@@ -933,6 +933,44 @@ static void php_openssl_dispose_config(struct php_x509_request * req) /* {{{ */
933
933
}
934
934
/* }}} */
935
935
936
+ static ENGINE * php_openssl_make_pkcs11_engine (const bool warn ) /* {{{ */
937
+ {
938
+ char * verbose = NULL ;
939
+ ENGINE * engine ;
940
+
941
+ engine = ENGINE_by_id ("pkcs11" );
942
+ if (engine == NULL ) {
943
+ if (warn )
944
+ php_error_docref (NULL , E_WARNING , "Cannot load PKCS11 engine" );
945
+ php_openssl_store_errors ();
946
+ return NULL ;
947
+ }
948
+ verbose = getenv ("OPENSSL_ENGINE_VERBOSE" );
949
+ if (verbose ) {
950
+ if (!ENGINE_ctrl_cmd_string (engine , "VERBOSE" , NULL , 0 )) {
951
+ ENGINE_free (engine );
952
+ php_openssl_store_errors ();
953
+ return NULL ;
954
+ }
955
+ } else {
956
+ if (!ENGINE_ctrl_cmd_string (engine , "QUIET" , NULL , 0 )) {
957
+ ENGINE_free (engine );
958
+ php_openssl_store_errors ();
959
+ return NULL ;
960
+ }
961
+ }
962
+ if (!ENGINE_init (engine )) {
963
+ ENGINE_free (engine );
964
+ if (warn )
965
+ php_error_docref (NULL , E_WARNING , "Cannot init PKCS11 engine" );
966
+ php_openssl_store_errors ();
967
+ return NULL ;
968
+ }
969
+
970
+ return engine ;
971
+ }
972
+ /* }}} */
973
+
936
974
#if defined(PHP_WIN32 ) || PHP_OPENSSL_API_VERSION >= 0x10100
937
975
#define PHP_OPENSSL_RAND_ADD_TIME () ((void) 0)
938
976
#else
@@ -1400,8 +1438,7 @@ X509 *php_openssl_x509_from_str(zend_string *cert_str) {
1400
1438
}
1401
1439
cert = PEM_read_bio_X509 (in , NULL , NULL , NULL );
1402
1440
} else if (ZSTR_LEN (cert_str ) > 7 && memcmp (ZSTR_VAL (cert_str ), "pkcs11:" , sizeof ("pkcs11:" ) - 1 ) == 0 ) {
1403
- char * verbose = NULL ;
1404
- ENGINE * engine ;
1441
+ ENGINE * engine = php_openssl_make_pkcs11_engine (true);
1405
1442
struct {
1406
1443
const char * s_slot_cert_id ;
1407
1444
X509 * cert ;
@@ -1411,30 +1448,9 @@ X509 *php_openssl_x509_from_str(zend_string *cert_str) {
1411
1448
};
1412
1449
int force_login = 0 ;
1413
1450
1414
- engine = ENGINE_by_id ("pkcs11" );
1415
- if (engine == NULL ) {
1416
- php_openssl_store_errors ();
1417
- return NULL ;
1418
- }
1419
- verbose = getenv ("OPENSSL_ENGINE_VERBOSE" );
1420
- if (verbose ) {
1421
- if (!ENGINE_ctrl_cmd_string (engine , "VERBOSE" , NULL , 0 )) {
1422
- ENGINE_free (engine );
1423
- php_openssl_store_errors ();
1424
- return NULL ;
1425
- }
1426
- } else {
1427
- if (!ENGINE_ctrl_cmd_string (engine , "QUIET" , NULL , 0 )) {
1428
- ENGINE_free (engine );
1429
- php_openssl_store_errors ();
1430
- return NULL ;
1431
- }
1432
- }
1433
- if (!ENGINE_init (engine )) {
1434
- ENGINE_free (engine );
1435
- php_openssl_store_errors ();
1451
+ if (!engine )
1436
1452
return NULL ;
1437
- }
1453
+
1438
1454
if (!ENGINE_ctrl_cmd (engine , "LOAD_CERT_CTRL" , 0 , & parms , NULL , force_login )) {
1439
1455
ENGINE_free (engine );
1440
1456
php_openssl_store_errors ();
@@ -3617,28 +3633,8 @@ EVP_PKEY *php_openssl_pkey_from_zval(zval *val, int public_key, char *passphrase
3617
3633
}
3618
3634
}
3619
3635
if (Z_STRLEN_P (val ) > 7 && memcmp (Z_STRVAL_P (val ), "pkcs11:" , sizeof ("pkcs11:" ) - 1 ) == 0 ) {
3620
- char * verbose = NULL ;
3621
- engine = ENGINE_by_id ("pkcs11" );
3636
+ engine = php_openssl_make_pkcs11_engine (true);
3622
3637
if (engine == NULL ) {
3623
- php_error_docref (NULL , E_WARNING , "Cannot load PKCS11 engine" );
3624
- TMP_CLEAN ;
3625
- }
3626
- verbose = getenv ("OPENSSL_ENGINE_VERBOSE" );
3627
- if (verbose ) {
3628
- if (!ENGINE_ctrl_cmd_string (engine , "VERBOSE" , NULL , 0 )) {
3629
- ENGINE_free (engine );
3630
- TMP_CLEAN ;
3631
- }
3632
- } else {
3633
- if (!ENGINE_ctrl_cmd_string (engine , "QUIET" , NULL , 0 )) {
3634
- ENGINE_free (engine );
3635
- TMP_CLEAN ;
3636
- }
3637
- }
3638
- if (!ENGINE_init (engine )) {
3639
- ENGINE_free (engine );
3640
- engine = NULL ;
3641
- php_error_docref (NULL , E_WARNING , "Cannot init PKCS11 engine" );
3642
3638
TMP_CLEAN ;
3643
3639
}
3644
3640
}
0 commit comments