Fix bug #67403 (Add signatureType to openssl_x509_parse)

4 files changed, 45 insertions, 8 deletions

diff --git a/NEWS b/NEWS
index 227143826d..d326677ba7 100644
--- a/NEWS
+++ b/NEWS
@@ -38,6 +38,7 @@ PHP                                                                        NEWS
 - OpenSSL:
   . Fixed bugs #61285, #68329, #68046, #41631 (encrypted streams don't observe
     socket timeouts). (Brad Broerman)
+  . Fix bug #67403 (Add signatureType to openssl_x509_parse)
 
 - pgsql:
   . Fixed bug #68638 (pg_update() fails to store infinite values).
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 64bb0623ed..5c8c479362 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -1501,7 +1501,7 @@ PHP_FUNCTION(openssl_x509_parse)
 	zval ** zcert;
 	X509 * cert = NULL;
 	long certresource = -1;
-	int i;
+	int i, sig_nid;
 	zend_bool useshortnames = 1;
 	char * tmpstr;
 	zval * subitem;
@@ -1548,11 +1548,12 @@ PHP_FUNCTION(openssl_x509_parse)
 	if (tmpstr) {
 		add_assoc_string(return_value, "alias", tmpstr, 1);
 	}
-/*
-	add_assoc_long(return_value, "signaturetypeLONG", X509_get_signature_type(cert));
-	add_assoc_string(return_value, "signaturetype", OBJ_nid2sn(X509_get_signature_type(cert)), 1);
-	add_assoc_string(return_value, "signaturetypeLN", OBJ_nid2ln(X509_get_signature_type(cert)), 1);
-*/
+
+	sig_nid = OBJ_obj2nid((cert)->sig_alg->algorithm);
+	add_assoc_string(return_value, "signatureTypeSN", (char*)OBJ_nid2sn(sig_nid), 1);
+	add_assoc_string(return_value, "signatureTypeLN", (char*)OBJ_nid2ln(sig_nid), 1);
+	add_assoc_long(return_value, "signatureTypeNID", sig_nid TSRMLS_CC);
+
 	MAKE_STD_ZVAL(subitem);
 	array_init(subitem);
 
diff --git a/ext/openssl/tests/bug67403.phpt b/ext/openssl/tests/bug67403.phpt
new file mode 100644
index 0000000000..0a19686af1
--- /dev/null
+++ b/ext/openssl/tests/bug67403.phpt
@@ -0,0 +1,23 @@
+--TEST--
+Bug #67403: Add signatureType to openssl_x509_parse
+--SKIPIF--
+<?php
+if (!extension_loaded("openssl")) die("skip");
+--FILE--
+<?php
+$r = openssl_x509_parse(file_get_contents(__DIR__.'/bug64802.pem'));
+var_dump($r['signatureTypeSN']);
+var_dump($r['signatureTypeLN']);
+var_dump($r['signatureTypeNID']);
+
+$r = openssl_x509_parse(file_get_contents(__DIR__.'/bug37820cert.pem'));
+var_dump($r['signatureTypeSN']);
+var_dump($r['signatureTypeLN']);
+var_dump($r['signatureTypeNID']);
+--EXPECTF--
+string(8) "RSA-SHA1"
+string(21) "sha1WithRSAEncryption"
+int(65)
+string(7) "RSA-MD5"
+string(20) "md5WithRSAEncryption"
+int(8)
diff --git a/ext/openssl/tests/openssl_x509_parse_basic.phpt b/ext/openssl/tests/openssl_x509_parse_basic.phpt
index fb0bbc7604..325b2ee4b9 100644
--- a/ext/openssl/tests/openssl_x509_parse_basic.phpt
+++ b/ext/openssl/tests/openssl_x509_parse_basic.phpt
@@ -12,7 +12,7 @@ var_dump(openssl_x509_parse($cert));
 var_dump(openssl_x509_parse($cert, false));
 ?>
 --EXPECTF--
-array(12) {
+array(15) {
   ["name"]=>
   string(96) "/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net"
   ["subject"]=>
@@ -55,6 +55,12 @@ array(12) {
   int(1214821723)
   ["validTo_time_t"]=>
   int(1217413723)
+  ["signatureTypeSN"]=>
+  string(8) "RSA-SHA1"
+  ["signatureTypeLN"]=>
+  string(21) "sha1WithRSAEncryption"
+  ["signatureTypeNID"]=>
+  int(65)
   ["purposes"]=>
   array(9) {
     [1]=>
@@ -152,7 +158,7 @@ serial:AE:C5:56:CC:72:37:50:A2
     string(7) "CA:TRUE"
   }
 }
-array(12) {
+array(15) {
   ["name"]=>
   string(96) "/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net"
   ["subject"]=>
@@ -195,6 +201,12 @@ array(12) {
   int(1214821723)
   ["validTo_time_t"]=>
   int(1217413723)
+  ["signatureTypeSN"]=>
+  string(8) "RSA-SHA1"
+  ["signatureTypeLN"]=>
+  string(21) "sha1WithRSAEncryption"
+  ["signatureTypeNID"]=>
+  int(65)
   ["purposes"]=>
   array(9) {
     [1]=>