php-src/ext/openssl/tests/ecc.phpt

--TEST--
openssl_*() with OPENSSL_KEYTYPE_EC
--EXTENSIONS--
openssl
--SKIPIF--
<?php
if (!defined("OPENSSL_KEYTYPE_EC")) die("skip EC disabled");
?>
--FILE--
<?php
$config =  __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf';
$args = array(
    "curve_name" => "secp384r1",
    "private_key_type" => OPENSSL_KEYTYPE_EC,
    "config" => $config,
);
echo "Testing openssl_pkey_new\n";
$key1 = openssl_pkey_new($args);
var_dump($key1);

$argsFailed = array(
    "curve_name" => "invalid_cuve_name",
    "private_key_type" => OPENSSL_KEYTYPE_EC,
    "config" => $config,
);

$keyFailed = openssl_pkey_new($argsFailed);
var_dump($keyFailed);

$d1 = openssl_pkey_get_details($key1);
var_dump($d1["bits"]);
var_dump(strlen($d1["key"]));
var_dump($d1["ec"]["curve_name"]);
var_dump($d1["type"] == OPENSSL_KEYTYPE_EC);

$key2 = openssl_pkey_new($d1);
var_dump($key2);

$d2 = openssl_pkey_get_details($key2);
// Compare array
var_dump($d1 === $d2);

// Check that the public key info is computed from the private key if it is missing.
$d1_priv = $d1;
unset($d1_priv["ec"]["x"]);
unset($d1_priv["ec"]["y"]);

$key3 = openssl_pkey_new($d1_priv);
var_dump($key3);
$d3 = openssl_pkey_get_details($key3);
var_dump($d1 === $d3);

$dn = array(
    "countryName" => "BR",
    "stateOrProvinceName" => "Rio Grande do Sul",
    "localityName" => "Porto Alegre",
    "commonName" => "Henrique do N. Angelo",
    "emailAddress" => "hnangelo@php.net"
);

// openssl_csr_new creates a new public key pair if the key argument is null
echo "Testing openssl_csr_new with key generation\n";
$keyGenerate = null;
var_dump($keyGenerate);
$csr = openssl_csr_new($dn, $keyGenerate, $args);

var_dump($keyGenerate);

$args["digest_alg"] = "sha256";
echo "Testing openssl_csr_new with existing ecc key\n";
$csr = openssl_csr_new($dn, $key1, $args);
var_dump($csr);

$pubkey1 = openssl_pkey_get_details(openssl_csr_get_public_key($csr));
var_dump(isset($pubkey1["ec"]["priv_key"]));
unset($d1["ec"]["priv_key"]);
$diff = array_diff($d1["ec"], $pubkey1["ec"]);
var_dump(isset($diff["d"]) && is_string($diff["d"]) && strlen($diff["d"]) > 0);

$x509 = openssl_csr_sign($csr, null, $key1, 365, $args);
var_dump($x509);

echo "Testing openssl_x509_check_private_key\n";
var_dump(openssl_x509_check_private_key($x509, $key1));

$key3 = openssl_pkey_new($args);
var_dump(openssl_x509_check_private_key($x509, $key3));

echo "Testing openssl_get_curve_names\n";
$curve_names = openssl_get_curve_names();

var_dump(is_array($curve_names));

foreach ($curve_names as $curve_name) {
    if ("secp384r1" === $curve_name) {
        echo "Found secp384r1 in curve names\n";
    }
}
?>
--EXPECTF--
Testing openssl_pkey_new
object(OpenSSLAsymmetricKey)#1 (0) {
}

