820bca8ca3
Try to fix LibreSSL build
2016-10-23 19:55:22 +01:00
930ae4034e
Drop useless checks for DH and RSA
...
If DH or RSA was disabled, the build would fail already as
it's used already elsewhere without checking the OPENSSL_NO_DH
or OPENSSL_NO_RSA defines.
2016-10-23 19:37:07 +01:00
d6fb5a1f1e
Merge branch 'pull-request/1814'
2016-10-17 17:02:13 +01:00
20b63996c0
fix test
...
(cherry picked from commit 57354e0313
2016-10-14 02:01:53 +02:00
177e6adca7
Merge branch 'PHP-7.0' into PHP-7.1
...
* PHP-7.0:
Fix outlen for openssl function
Syncronize with 5.6 - __toString should return ""
Fix potential overflows in php_pcre_replace_impl
(cherry picked from commit ff75665663
2016-10-14 01:58:48 +02:00
7897e8cd6c
followup with #73276 merge
...
(cherry picked from commit b135ba3fa9
2016-10-14 01:43:02 +02:00
fe789b3f7c
Fix bug #73276 - crash in openssl_random_pseudo_bytes function
...
(cherry picked from commit 85a22a0af07dc8b5e7ae
2016-10-14 01:42:19 +02:00
1b1b7f8809
Merge branch 'PHP-7.0' into PHP-7.1
2016-09-13 18:27:55 +01:00
3a739c9f9f
Merge branch 'PHP-5.6' into PHP-7.0
2016-09-13 18:19:20 +01:00
05baa92727
Fix bug #73072 (Invalid path SNI_server_certs causes segfault)
2016-09-13 18:15:34 +01:00
727b422ad9
Fix #72948 : Uncatchable "Catchable" fatal error for class to string conversions
...
E_RECOVERABLE errors are reported as "Catchable fatal error". This is
misleading, because they actually can't be caught via try-catch statements.
Therefore we change the wording to "Recoverable fatal error" as suggested by
Nikita.
2016-09-03 13:05:37 +02:00
21c72827c7
Do not expect error 0407006A in openssl_private_(en|de)crypt
...
It makes the test work with OpenSSL 1.1
2016-08-21 20:29:03 +01:00
427c8c809d
Set DSA or DH key only if pub key supplied
2016-08-14 20:42:56 +01:00
c3c90abb17
Return false if tag is not supplied or cannot be retrieved in AEAD
...
It doesn't make sense to return just encoded string as it cannot be
used anyway (decryption without a tag will not work).
2016-08-14 19:34:03 +01:00
6822af2e73
Do not add already added object to the internal OpenSSL table
...
This fixes OpenSSL 1.1 where adding object with OID that has been
already added causes an error - preventing of duplication.
2016-08-03 20:01:41 +01:00
40b312d4c2
Use OPENSSL_RAW_DATA in raw data decryption tests
2016-07-22 18:30:30 +02:00
f775199ac7
Require strict base64 in openssl_decode
...
Using invalid data in a security-related context makes no sense,
and there's even a test which depends on invalid base64 data failing,
even though it currently fails for the wrong reasons by sheer luck.
2016-07-22 18:03:55 +02:00
76f6f3583c
Fix test: Use valid base64 even for invalid OpenSSL data
2016-07-22 18:03:55 +02:00
98ac90b7e2
Add missing X509_get_signature_nid for 1.0.1
2016-07-19 20:13:13 +01:00
d8580cb286
Use always non const SSL cipher version string
2016-07-19 20:01:20 +01:00
ea35d309b9
Update authors of openssl.c
2016-07-17 20:48:20 +01:00
6c497ad2d2
Use opaque EVP_PKEY for new EC logic in openssl_pkey_new
2016-07-17 20:44:33 +01:00
2ecce94756
Use opaque RSA, DSA and DH
2016-07-17 20:24:34 +01:00
329f74a11d
Add missing creating of md_ctx in openssl_digest
2016-07-17 20:01:37 +01:00
444adff0b2
Change sign method from ecdsa-with-SHA1 to SHA1
...
There are no message digest methods for public key
(e.g. ecdsa-with-SHA1, dsa*, DSA*) MD methods in OpenSSL 1.1.
2016-07-17 17:46:14 +01:00
e5780c8cd0
Add missing break in php_openssl_is_private_key
2016-07-17 17:46:14 +01:00
1008385959
Use SHA1 instead of DSS1 in test for bug #41033
2016-07-17 17:46:14 +01:00
069d20a33b
Hide setting server ECDH curve for OpenSSL 1.1
...
It seems to be done automatically
2016-07-17 17:46:14 +01:00
1123c85d79
Do not use tmp_rsa_cb for OpenSSL 1.1
...
The SSL_CTX_set_tmp_rsa_callback has been removed
2016-07-17 17:46:14 +01:00
0afa0b1f83
The DSS1 is not available in OpenSSL 1.1
2016-07-17 17:46:13 +01:00
d73735a750
Move and use opaque pkey in openssl_dh_compute_key
2016-07-17 17:43:34 +01:00
1a4e910e8d
Use opaque pkey in openssl_pkey_get_details
2016-07-17 17:43:34 +01:00
f08660bb58
Use EVP_PKEY_base_id where possible
2016-07-17 17:33:42 +01:00
f1de72293e
Use opaque EVP_PKEY in php_openssl_is_private_key
2016-07-17 17:33:42 +01:00
0598a8da2b
Do not use X509 props directly in openssl_x509_parse
2016-07-17 17:33:42 +01:00
e138b51dad
Do not use X509_EXTENSION data directly as it is opaque
2016-07-17 17:33:42 +01:00
84a291d4da
Wrap pkey id and rsa getters
2016-07-17 17:33:42 +01:00
fd9142a647
Use opaque md ctx in openssl_sign and openssl_verify
2016-07-17 17:33:42 +01:00
b8164673eb
Use opaque cipher ctx in openssl_seal and openssl_open
2016-07-17 17:33:42 +01:00
3a8531e767
Use opaque EVP_MD_CTX in openssl_digest
2016-07-17 17:33:41 +01:00
5f569cc03e
Bump minimal OpenSSL version to 1.0.1
2016-07-17 17:21:07 +01:00
d30b6a85b2
force SSL_OP_NO_SSLv2
2016-07-17 16:41:47 +01:00
642aee1deb
Cleanup all SSLv2 code, whatever OpenSSL version is
2016-07-17 16:41:47 +01:00
9fabb7cac7
Remove openssl test 029 as it is incomplete
2016-06-29 20:49:14 +01:00
f5dbba0d54
Revert "Skip new OpenSSL ECC tests on 32bit"
...
This reverts commit 0a4f89bc29
2016-06-29 11:43:31 +03:00
0a4f89bc29
Skip new OpenSSL ECC tests on 32bit
...
There has been reported that they fail on 32bit so
they will be skipped till the issue is investigated.
2016-06-28 20:39:31 +01:00
0cfb47651c
Fixed compilation warnings
2016-06-28 11:37:51 +03:00
e8a09ddc07
Improve openssl ecc keypair support implementation
2016-06-26 16:55:51 +01:00
9688138d38
Adds initial support to generate and work with ECC public key pair
...
New features:
- openssl_get_curve_names => list ECC curve names
- generate a ECC public key pair
- generate an CSR with an ECC key
- export x,y,d params of ECC public/private key
Thanks to @bukka for the review and feedback
2016-06-26 16:15:25 +01:00
323b2733f6
Fixed compilation warnings
2016-06-22 00:40:50 +03:00
Jakub Zelenka