#39236 [NEW]: Error in function openssl_get_privatekey

Mon, 23 Oct 2006 06:07:51 -0700 

From:             kprzemek at coig dot katowice dot pl
Operating system: RHEL4
PHP version:      5.1.6
PHP Bug Type:     OpenSSL related
Bug description:  Error in function openssl_get_privatekey

Description:
------------
Private key password is always Ok, no matter if the password is right or
wrong. And it's not OK, because if I give wrong private key password, I
should get an error. So I guess this function isn't working well.
Everything is OK on php4.4.2 Is is because php5? I had the same error. No
matter if the password is right or wrong it's OK (it's functioning) and it
shouldnt't be.

Reproduce code:
---------------
public function userPassCheck($password,$nruser,$name) {
      $nras=(int)$this->asID;
      ifx_textasvarchar(1);
      $sql="SELECT priv_key".
           "  FROM user_ssl ".
           " WHERE nras=$nras ".
           "   AND nruser=$nruser";
      $rs=$this->db->Execute($sql);
      if (!$rs) {
         $this->blad="<b>Error...</b><br>".
         $this->db->ErrorNo()." - ".
         $this->db->ErrorMsg();
         throw new Exception($this->blad);
      }
      $this->privkey=$rs->fields['priv_key'];
  $rsCert=openssl_get_privatekey($this->privkey,$password);
      if($rsCert) {
         echo "<br>OK";
      } else {
         echo "<br>NOT OK";
      }
   }

Expected result:
----------------
If password is wrong I expect "NOT OK" if is right "OK".

Actual result:
--------------
Always "OK".

-- 
Edit bug report at http://bugs.php.net/?id=39236&edit=1
-- 
Try a CVS snapshot (PHP 4.4): 
http://bugs.php.net/fix.php?id=39236&r=trysnapshot44
Try a CVS snapshot (PHP 5.2): 
http://bugs.php.net/fix.php?id=39236&r=trysnapshot52
Try a CVS snapshot (PHP 6.0): 
http://bugs.php.net/fix.php?id=39236&r=trysnapshot60
Fixed in CVS:                 http://bugs.php.net/fix.php?id=39236&r=fixedcvs
Fixed in release:             
http://bugs.php.net/fix.php?id=39236&r=alreadyfixed
Need backtrace:               http://bugs.php.net/fix.php?id=39236&r=needtrace
Need Reproduce Script:        http://bugs.php.net/fix.php?id=39236&r=needscript
Try newer version:            http://bugs.php.net/fix.php?id=39236&r=oldversion
Not developer issue:          http://bugs.php.net/fix.php?id=39236&r=support
Expected behavior:            http://bugs.php.net/fix.php?id=39236&r=notwrong
Not enough info:              
http://bugs.php.net/fix.php?id=39236&r=notenoughinfo
Submitted twice:              
http://bugs.php.net/fix.php?id=39236&r=submittedtwice
register_globals:             http://bugs.php.net/fix.php?id=39236&r=globals
PHP 3 support discontinued:   http://bugs.php.net/fix.php?id=39236&r=php3
Daylight Savings:             http://bugs.php.net/fix.php?id=39236&r=dst
IIS Stability:                http://bugs.php.net/fix.php?id=39236&r=isapi
Install GNU Sed:              http://bugs.php.net/fix.php?id=39236&r=gnused
Floating point limitations:   http://bugs.php.net/fix.php?id=39236&r=float
No Zend Extensions:           http://bugs.php.net/fix.php?id=39236&r=nozend
MySQL Configuration Error:    http://bugs.php.net/fix.php?id=39236&r=mysqlcfg

Reply via email to