Warning: openssl_pkey_new(): Unknown elliptic curve (short) name invalid_cuve_name in %s on line %d
bool(false)
int(384)
int(215)
string(9) "secp384r1"
bool(true)
object(OpenSSLAsymmetricKey)#%d (0) {
}
bool(true)
object(OpenSSLAsymmetricKey)#%d (0) {
}
bool(true)
Testing openssl_csr_new with key generation
NULL
object(OpenSSLAsymmetricKey)#%d (0) {
}
Testing openssl_csr_new with existing ecc key
object(OpenSSLCertificateSigningRequest)#%d (0) {
}
bool(false)
bool(true)
object(OpenSSLCertificate)#%d (0) {
}
Testing openssl_x509_check_private_key
bool(true)
bool(false)
Testing openssl_get_curve_names
bool(true)
Found secp384r1 in curve names
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`--TEST--`
			`openssl_*() with OPENSSL_KEYTYPE_EC`
Migrate more SKIPIF -> EXTENSIONS (#7139) This is a mix of more automated and manual migration. It should remove all applicable extension_loaded() checks outside of skipif.inc files. 2021-06-11 10:58:44 +00:00			`--EXTENSIONS--`
			`openssl`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`--SKIPIF--`
Fix GH-9064: PHP fails to build if openssl was built with no-ec 2022-11-25 12:49:12 +00:00			`<?php`
			`if (!defined("OPENSSL_KEYTYPE_EC")) die("skip EC disabled");`
			`?>`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`--FILE--`
			`<?php`
Make OpenSSL tests less dependent on system config It fixes dependencies on system config if running tests with OpenSSL 3.0 2021-09-12 19:30:02 +00:00			`$config = __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf';`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`$args = array(`
Make code in openssl ext tests more consistent Mainly use spaces for indent and fix some other CS issues. Also drop checks for unsupported OpenSSL library versions. 2018-06-21 15:38:19 +00:00			`"curve_name" => "secp384r1",`
			`"private_key_type" => OPENSSL_KEYTYPE_EC,`
Make OpenSSL tests less dependent on system config It fixes dependencies on system config if running tests with OpenSSL 3.0 2021-09-12 19:30:02 +00:00			`"config" => $config,`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`);`
			`echo "Testing openssl_pkey_new\n";`
			`$key1 = openssl_pkey_new($args);`
			`var_dump($key1);`

			`$argsFailed = array(`
Make code in openssl ext tests more consistent Mainly use spaces for indent and fix some other CS issues. Also drop checks for unsupported OpenSSL library versions. 2018-06-21 15:38:19 +00:00			`"curve_name" => "invalid_cuve_name",`
			`"private_key_type" => OPENSSL_KEYTYPE_EC,`
Make OpenSSL tests less dependent on system config It fixes dependencies on system config if running tests with OpenSSL 3.0 2021-09-12 19:30:02 +00:00			`"config" => $config,`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`);`

			`$keyFailed = openssl_pkey_new($argsFailed);`
			`var_dump($keyFailed);`

			`$d1 = openssl_pkey_get_details($key1);`
			`var_dump($d1["bits"]);`
			`var_dump(strlen($d1["key"]));`
			`var_dump($d1["ec"]["curve_name"]);`
			`var_dump($d1["type"] == OPENSSL_KEYTYPE_EC);`

			`$key2 = openssl_pkey_new($d1);`
			`var_dump($key2);`

			`$d2 = openssl_pkey_get_details($key2);`
			`// Compare array`
			`var_dump($d1 === $d2);`

Test calculation of EC public key from private key 2021-08-09 10:01:35 +00:00			`// Check that the public key info is computed from the private key if it is missing.`
			`$d1_priv = $d1;`
			`unset($d1_priv["ec"]["x"]);`
			`unset($d1_priv["ec"]["y"]);`

			`$key3 = openssl_pkey_new($d1_priv);`
			`var_dump($key3);`
			`$d3 = openssl_pkey_get_details($key3);`
			`var_dump($d1 === $d3);`

Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`$dn = array(`
Make code in openssl ext tests more consistent Mainly use spaces for indent and fix some other CS issues. Also drop checks for unsupported OpenSSL library versions. 2018-06-21 15:38:19 +00:00			`"countryName" => "BR",`
			`"stateOrProvinceName" => "Rio Grande do Sul",`
			`"localityName" => "Porto Alegre",`
			`"commonName" => "Henrique do N. Angelo",`
			`"emailAddress" => "hnangelo@php.net"`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`);`

			`// openssl_csr_new creates a new public key pair if the key argument is null`
			`echo "Testing openssl_csr_new with key generation\n";`
			`$keyGenerate = null;`
			`var_dump($keyGenerate);`
			`$csr = openssl_csr_new($dn, $keyGenerate, $args);`

			`var_dump($keyGenerate);`

use sha256 in openssl test suite 2022-05-31 07:59:58 +00:00			`$args["digest_alg"] = "sha256";`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`echo "Testing openssl_csr_new with existing ecc key\n";`
			`$csr = openssl_csr_new($dn, $key1, $args);`
			`var_dump($csr);`

