mirrors/php-src
0
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-11-28 20:34:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add optional parameter to openssl_pkcs7_verify() which specifies the name

Browse Source 
of a file that will be filled with the verified data, but with the signature
information stripped.

Patch by Marton Kenyeres, mkenyeres (at) konvergencia dot hu
This commit is contained in:
Wez Furlong 2005-06-30 14:25:41 +00:00
parent 07862d7218
commit efc6ccaa01
1 changed files with 20 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
ext/openssl/openssl.c
View File

@ -2152,7 +2152,7 @@ PHP_FUNCTION(openssl_pkey_get_private)
/* {{{ PKCS7 S/MIME functions */
/* {{{ proto bool openssl_pkcs7_verify(string filename, long flags [, string signerscerts [, array cainfo [, string extracerts]]])
/* {{{ proto bool openssl_pkcs7_verify(string filename, long flags [, string signerscerts [, array cainfo [, string extracerts [, string content]]]])
Verifys that the data block is intact, the signer is who they say they are, and returns the CERTs of the signers */
PHP_FUNCTION(openssl_pkcs7_verify)
{
@ -2161,17 +2161,18 @@ PHP_FUNCTION(openssl_pkcs7_verify)
STACK_OF(X509) *signers= NULL;
STACK_OF(X509) *others = NULL;
PKCS7 * p7 = NULL;
BIO * in = NULL, * datain = NULL;
BIO * in = NULL, * datain = NULL, * dataout = NULL;
long flags = 0;
char * filename; int filename_len;
char * extracerts = NULL; int extracerts_len;
char * signersfilename = NULL; int signersfilename_len;
char * datafilename = NULL; int datafilename_len;
RETVAL_LONG(-1);
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sl|sas", &filename, &filename_len,
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sl|sass", &filename, &filename_len,
&flags, &signersfilename, &signersfilename_len, &cainfo,
&extracerts, &extracerts_len) == FAILURE) {
&extracerts, &extracerts_len, &datafilename, &datafilename_len) == FAILURE) {
return;
}
@ -2204,18 +2205,30 @@ PHP_FUNCTION(openssl_pkcs7_verify)
#endif
goto clean_exit;
}
if (datafilename) {
if (php_openssl_safe_mode_chk(datafilename TSRMLS_CC)) {
goto clean_exit;
}
dataout = BIO_new_file(datafilename, "w");
if (dataout == NULL) {
goto clean_exit;
}
}
#if DEBUG_SMIME
zend_printf("Calling PKCS7 verify\n");
#endif
if (PKCS7_verify(p7, others, store, datain, NULL, flags)) {
if (PKCS7_verify(p7, others, store, datain, dataout, flags)) {
RETVAL_TRUE;
if (signersfilename) {
BIO *certout;
if (php_openssl_safe_mode_chk(filename TSRMLS_CC)) {
if (php_openssl_safe_mode_chk(signersfilename TSRMLS_CC)) {
goto clean_exit;
}
@ -2242,6 +2255,7 @@ clean_exit:
X509_STORE_free(store);
BIO_free(datain);
BIO_free(in);
BIO_free(dataout);
PKCS7_free(p7);
sk_X509_free(others);
}