_string(void) U Returns a description of the last error, and alters the index of the error messages. Returns false when the are no more messages */ PHP_FUNCTION(openssl_error_string) { @@ -3990,14 +4196,14 @@ PHP_FUNCTION(openssl_error_string) val = ERR_get_error(); if (val) { - RETURN_STRING(ERR_error_string(val, buf), 1); + RETURN_ASCII_STRING(ERR_error_string(val, buf), 1); } else { RETURN_FALSE; } } /* }}} */ -/* {{{ proto bool openssl_sign(string data, &string signature, mixed key[, mixed method]) +/* {{{ proto bool openssl_sign(string data, &string signature, mixed key[, mixed method]) U Signs data */ PHP_FUNCTION(openssl_sign) { @@ -4006,16 +4212,17 @@ PHP_FUNCTION(openssl_sign) int siglen; unsigned char *sigbuf; long keyresource = -1; - char * data; + char *data; int data_len; EVP_MD_CTX md_ctx; zval *method = NULL; long signature_algo = OPENSSL_ALGO_SHA1; const EVP_MD *mdtype; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szZ|z", &data, &data_len, &signature, &key, &method) == FAILURE) { - return; + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "SzZ|z", &data, &data_len, &signature, &key, &method) == FAILURE) { + RETURN_FALSE; } + pkey = php_openssl_evp_from_zval(key, 0, "", 0, &keyresource TSRMLS_CC); if (pkey == NULL) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "supplied key param cannot be coerced into a private key"); @@ -4029,6 +4236,14 @@ PHP_FUNCTION(openssl_sign) mdtype = php_openssl_get_evp_md_from_algo(signature_algo); } else if (Z_TYPE_P(method) == IS_STRING) { mdtype = EVP_get_digestbyname(Z_STRVAL_P(method)); + } else if (Z_TYPE_P(method) == IS_UNICODE) { + char *tmp; + tmp = zend_unicode_to_ascii(Z_USTRVAL_P(method), Z_USTRLEN_P(method) TSRMLS_CC); + if (!tmp) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Binary or ASCII-Unicode string expected, non-ASCII-Unicode string received. Unknown signature algorithm."); + } + mdtype = EVP_get_digestbyname(tmp); + efree(tmp); } else { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm."); RETURN_FALSE; @@ -4059,7 +4274,7 @@ PHP_FUNCTION(openssl_sign) } /* }}} */ -/* {{{ proto int openssl_verify(string data, string signature, mixed key[, mixed method]) +/* {{{ proto int openssl_verify(string data, string signature, mixed key[, mixed method]) U Verifys data */ PHP_FUNCTION(openssl_verify) { @@ -4069,13 +4284,13 @@ PHP_FUNCTION(openssl_verify) EVP_MD_CTX md_ctx; const EVP_MD *mdtype; long keyresource = -1; - char * data; int data_len; + char *data; int data_len; char * signature; int signature_len; zval *method = NULL; long signature_algo = OPENSSL_ALGO_SHA1; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssZ|z", &data, &data_len, &signature, &signature_len, &key, &method) == FAILURE) { - return; + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "SSZ|z", &data, &data_len, &signature, &signature_len, &key, &method) == FAILURE) { + RETURN_FALSE; } if (method == NULL || Z_TYPE_P(method) == IS_LONG) { @@ -4085,6 +4300,15 @@ PHP_FUNCTION(openssl_verify) mdtype = php_openssl_get_evp_md_from_algo(signature_algo); } else if (Z_TYPE_P(method) == IS_STRING) { mdtype = EVP_get_digestbyname(Z_STRVAL_P(method)); + } else if (Z_TYPE_P(method) == IS_UNICODE) { + char *tmp; + tmp = zend_unicode_to_ascii(Z_USTRVAL_P(method), Z_USTRLEN_P(method) TSRMLS_CC); + if (!tmp) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Binary or ASCII-Unicode string expected, non-ASCII-Unicode string received. Unknown signature algorithm."); + RETURN_FALSE; + } + mdtype = EVP_get_digestbyname(tmp); + efree(tmp); } else { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm."); RETURN_FALSE; @@ -4112,7 +4336,7 @@ PHP_FUNCTION(openssl_verify) } /* }}} */ -/* {{{ proto int openssl_seal(string data, &string sealdata, &array ekeys, array pubkeys) +/* {{{ proto int openssl_seal(string data, &string sealdata, &array ekeys, array pubkeys[, string method]) U Seals data */ PHP_FUNCTION(openssl_seal) { @@ -4123,13 +4347,13 @@ PHP_FUNCTION(openssl_seal) long * key_resources; /* so we know what to cleanup */ int i, len1, len2, *eksl, nkeys; unsigned char *buf = NULL, **eks; - char * data; int data_len; + char *data; int data_len; char *method =NULL; int method_len; const EVP_CIPHER *cipher; EVP_CIPHER_CTX ctx; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szza/|s", &data, &data_len, &sealdata, &ekeys, &pubkeys, &method, &method_len) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Szza/|s&", &data, &data_len, &sealdata, &ekeys, &pubkeys, &method, &method_len, UG(ascii_conv)) == FAILURE) { return; } @@ -4238,7 +4462,7 @@ clean_exit: } /* }}} */ -/* {{{ proto bool openssl_open(string data, &string opendata, string ekey, mixed privkey) +/* {{{ proto bool openssl_open(string data, &string opendata, string ekey, mixed privkey[, string method]) U Opens data */ PHP_FUNCTION(openssl_open) { @@ -4254,7 +4478,7 @@ PHP_FUNCTION(openssl_open) int method_len; const EVP_CIPHER *cipher; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szsZ|s", &data, &data_len, &opendata, &ekey, &ekey_len, &privkey, &method, &method_len) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "SzSZ|s&", &data, &data_len, &opendata, &ekey, &ekey_len, &privkey, &method, &method_len, UG(ascii_conv)) == FAILURE) { return; } @@ -4528,19 +4752,21 @@ SSL *php_SSL_new_from_context(SSL_CTX *ctx, php_stream *stream TSRMLS_DC) /* {{{ static void openssl_add_method_or_alias(const OBJ_NAME *name, void *arg) /* {{{ */ { - add_next_index_string((zval*)arg, (char*)name->name, 1); + TSRMLS_FETCH(); + add_next_index_ascii_string((zval*)arg, (char*)name->name, 1); } /* }}} */ static void openssl_add_method(const OBJ_NAME *name, void *arg) /* {{{ */ { + TSRMLS_FETCH(); if (name->alias == 0) { - add_next_index_string((zval*)arg, (char*)name->name, 1); + add_next_index_ascii_string((zval*)arg, (char*)name->name, 1); } } /* }}} */ -/* {{{ proto array openssl_get_md_methods([bool aliases = false]) +/* {{{ proto array openssl_get_md_methods([bool aliases = false]) U Return array of available digest methods */ PHP_FUNCTION(openssl_get_md_methods) { @@ -4556,7 +4782,7 @@ PHP_FUNCTION(openssl_get_md_methods) } /* }}} */ -/* {{{ proto array openssl_get_cipher_methods([bool aliases = false]) +/* {{{ proto array openssl_get_cipher_methods([bool aliases = false]) U Return array of available cipher methods */ PHP_FUNCTION(openssl_get_cipher_methods) { @@ -4572,27 +4798,28 @@ PHP_FUNCTION(openssl_get_cipher_methods) } /* }}} */ -/* {{{ proto string openssl_digest(string data, string method [, bool raw_output=false]) +/* {{{ proto string openssl_digest(string data, string method [, bool raw_output=false]) U Computes digest hash value for given data using given method, returns raw or binhex encoded string */ PHP_FUNCTION(openssl_digest) { zend_bool raw_output = 0; - char *data, *method; + char *data; + char *method; int data_len, method_len; const EVP_MD *mdtype; EVP_MD_CTX md_ctx; int siglen; unsigned char *sigbuf; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ss|b", &data, &data_len, &method, &method_len, &raw_output) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Ss&|b", &data, &data_len, &method, &method_len, UG(ascii_conv), &raw_output) == FAILURE) { return; } + mdtype = EVP_get_digestbyname(method); if (!mdtype) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unknown signature algorithm"); RETURN_FALSE; } - siglen = EVP_MD_size(mdtype); sigbuf = emalloc(siglen + 1); @@ -4617,7 +4844,7 @@ PHP_FUNCTION(openssl_digest) } /* }}} */ -/* {{{ proto string openssl_encrypt(string data, string method, string password [, bool raw_output=false]) +/* {{{ proto string openssl_encrypt(string data, string method, string password [, bool raw_output=false]) U Encrypts given data with given method and key, returns raw or base64 encoded string */ PHP_FUNCTION(openssl_encrypt) { @@ -4629,7 +4856,7 @@ PHP_FUNCTION(openssl_encrypt) int i, outlen, keylen, ivlen; unsigned char *outbuf, *key, *iv; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sss|b", &data, &data_len, &method, &method_len, &password, &password_len, &raw_output) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Ss&s&|b", &data, &data_len, &method, &method_len, UG(ascii_conv), &password, &password_len, UG(ascii_conv), &raw_output) == FAILURE) { return; } cipher_type = EVP_get_cipherbyname(method); @@ -4681,7 +4908,7 @@ PHP_FUNCTION(openssl_encrypt) } /* }}} */ -/* {{{ proto string openssl_decrypt(string data, string method, string password [, bool raw_input=false]) +/* {{{ proto string openssl_decrypt(string data, string method, string password [, bool raw_input=false]) U Takes raw or base64 encoded string and dectupt it using given method and key */ PHP_FUNCTION(openssl_decrypt) { @@ -4695,7 +4922,7 @@ PHP_FUNCTION(openssl_decrypt) int base64_str_len; char *base64_str = NULL; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sss|b", &data, &data_len, &method, &method_len, &password, &password_len, &raw_input) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Ss&s&|b", &data, &data_len, &method, &method_len, UG(ascii_conv), &password, &password_len, UG(ascii_conv), &raw_input) == FAILURE) { return; } @@ -4754,7 +4981,7 @@ PHP_FUNCTION(openssl_decrypt) /* }}} */ -/* {{{ proto string openssl_dh_compute_key(string pub_key, resource dh_key) +/* {{{ proto string openssl_dh_compute_key(string pub_key, resource dh_key) U Computes shared sicret for public value of remote DH key and local DH key */ PHP_FUNCTION(openssl_dh_compute_key) { @@ -4766,7 +4993,7 @@ PHP_FUNCTION(openssl_dh_compute_key) char *data; int len; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sr", &pub_str, &pub_len, &key) == FAILURE) { + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "Sr", &pub_str, &pub_len, &key) == FAILURE) { return; } ZEND_FETCH_RESOURCE(pkey, EVP_PKEY *, &key, -1, "OpenSSL key", le_key); |