ID: 28382 User updated by: n_sergiu at hotmail dot com Reported By: n_sergiu at hotmail dot com -Status: Feedback +Status: Open Bug Type: OpenSSL related Operating System: all PHP Version: 4.3.4 New Comment:
Here is a certificate for testing: -----BEGIN CERTIFICATE----- MIIEoDCCBAmgAwIBAgIBJzANBgkqhkiG9w0BAQQFADCBkDELMAkGA1UEBhMCUk8x EDAOBgNVBAgTB1JvbWFuaWExEDAOBgNVBAcTB0NyYWlvdmExDzANBgNVBAoTBlNl cmdpdTETMBEGA1UECxMKU2VyZ2l1IFNSTDESMBAGA1UEAxMJU2VyZ2l1IENBMSMw IQYJKoZIhvcNAQkBFhRuX3NlcmdpdUBob3RtYWlsLmNvbTAeFw0wNDA1MTQxMzM0 NTZaFw0wNTA1MTQxMzM0NTZaMIGaMQswCQYDVQQGEwJSTzEQMA4GA1UECBMHUm9t YW5pYTEQMA4GA1UEBxMHQ3JhaW92YTETMBEGA1UEChMKU2VyZ2l1IFNSTDETMBEG A1UECxMKU2VyZ2l1IFNSTDEYMBYGA1UEAxMPU2VyZ2l1IHBlcnNvbmFsMSMwIQYJ KoZIhvcNAQkBFhRuX3NlcmdpdUBob3RtYWlsLmNvbTCBnzANBgkqhkiG9w0BAQEF AAOBjQAwgYkCgYEApNj7XXz8T8FcLIWpBniPYom3QcT6T7u0xRPHqtqzj5oboBYp DJe5d354/y0gJTpiLt8+fTrPgWXnbHm3pOHgXzTcX6Arani0GDU0/xDi4VkCRGcS YqX2sJpcDzAbmK9UDMt3xf/O1B8AJan3RfO0Bm3ozTEPziLMkmsiYr5b/L8CAwEA AaOCAfwwggH4MAkGA1UdEwQCMAAwNQYJYIZIAYb4QgENBCgWJkZvciBHcmlkIHVz ZSBvbmx5OyByZXF1ZXN0IHRhZyB1c2VyVGFnMBEGCWCGSAGG+EIBAQQEAwIF4DA/ BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vbW9iaWxlLmJsdWUtc29mdHdhcmUucm86 OTAvY2EvY3JsLnNodG1sMDUGCWCGSAGG+EIBCAQoFiZodHRwOi8vbW9iaWxlLmJs dWUtc29mdHdhcmUucm86OTAvcHViLzAhBgNVHREEGjAYgRZzZXJnaXVAYmx1ZXNv ZnR3YXJlLnJvMB0GA1UdDgQWBBSwp//5QRXeIzm93TEPl6CyonTg/DCBpwYDVR0j BIGfMIGcoYGWpIGTMIGQMQswCQYDVQQGEwJSTzEQMA4GA1UECBMHUm9tYW5pYTEQ MA4GA1UEBxMHQ3JhaW92YTEPMA0GA1UEChMGU2VyZ2l1MRMwEQYDVQQLEwpTZXJn aXUgU1JMMRIwEAYDVQQDEwlTZXJnaXUgQ0ExIzAhBgkqhkiG9w0BCQEWFG5fc2Vy Z2l1QGhvdG1haWwuY29tggEAMAsGA1UdDwQEAwIE8DAjBglghkgBhvhCAQIEFhYU aHR0cDovLzYyLjIzMS45OC41Mi8wCwYDKgMEBAQ+52I0MA0GCSqGSIb3DQEBBAUA A4GBAIBIOJ+iiLyQfNJEY+IMefayQea0nmuXYY+F+L1DFjSC7xChytgYoPNnKkhh 3dWPtxbswiqKYUnGi6y3Hi4UhDsOaDW29t2S305hSc2qgjOiNtRYQIVYQ8EHG1k7 Fl63S7uCOhnVJt+4MnUK1N6/pwgsp+Z2GvEsDG1qCKnvNpf6 -----END CERTIFICATE----- Previous Comments: ------------------------------------------------------------------------ [2004-05-14 15:38:22] [EMAIL PROTECTED] Please provide the applicable certificate file so that we have something to test the code with. ------------------------------------------------------------------------ [2004-05-14 08:46:35] n_sergiu at hotmail dot com Sorry, the error is still there. No v3 extensions are returned by the openssl_x509_parse function. ------------------------------------------------------------------------ [2004-05-13 19:47:14] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php4-STABLE-latest.tar.gz For Windows: http://snaps.php.net/win32/php4-win32-STABLE-latest.zip ------------------------------------------------------------------------ [2004-05-13 10:14:00] n_sergiu at hotmail dot com I managed to insert some line of code in openssl.c, but I would like to see these changes in the next version of php. PHP_FUNCTION(openssl_x509_parse) { ... X509_EXTENSION *extension; ASN1_OCTET_STRING *extdata; char