diff options
author | Jakub Zelenka <bukka@php.net> | 2016-06-05 17:23:05 +0100 |
---|---|---|
committer | Jakub Zelenka <bukka@php.net> | 2016-06-05 17:23:05 +0100 |
commit | 497fe33d6f1bbea5a62a8068169e351eb70d2db6 (patch) | |
tree | 6917f325e4b2791c0ff2f3f344f0c44020a6ff09 /ext/openssl | |
parent | 5e9f3871753516036e05645091280a25225ab5ba (diff) | |
download | php-git-497fe33d6f1bbea5a62a8068169e351eb70d2db6.tar.gz |
Add test for openssl_error_string
This test is important for making sure that the error strings
from OpenSSL works as expected and we can safely add a fix
for storing the strings that is prepared.
Diffstat (limited to 'ext/openssl')
-rw-r--r-- | ext/openssl/tests/openssl_error_string_basic.phpt | 181 | ||||
-rw-r--r-- | ext/openssl/tests/private_rsa_2048_pass_php.key | 30 |
2 files changed, 211 insertions, 0 deletions
diff --git a/ext/openssl/tests/openssl_error_string_basic.phpt b/ext/openssl/tests/openssl_error_string_basic.phpt new file mode 100644 index 0000000000..10b3570e73 --- /dev/null +++ b/ext/openssl/tests/openssl_error_string_basic.phpt @@ -0,0 +1,181 @@ +--TEST-- +openssl_error_string() tests +--SKIPIF-- +<?php +if (!extension_loaded("openssl")) print "skip"; +//if (OPENSSL_VERSION_NUMBER < 0x10001001) die("skip OpenSSLv1.0.1 required"); +?> +?> +--FILE-- +<?php +// helper function to dump openssl errors +function dump_openssl_errors() { + while (($error_string = openssl_error_string()) !== false) { + var_dump($error_string); + } +} + +// common output file +$output_file = __DIR__ . "/openssl_error_string_basic_output.tmp"; +// invalid file for read is something that does not exist in current directory +$invalid_file_for_read = __DIR__ . "/invalid_file_for_read_operation.txt"; +// invalid file for is the test dir as writting file to existing dir should alway fail +$invalid_file_for_write = __DIR__; +// crt file +$crt_file = "file://" . __DIR__ . "/cert.crt"; +// csr file +$csr_file = "file://" . __DIR__ . "/cert.csr"; +// public key file +$public_key_file = "file://" .__DIR__ . "/public.key"; +// private key file +$private_key_file = "file://" .__DIR__ . "/private_rsa_1024.key"; +// private key file with password (password is 'php') +$private_key_file_with_pass = "file://" .__DIR__ . "/private_rsa_2048_pass_php.key"; + +// ENCRYPTION +$data = "test"; +$method = "AES-128-ECB"; +$enc_key = str_repeat('x', 40); +// error because password is longer then key length and +// EVP_CIPHER_CTX_set_key_length fails for AES +openssl_encrypt($data, $method, $enc_key); +$enc_error = openssl_error_string(); +var_dump($enc_error); +// make sure that error is cleared now +var_dump(openssl_error_string()); +// internally OpenSSL ERR won't save more than 15 (16 - 1) errors so lets test it +for ($i = 0; $i < 20; $i++) { + openssl_encrypt($data, $method, $enc_key); +} +$error_queue_size = 0; +while (($enc_error_new = openssl_error_string()) !== false) { + if ($enc_error_new !== $enc_error) { + echo "The new encoding error doesn't match the expected one\n"; + } + ++$error_queue_size; +} +var_dump($error_queue_size); + +// PKEY +echo "PKEY errors\n"; +// file for pkey (file:///) fails when opennig (BIO_new_file) +openssl_pkey_export_to_file("file://" . $invalid_file_for_read, $output_file); +dump_openssl_errors(); +// file or private pkey is not correct PEM - failing PEM_read_bio_PrivateKey +openssl_pkey_export_to_file($csr_file, $output_file); +dump_openssl_errors(); +// file to export cannot be written +openssl_pkey_export_to_file($private_key_file, $invalid_file_for_write); +dump_openssl_errors(); +// succesful export +openssl_pkey_export($private_key_file_with_pass, $out, 'wrong pwd'); +dump_openssl_errors(); +// invalid x509 for getting public key +openssl_pkey_get_public($private_key_file); +dump_openssl_errors(); +// private encrypt with unknown padding +openssl_private_encrypt("data", $crypted, $private_key_file, 1000); +dump_openssl_errors(); +// private decrypt with failed padding check +openssl_private_decrypt("data", $crypted, $private_key_file); +dump_openssl_errors(); +// public encrypt and decrypt with failed padding check and padding +openssl_public_encrypt("data", $crypted, $public_key_file, 1000); +openssl_public_decrypt("data", $crypted, $public_key_file); +dump_openssl_errors(); + +// X509 +echo "X509 errors\n"; +// file for x509 (file:///) fails when opennig (BIO_new_file) +openssl_x509_export_to_file("file://" . $invalid_file_for_read, $output_file); +dump_openssl_errors(); +// file or str cert is not correct PEM - failing PEM_read_bio_X509 or PEM_ASN1_read_bio +openssl_x509_export_to_file($csr_file, $output_file); +dump_openssl_errors(); +// file to export cannot be written +openssl_x509_export_to_file($crt_file, $invalid_file_for_write); +dump_openssl_errors(); +// checking purpose fails because there is no such purpose 1000 +openssl_x509_checkpurpose($crt_file, 1000); +dump_openssl_errors(); +// make sure that X509_STORE_add_lookup will not emmit any error (just PHP warning) +openssl_x509_checkpurpose($crt_file, X509_PURPOSE_SSL_CLIENT, array( __DIR__ . "/cert.csr")); +dump_openssl_errors(); + +// CSR +echo "CSR errors\n"; +// file for csr (file:///) fails when opennig (BIO_new_file) +openssl_csr_get_subject("file://" . $invalid_file_for_read); +dump_openssl_errors(); +// file or str csr is not correct PEM - failing PEM_read_bio_X509_REQ +openssl_csr_get_subject($crt_file); +dump_openssl_errors(); + +// other possible cuases that are difficult to catch: +// - ASN1_STRING_to_UTF8 fails in add_assoc_name_entry +// - invalid php_x509_request field (NULL) would cause error with CONF_get_string + +?> +--CLEAN-- +<?php +$output_file = __DIR__ . "/openssl_error_string_basic_output.tmp"; +if (is_file($output_file)) { + unlink($output_file); +} +?> +--EXPECTF-- +string(89) "error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length" +bool(false) +int(15) +PKEY errors + +Warning: openssl_pkey_export_to_file(): cannot get key from parameter 1 in %s on line %d +string(61) "error:02001002:system library:fopen:No such file or directory" +string(53) "error:2006D080:BIO routines:BIO_new_file:no such file" + +Warning: openssl_pkey_export_to_file(): cannot get key from parameter 1 in %s on line %d +string(54) "error:0906D06C:PEM routines:PEM_read_bio:no start line" +string(68) "error:0E06D06C:configuration file routines:NCONF_get_string:no value" +string(68) "error:0E06D06C:configuration file routines:NCONF_get_string:no value" +string(68) "error:0E06D06C:configuration file routines:NCONF_get_string:no value" +string(68) "error:0E06D06C:configuration file routines:NCONF_get_string:no value" +string(68) "error:0E06D06C:configuration file routines:NCONF_get_string:no value" +string(68) "error:0E06D06C:configuration file routines:NCONF_get_string:no value" +string(50) "error:02001015:system library:fopen:Is a directory" +string(51) "error:2006D002:BIO routines:BIO_new_file:system lib" +string(49) "error:09072007:PEM routines:PEM_write_bio:BUF lib" + +Warning: openssl_pkey_export(): cannot get key from parameter 1 in %s on line %d +string(72) "error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt" +string(53) "error:0906A065:PEM routines:PEM_do_header:bad decrypt" +string(54) "error:0906D06C:PEM routines:PEM_read_bio:no start line" +string(54) "error:0906D06C:PEM routines:PEM_read_bio:no start line" +string(72) "error:04066076:rsa routines:RSA_EAY_PRIVATE_ENCRYPT:unknown padding type" +string(78) "error:0407109F:rsa