ID: 21341
Comment by: sumans at list dot ufl dot edu
Reported By: larry at smog dot com
Status: No Feedback
Bug Type: OpenSSL related
Operating System: RedHat 7.3 (2.4.18-3)
PHP Version: 4.2.3
New Comment:
Sorry for bothering you again, but here is the code:
<? php
$caCertFile = "root.pem";
$req_key = openssl_pkey_new();
openssl_pkey_export_to_file($req_key, "newkey.pem",
$_POST[chlPassword]);
if(openssl_pkey_export ($req_key, $out_key)) {
$dn = array(
"countryName" => $_POST[countryName],
"stateOrProvinceName" => $_POST[stateName],
"localityName" => $_POST[cityName],
"organizationName" => $_POST[organizationName],
"organizationalUnitName" => $_POST[unitName],
"commonName" => $_POST[commonName],
"emailAddress" => $_POST[emailAddress]
);
$req_csr = openssl_csr_new ($dn, $req_key);
openssl_csr_export_to_file($req_csr, "newreq.pem");
$req_cert = openssl_csr_sign($req_csr, "file://$caCertFile",
$req_key, 1)
;
?>
I know that root.pem exists, and it is being loaded, but it looks like
the PHP engine just crashes at the openssl_csr_sign.
Previous Comments:
------------------------------------------------------------------------
[2004-06-25 22:11:52] sumans at list dot ufl dot edu
Hi,
I dont know if this bug was closed, but I am experiencing the exact
same problem now.
I am using the PHP engine and Apache server that came built in Red Hat
Linux 9.
I know that the CA certificate is being loaded into the engine (because
it complains if I give it a wrong path), but then it just crashes.
No messages, nothing. The PHP engine just stops working and nothing is
displayed after the function is called.
Thanks,
Suman
------------------------------------------------------------------------
[2003-01-17 22:14:45] [EMAIL PROTECTED]
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.
------------------------------------------------------------------------
[2003-01-02 15:27:51] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php4-latest.tar.gz
For Windows:
http://snaps.php.net/win32/php4-win32-latest.zip
If you still experience a problem try to replicate the problem using
CLI sapi and add
var_dump($csr) before the openssl_csr_sign() function call and
add var_dump($cert) at the end of the script.
------------------------------------------------------------------------
[2003-01-02 11:49:34] larry at smog dot com
When I try to use openssl_csr_sign to sign a CSR with a CA certificate
I get no error reports, and program output terminates.
Example code:
$cacert = "file://caselfsigncert.pem";
$cakey = array("file://caselfsignkey.pem", "insecureselfsignkey");
if ($privkey = openssl_pkey_new()) {
openssl_pkey_export($privkey, $pkeyout, $passphrase);
print "<h2>priv key</h2><pre>$pkeyout</pre>";
}
if ($csr = openssl_csr_new($dn, $privkey)) {
openssl_csr_export($csr, $csrout);
print "<h2>CSR:</h2><pre>$csrout</pre>";
}
if ($cert = openssl_csr_sign($csr, $cacert, $cakey, 365)) {
openssl_x509_export($cert, $certout);
print "<h2>x509:</h2><pre>$certout</pre>";
}
I am certain that the $cacert and $cakey files are being properly
opened. If I change them to reference an invalid file, PHP returns the
appropriate errors. I'm also certain that the key's passphrase is being
properly passed, when I change the passphrase I also get the expected
errors.
In fact, OpenSSL returns success, but my program appears to exit. I've
tried the openssl_error_string, but it also reports no information. I'm
no PHP expert, but it appears as if PHP segfaulting when this function
is called. Works fine if I call it with a NULL for the $cacert value
(i.e. self-signed). Using the CA cert with the commandline tool openssl
works fine too.
Using openssl-0.9.6h.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=21341&edit=1