extstr[20]; int nid; ... for (i = 0; i < X509_get_ext_count(cert); i++) { extension = X509_get_ext(cert, i); extdata = X509_EXTENSION_get_data(extension); sprintf(extstr, "ext%i", i); add_assoc_asn1_string(return_value, extstr, extdata); } /* This is an extension I used for IP address */ nid = OBJ_create_and_add_object("1.2.3.4", "IP", "Client IP Address"); extension = X509_get_ext(cert, X509_get_ext_by_NID(cert, nid, 0)); extdata = X509_EXTENSION_get_data(extension); add_assoc_asn1_string(return_value, "1.2.3.4", extdata); ... } ------------------------------------------------------------------------ [2004-05-13 09:28:57] n_sergiu at hotmail dot com Description: ------------ When I use the openssl_x509_parse to parse a x509 certificate, the v3 extensions are not included in the output result. Reproduce code: --------------- $file = fopen("/home/sergiu/clienttest.crt", "rb"); $cert = fread($file, filesize("/home/sergiu/clienttest.crt")); print_r(openssl_x509_parse($cert)); Expected result: ---------------- Array ( [name] => /C=RO/ST=Romania/L=Craiova/O=XXX/OU=Mobile/CN=teste extens [subject] => Array ( [C] => RO [ST] => Romania [L] => Craiova [O] => Sergiu Software [OU] => Mobile [CN] => teste extens ) [hash] => 33df1a8c [issuer] => Array ( [C] => RO [ST] => Romania [O] => Sergiu Software [CN] => Sergiu Software CA ) [version] => 2 [serialNumber] => 38 [validFrom] => 030712124551Z [validTo] => 040711124551Z [validFrom_time_t] => 1058013951 [validTo_time_t] => 1089549951 [purposes] => Array ( [1] => Array ( [0] => 1 [1] => [2] => sslclient ) [2] => Array ( [0] => 1 [1] => [2] => sslserver ) [3] => Array ( [0] => 1 [1] => [2] => nssslserver ) [4] => Array ( [0] => 1 [1] => [2] => smimesign ) [5] => Array ( [0] => 1 [1] => [2] => smimeencrypt ) [6] => Array ( [0] => [1] => [2] => crlsign ) [7] => Array ( [0] => 1 [1] => 1 [2] => any ) ) [v3extensions] => Array ( [1] => Array ( [0] => NetscapeComment [1] => 1 [2] => For Grid use only; request tag userTag ) ........................... ) ) Actual result: -------------- Array ( [name] => /C=RO/ST=Romania/L=Craiova/O=XXX/OU=Mobile/CN=teste extens [subject] => Array ( [C] => RO [ST] => Romania [L] => Craiova [O] => Sergiu Software [OU] => Mobile [CN] => teste extens ) [hash] => 33df1a8c [issuer] => Array ( [C] => RO [ST] => Romania [O] => Sergiu Software [CN] => Sergiu Software CA ) [version] => 2 [serialNumber] => 38 [validFrom] => 030712124551Z [validTo] => 040711124551Z [validFrom_time_t] => 1058013951 [validTo_time_t] => 1089549951 [purposes] => Array ( [1] => Array ( [0] => 1 [1] => [2] => sslclient ) [2] => Array ( [0] => 1 [1] => [2] => sslserver ) [3] => Array ( [0] => 1 [1] => [2] => nssslserver ) [4] => Array ( [0] => 1 [1] => [2] => smimesign ) [5] => Array ( [0] => 1 [1] => [2] => smimeencrypt ) [6] => Array ( [0] => [1] => [2] => crlsign ) [7] => Array ( [0] => 1 [1] => 1 [2] => any ) ) ) ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=28382&edit=1
