Req #61421 [Com]: Missing SHA256,SHA512 families of signature algorithms

[mark at zedwood dot com]

Edit report at https://bugs.php.net/bug.php?id=61421&edit=1

 ID:                 61421
 Comment by:         mark at zedwood dot com
 Reported by:        mark at zedwood dot com
 Summary:            Missing SHA256,SHA512 families of signature
                     algorithms
 Status:             Assigned
 Type:               Feature/Change Request
 Package:            OpenSSL related
 Operating System:   Ubuntu Linux
 PHP Version:        5.4.0
 Assigned To:        pajoye
 Block user comment: N
 Private report:     N

 New Comment:

Changed name of const to OPENSSL_ALGO_RMD160 instead of OPENSSL_ALGO_RIPEMD160


Previous Comments:
------------------------------------------------------------------------
[2012-04-02 18:21:17] mark at zedwood dot com

added openssl version check, added new patch with .phpt test

------------------------------------------------------------------------
[2012-04-02 09:36:07] paj...@php.net

hi,

Thanks for the patch, I will apply it asap but it won't make it for the next 
releases of 5.3 or 5.4 as we are already in release phases.

Btw, can you add some tests too please?

About the patch, yes, please use the openssl version check instead. As what is 
done now won't work smoothly with older versions.

As of getting a svn account (asked per email but adding answer here too), we 
usually give one after that one has provided a couple of patches :)

Thanks for your work!

------------------------------------------------------------------------
[2012-04-02 09:21:11] der...@php.net

Mark, yes, you probably should. It will also help a lot if you include test 
cases for the new functionality. Make sure those tests also run with older 
versions of openssl though!

cheers,
Derick

------------------------------------------------------------------------
[2012-03-31 04:00:54] mark at zedwood dot com

should i submit a new patch with
#if OPENSSL_VERSION_NUMBER >= 0x0090708fL 
instead of
#ifndef OPENSSL_NO_SHA256
?

------------------------------------------------------------------------
[2012-03-16 21:10:49] zedwoodnoreply at gmail dot com

to generate a sample csr with sha256 sig use:
openssl req -new -sha256    -newkey rsa:2048 -nodes -out example_com_sha256.csr 
   -keyout example_com_sha256.key    -subj "/C=US/ST=/L=/O=/CN=example.com"

to parse the csr with openssl (command line) use:
openssl req -in example_com_sha256.csr    -noout -text

sample output:
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: C=US, CN=example.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
                    00:a7:7a:17:c4:17:72:8e:5b:36:36:05:8f:57:10:
                    a5:b9:f2:4b:05:9e:88:62:bc:8b:a5:ad:c3:6a:41:
                    b5:31:25:cc:86:7c:99:6b:f4:7f:74:a1:01:93:95:
                    b9:3e:b7:dc:b4:b4:59:3c:ff:22:8c:d5:87:75:44:
                    93:9c:19:de:08:42:b2:fd:88:eb:71:6b:8b:21:4a:
                    06:66:9c:6d:2b:10:bb:f5:e8:7c:a2:3a:ae:51:86:
                    51:3a:d1:96:02:93:f1:de:3a:68:06:6d:36:20:41:
                    b4:09:d8:ed:74:5e:ff:ae:ba:26:84:ac:4d:6a:30:
                    6a:b4:01:ec:3a:a0:f9:5c:08:5c:6c:5e:1f:f2:11:
                    2c:11:a1:3d:44:17:79:33:0a:97:a0:4e:b8:c3:81:
                    e4:58:d7:10:b3:50:43:af:9e:4b:b9:05:e7:5d:da:
                    78:b1:85:c4:36:a7:d5:b2:82:7a:1a:ab:4c:6c:98:
                    a1:b5:6c:1a:99:04:18:2b:8d:80:2f:11:23:1d:41:
                    53:7a:15:39:2b:84:23:bf:2d:b0:32:5a:7d:0d:d0:
                    3f:ac:d3:66:9c:9f:a2:df:40:4b:0d:9c:98:e4:64:
                    44:b7:58:1d:54:75:07:47:b9:03:e5:57:10:d3:1a:
                    ac:85:c6:f1:19:1c:df:a6:33:12:25:0b:ee:9a:fb:
                    72:93
                Exponent: 65537 (0x10001)
        Attributes:
            a0:00
    Signature Algorithm: sha256WithRSAEncryption
        48:ac:2e:08:93:95:ec:c3:12:ab:88:33:1f:7f:37:c3:5a:9b:
        6a:9a:b3:ea:35:ca:f0:1d:40:47:f0:31:8f:f3:36:b4:3d:5d:
        ee:74:48:fe:1b:43:4b:78:d7:97:d5:d5:77:8f:ba:51:db:35:
        75:c4:89:dc:b6:49:86:4e:4c:42:e7:01:e3:cb:72:da:9b:94:
        d1:ed:b7:59:be:f6:eb:44:68:54:e5:10:0c:bf:7a:9f:48:18:
        86:f2:f2:84:ca:a1:3b:48:be:d1:4a:40:22:12:7b:c0:42:a5:
        a0:ce:0f:43:17:44:e2:cf:e8:27:1d:71:d5:92:d8:de:bd:82:
        c2:11:f2:73:8c:c3:ab:5e:a1:64:78:af:a6:10:19:b1:ed:b2:
        fb:4c:bb:66:20:fe:1a:34:af:43:9f:4d:4e:6d:a2:f0:d0:df:
        33:93:e5:a7:d5:dc:2f:47:e3:56:31:fd:50:d2:2e:83:2f:d2:
        b2:fb:a8:7d:ce:4a:1f:a1:14:fc:45:92:ca:1c:85:3a:e7:32:
        e4:a8:13:fe:54:9a:ee:25:02:26:d3:b5:e1:96:08:f3:c8:36:
        59:ef:f5:46:1c:62:e6:58:ea:d4:86:a8:3f:ed:92:77:d7:eb:
        d3:92:a1:91:8e:2c:1c:4e:c2:12:b0:c9:8b:3b:17:99:32:03:
        e3:9e:a5:dd

------------------------------------------------------------------------


The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at

    https://bugs.php.net/bug.php?id=61421


-- 
Edit this bug report at https://bugs.php.net/bug.php?id=61421&edit=1