			`$pubkey1 = openssl_pkey_get_details(openssl_csr_get_public_key($csr));`
			`var_dump(isset($pubkey1["ec"]["priv_key"]));`
			`unset($d1["ec"]["priv_key"]);`
Improve openssl ext to generate EC keys with custom EC parameters This change extends supported parameter when generating EC keys. Specifically following parameters are now supported: p, a, b, order, generator, seed, cofactory, g_x, g_y, x, y and d. Those parameters can be passed to ec field in openssl_pkey_new options. It also fixes some issues openssl_pkey_get_details related to SM2 support. Closes GH-9991 2023-05-12 17:15:24 +00:00			`$diff = array_diff($d1["ec"], $pubkey1["ec"]);`
			`var_dump(isset($diff["d"]) && is_string($diff["d"]) && strlen($diff["d"]) > 0);`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00
			`$x509 = openssl_csr_sign($csr, null, $key1, 365, $args);`
			`var_dump($x509);`

			`echo "Testing openssl_x509_check_private_key\n";`
			`var_dump(openssl_x509_check_private_key($x509, $key1));`

			`$key3 = openssl_pkey_new($args);`
			`var_dump(openssl_x509_check_private_key($x509, $key3));`

			`echo "Testing openssl_get_curve_names\n";`
			`$curve_names = openssl_get_curve_names();`

			`var_dump(is_array($curve_names));`

			`foreach ($curve_names as $curve_name) {`
Make code in openssl ext tests more consistent Mainly use spaces for indent and fix some other CS issues. Also drop checks for unsupported OpenSSL library versions. 2018-06-21 15:38:19 +00:00			`if ("secp384r1" === $curve_name) {`
			`echo "Found secp384r1 in curve names\n";`
			`}`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`}`
			`?>`
			`--EXPECTF--`
			`Testing openssl_pkey_new`
Convert resources to objects in ext/openssl Closes GH-5860 Co-authored-by: Nikita Popov <nikita.ppv@gmail.com> 2020-08-01 20:42:26 +00:00			`object(OpenSSLAsymmetricKey)#1 (0) {`
			`}`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00
			`Warning: openssl_pkey_new(): Unknown elliptic curve (short) name invalid_cuve_name in %s on line %d`
			`bool(false)`
			`int(384)`
			`int(215)`
			`string(9) "secp384r1"`
			`bool(true)`
Convert resources to objects in ext/openssl Closes GH-5860 Co-authored-by: Nikita Popov <nikita.ppv@gmail.com> 2020-08-01 20:42:26 +00:00			`object(OpenSSLAsymmetricKey)#%d (0) {`
			`}`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`bool(true)`
Test calculation of EC public key from private key 2021-08-09 10:01:35 +00:00			`object(OpenSSLAsymmetricKey)#%d (0) {`
			`}`
			`bool(true)`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`Testing openssl_csr_new with key generation`
			`NULL`
Convert resources to objects in ext/openssl Closes GH-5860 Co-authored-by: Nikita Popov <nikita.ppv@gmail.com> 2020-08-01 20:42:26 +00:00			`object(OpenSSLAsymmetricKey)#%d (0) {`
			`}`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`Testing openssl_csr_new with existing ecc key`
Convert resources to objects in ext/openssl Closes GH-5860 Co-authored-by: Nikita Popov <nikita.ppv@gmail.com> 2020-08-01 20:42:26 +00:00			`object(OpenSSLCertificateSigningRequest)#%d (0) {`
			`}`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`bool(false)`
Improve openssl ext to generate EC keys with custom EC parameters This change extends supported parameter when generating EC keys. Specifically following parameters are now supported: p, a, b, order, generator, seed, cofactory, g_x, g_y, x, y and d. Those parameters can be passed to ec field in openssl_pkey_new options. It also fixes some issues openssl_pkey_get_details related to SM2 support. Closes GH-9991 2023-05-12 17:15:24 +00:00			`bool(true)`
Convert resources to objects in ext/openssl Closes GH-5860 Co-authored-by: Nikita Popov <nikita.ppv@gmail.com> 2020-08-01 20:42:26 +00:00			`object(OpenSSLCertificate)#%d (0) {`
			`}`
Adds initial support to generate and work with ECC public key pair New features: - openssl_get_curve_names => list ECC curve names - generate a ECC public key pair - generate an CSR with an ECC key - export x,y,d params of ECC public/private key Thanks to @bukka for the review and feedback 2016-06-15 20:31:42 +00:00			`Testing openssl_x509_check_private_key`
			`bool(true)`
			`bool(false)`
			`Testing openssl_get_curve_names`
			`bool(true)`
			`Found secp384r1 in curve names`