Skip to content

Commit c39336d

Browse files
bukkabukka
committed
Fix bug #55259 (openssl extension does not get the DH parameters from DH key resource)
1 parent e5adf2b commit c39336d

File tree

2 files changed

+33
-7
lines changed

2 files changed

+33
-7
lines changed

ext/openssl/openssl.c

Lines changed: 4 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -3597,13 +3597,10 @@ PHP_FUNCTION(openssl_pkey_new)
35973597
OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, g);
35983598
OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, priv_key);
35993599
OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, pub_key);
3600-
if (dh->p && dh->g) {
3601-
if (!dh->pub_key) {
3602-
DH_generate_key(dh);
3603-
}
3604-
if (EVP_PKEY_assign_DH(pkey, dh)) {
3605-
RETURN_RESOURCE(zend_list_insert(pkey, le_key TSRMLS_CC));
3606-
}
3600+
if (dh->p && dh->g &&
3601+
(dh->pub_key || DH_generate_key(dh)) &&
3602+
EVP_PKEY_assign_DH(pkey, dh)) {
3603+
RETURN_RESOURCE(zend_list_insert(pkey, le_key TSRMLS_CC));
36073604
}
36083605
DH_free(dh);
36093606
}

ext/openssl/tests/bug55259.phpt

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
--TEST--
2+
Bug #55259 (openssl extension does not get the DH parameters from DH key resource)
3+
--SKIPIF--
4+
<?php if (!extension_loaded("openssl")) die("skip"); ?>
5+
--FILE--
6+
<?php
7+
8+
$phex = 'dcf93a0b883972ec0e19989ac5a2ce310e1d37717e8d9571bb7623731866e61e' .
9+
'f75a2e27898b057f9891c2e27a639c3f29b60814581cd3b2ca3986d268370557' .
10+
'7d45c2e7e52dc81c7a171876e5cea74b1448bfdfaf18828efd2519f14e45e382' .
11+
'6634af1949e5b535cc829a483b8a76223e5d490a257f05bdff16f2fb22c583ab';
12+
$dh_details = array( 'p' => $phex, 'g' => '2' );
13+
$dh = openssl_pkey_new(array( 'dh'=> array( 'p' => $phex, 'g' => '2' )));
14+
var_dump($dh);
15+
$dh = openssl_pkey_new(array( 'dh'=> array( 'p' => hex2bin($phex), 'g' => '2' )));
16+
$details = openssl_pkey_get_details($dh);
17+
var_dump(bin2hex($details['dh']['p']));
18+
var_dump($details['dh']['g']);
19+
var_dump(strlen($details['dh']['pub_key']));
20+
var_dump(strlen($details['dh']['priv_key']));
21+
echo "Done";
22+
?>
23+
--EXPECT--
24+
bool(false)
25+
string(256) "dcf93a0b883972ec0e19989ac5a2ce310e1d37717e8d9571bb7623731866e61ef75a2e27898b057f9891c2e27a639c3f29b60814581cd3b2ca3986d2683705577d45c2e7e52dc81c7a171876e5cea74b1448bfdfaf18828efd2519f14e45e3826634af1949e5b535cc829a483b8a76223e5d490a257f05bdff16f2fb22c583ab"
26+
string(1) "2"
27+
int(128)
28+
int(128)
29+
Done

0 commit comments

Comments
 (0)