Skip to content

Fix openssl_csr_export() stub #8362

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Fix openssl_csr_export() stub #8362

wants to merge 1 commit into from

Conversation

mpesari
Copy link
Contributor

@mpesari mpesari commented Apr 13, 2022
edited
Loading

There is a problem with current documentation of openssl_csr_export() function:

From the documentation:

openssl_csr_export — Exports a CSR as a string

openssl_csr_export(OpenSSLCertificateSigningRequest|string $csr, OpenSSLAsymmetricKey &$output, bool $no_text = true): bool

The $output parameter was changed from string to OpenSSLAsymmetricKey in 9f44eca

This was probably just a mistake due to the first $csr parameter type being changed from resource to dedicated data type, along with other openssl_* functions. The function actually crashes when passed a reference to a variable of type OpenSSLAsymmetricKey.

Here's a test that crashes:

<?php

declare(strict_types=1);

$private_key = openssl_pkey_new(array(
    "private_key_bits" => 2048,
    "private_key_type" => OPENSSL_KEYTYPE_RSA,
));

$csr = openssl_csr_new([], $private_key);

/**
 * Test 1
 * openssl_csr_export() accepts string
 */
class StringTest {
    public string $string;

    public function __construct(string $string = '') {
        $this->string = $string;
    }
}

$test = new StringTest;

openssl_csr_export($csr, $test->string);

/**
 * Test 2
 * openssl_csr_export() does not accept OpenSSLAsymmetricKey
 */
class ObjectTest {
    public OpenSSLAsymmetricKey $object;

    public function __construct(OpenSSLAsymmetricKey $object) {
        $this->object = $object;
    }
}

$test = new ObjectTest($private_key);

// PHP Fatal error:  Uncaught TypeError: Cannot assign string to reference held by property ObjectTest::$object of type OpenSSLAsymmetricKey
openssl_csr_export($csr, $test->object);

cmb69
cmb69 approved these changes Apr 13, 2022
View reviewed changes
Copy link
Member

@cmb69 cmb69 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, right. Good catch!

@cmb69
Copy link
Member

cmb69 commented Apr 13, 2022

For reference:

php-src/ext/openssl/tests/bug36732.phpt

Lines 26 to 34 in 4d24ac3

openssl_csr_export($csr, $str, false);
if (strpos($str, 'Requested Extensions:')) {
echo "Ok\n";
}
openssl_x509_export($crt, $str, false);
if (strpos($str, 'X509v3 extensions:')) {
echo "Ok\n";
}
and

php-src/ext/openssl/openssl.c

Line 3128 in 4d24ac3

ZEND_TRY_ASSIGN_REF_STRINGL(zout, bio_buf->data, bio_buf->length);
.

@cmb69 cmb69 self-assigned this Apr 13, 2022
@cmb69 cmb69 closed this in 16bf833 Apr 13, 2022
cmb69 added a commit to php/doc-en that referenced this pull request Apr 13, 2022
@cmb69
Fix type of 2nd parameter of openssl_csr_export()
3a2e96f 
Cf. <php/php-src#8362>.
tiffany-taylor pushed a commit to tiffany-taylor/doc-en that referenced this pull request Jan 16, 2023
@cmb69 @tiffany-taylor
Fix type of 2nd parameter of openssl_csr_export()
643bea8 
Cf. <php/php-src#8362>.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cmb69 cmb69 cmb69 approved these changes

Assignees

@cmb69 cmb69

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mpesari @cmb69