routines:RSA_padding_check_PKCS1_type_2:pkcs decoding error" +string(72) "error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed" +string(54) "error:0906D06C:PEM routines:PEM_read_bio:no start line" +string(71) "error:04068076:rsa routines:RSA_EAY_PUBLIC_ENCRYPT:unknown padding type" +string(54) "error:0906D06C:PEM routines:PEM_read_bio:no start line" +string(79) "error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01" +string(71) "error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed" +X509 errors + +Warning: openssl_x509_export_to_file(): cannot get cert from parameter 1 in %s on line %d +string(61) "error:02001002:system library:fopen:No such file or directory" +string(53) "error:2006D080:BIO routines:BIO_new_file:no such file" + +Warning: openssl_x509_export_to_file(): cannot get cert from parameter 1 in %s on line %d +string(54) "error:0906D06C:PEM routines:PEM_read_bio:no start line" + +Warning: openssl_x509_export_to_file(): error opening file %s in %s on line %d +string(50) "error:02001015:system library:fopen:Is a directory" +string(51) "error:2006D002:BIO routines:BIO_new_file:system lib" +string(90) "error:0B086079:x509 certificate routines:X509_STORE_CTX_purpose_inherit:unknown purpose id" + +Warning: openssl_x509_checkpurpose(): error loading file %s in %s on line %d +CSR errors +string(61) "error:02001002:system library:fopen:No such file or directory" +string(53) "error:2006D080:BIO routines:BIO_new_file:no such file" +string(55) "error:20068079:BIO routines:BIO_gets:unsupported method" +string(54) "error:0906D06C:PEM routines:PEM_read_bio:no start line" +string(54) "error:0906D06C:PEM routines:PEM_read_bio:no start line"
\ No newline at end of file diff --git a/ext/openssl/tests/private_rsa_2048_pass_php.key b/ext/openssl/tests/private_rsa_2048_pass_php.key new file mode 100644 index 0000000000..242b1868c7 --- /dev/null +++ b/ext/openssl/tests/private_rsa_2048_pass_php.key @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-128-CBC,D839E12F98A22F4FA90401E31A896A03 + +gVJ/972mKRrZ2+55rofbFXuLY03Umb7+m7OotGHkYa3dJpNuOLta+LDpSMRdgKcT +7s+vZ7CERJsWolbdCSphwWs74FV4fJheuzrnEthmVazmIcDwWu1FiiD5XEmRQMFH +AvwUKTN5PIyN67eCusbrV5/FJsVdxvRwLUM70UE+nhBW8rg6AhszDtSHhGG1KN9T +TwT2m8xYOgzzPPseQN/VcKNJ+LZcUVN/8+12duy1Ej/HoFaE7wp5GH0mueeShf0R +xFZ6mizZ3x+Ef4+PbTDnSXRheF9uvSdwmff4rUS4Szpk0aYpSrluJJjzI9Unjvqi +129ZQsNUfLebJlaauTYYNsHHh64hRXelqKz5mNmcF/OV+pbCjYljgDsyndmrZ5jB +xjfjp/1VGQAU26VnF0X9zv5q9Gz3/bkl3VFnS7gNyMCanyTuaXNNFNcbkY59Iq1l +rWjGGMeujWttFhYsChtCb6Clsq4aCiXJ9lqFNTU+eqVD9F5C4v5ATM6VHqjxwvj3 +RB4P98pQsGLkHUKgAZrYqxhLjN6O7FvZuuSRSZl+Q6suYcie+hR4p2TRopRTttc2 +d/gdJCBEbboJH3XOFlHz08mhxgVobi5ACzAoSpCVT4NIahG+Gt7h8Rk6+A9/uiwj +Jy6+MRiylhAOXAfOps7+FvBFi4nKByFXtWOHRL6DGpYWy20vCk0gsuICRpwL33A4 +e6YAJiuygQSWTExyGfeRk5VQRkZrWL1s3nTnA0MLqx1VdIbDeNPtIZ+dQHCN5vYt +pP7zFSuF6fse8mSobzA9x4hKXUKWQ/V985arHYzYpJXfIRMyZDqKjRW5xKGYR0eH +adhpbOCWx73+vVa8tABbvNIPjp/7KPaGPSp7uV9Afvvt5qjM/nho/VstyWscivM0 +c+oylG4cNBaJCVyb6nsiBYK2XE/Llfjsj/l2+SRfIZOwmvhL+CG7z7okPEiNp7EB +DcefH7/N/Fg4R4PzWskHfb6ZU+nnPKV9JJdBitw/EQFAN8qO7b6O1HRsXUJziBsH +cgQBDT0wOue49lDFratmWBx1K10paRuAl1DmO5WtstC/cthGYvKVGDWclLbIVRpv +/DyXZMsXdt9IaP31vHs+W0Yj/1Pcj3iKFX/oh0e7Kb2MQziquQcMzJM2n3BVa2PQ +dZ3FGKSoDtdT3RhEWGAY5zh7nwPUDqR2frCTGdRAASJbHmC/dn3Fs/m7kQHCUTw8 +EpDCCFZhp23DODk96Q0vtgtPU16qONMzVlzSH8REjS23GrbZ4wn/SW8Qm5QZiScH +WbJ3Aj5iemcFnL5aDN81BNX9GtUvJFK2jvmmPcv1x5+x51RweMQYErgahI9YVFtM +0cEN2cm27hZjktHxduJefc+WVu6vCyzSA0q/CbT58eIWBPyvyIM8AB65h4TFxX9N +4g0/0Kh8gqe3EVg1x62LEAC6AaRZEm/GBeux41DlNDYbCik6VdLRHVozmf7PYm+X +6miR4EfGE+kM7/V+shMQZni/Q64gzIn+/vpMiNV5JQsr1E2tqUp2/P6N0puUwWv2 +ORVWWk6gy8wnJ//LsDNEhSKfCrffuv2u2oVQWMcBwyqbR6ru/V3i9+9ngWd2D4E0 +-----END RSA PRIVATE KEY----- |