import zend openssl tests

2013-04-22 19:26:03 -07:00
commit 99310da27c
@@ -0,0 +1,59 @@
+<?php
+echo "Creating private key\n";
+
+/* stack up some entropy; performance is not critical,
+ * and being slow will most likely even help the test.
+ */
+for ($z = "", $i = 0; $i < 1024; $i++) {
+	$z .= $i * $i;
+	if (function_exists("usleep"))
+		usleep($i);
+}
+
+$privkey = openssl_pkey_new();
+
+if ($privkey === false)
+	die("failed to create private key");
+
+$passphrase = "banana";
+$key_file_name = tempnam("/tmp", "ssl");
+if ($key_file_name === false)
+	die("failed to get a temporary filename!");
+
+echo "Export key to file\n";
+
+openssl_pkey_export_to_file($privkey, $key_file_name, $passphrase) or die("failed to export to file $key_file_name");
+
+echo "Load key from file - array syntax\n";
+
+$loaded_key = openssl_pkey_get_private(array("file://$key_file_name", $passphrase));
+
+if ($loaded_key === false)
+	die("failed to load key using array syntax");
+
+openssl_pkey_free($loaded_key);
+
+echo "Load key using direct syntax\n";
+
+$loaded_key = openssl_pkey_get_private("file://$key_file_name", $passphrase);
+
+if ($loaded_key === false)
+	die("failed to load key using direct syntax");
+
+openssl_pkey_free($loaded_key);
+
+echo "Load key manually and use string syntax\n";
+
+$key_content = file_get_contents($key_file_name);
+$loaded_key = openssl_pkey_get_private($key_content, $passphrase);
+
+if ($loaded_key === false)
+	die("failed to load key using string syntax");
+
+openssl_pkey_free($loaded_key);
+
+echo "OK!\n";
+
+@unlink($key_file_name);
+
+?>
@@ -0,0 +1,6 @@
+Creating private key
+Export key to file
+Load key from file - array syntax
+Load key using direct syntax
+Load key manually and use string syntax
+OK!
@@ -0,0 +1,14 @@
+<?php
+
+$a = 1;
+$b = array(1);
+$c = array(1);
+$d = array(1);
+
+var_dump(openssl_seal($a, $b, $c, $d));
+var_dump(openssl_seal($a, $a, $a, array()));
+var_dump(openssl_seal($c, $c, $c, 1));
+var_dump(openssl_seal($b, $b, $b, ""));
+
+echo "Done\n";
+?>
@@ -0,0 +1,9 @@
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+NULL
+Done
@@ -0,0 +1,22 @@
+<?php
+
+function myErrorHandler($errno, $errstr, $errfile, $errline) {
+var_dump($errstr);
+} 
+set_error_handler("myErrorHandler"); 
+
+$a = 1; 
+$b = 1; 
+$c = new stdclass; 
+$d = new stdclass; 
+
+var_dump(openssl_pkcs7_decrypt($a, $b, $c, $d));
+var_dump($c);
+
+var_dump(openssl_pkcs7_decrypt($b, $b, $b, $b));
+var_dump(openssl_pkcs7_decrypt($a, $b, "", ""));
+var_dump(openssl_pkcs7_decrypt($a, $b, true, false));
+var_dump(openssl_pkcs7_decrypt($a, $b, 0, 0));
+
+echo "Done\n";
+?>
@@ -0,0 +1,15 @@
+string(57) "Object of class stdClass could not be converted to string"
+string(45) "Object of class stdClass to string conversion"
+string(66) "openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert"
+bool(false)
+object(stdClass)#1 (0) {
+}
+string(66) "openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert"
+bool(false)
+string(66) "openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert"
+bool(false)
+string(66) "openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert"
+bool(false)
+string(66) "openssl_pkcs7_decrypt(): unable to coerce parameter 3 to x509 cert"
+bool(false)
+Done
@@ -0,0 +1,16 @@
+<?php
+
+$a = 1;
+var_dump(openssl_csr_new(1,$a));
+var_dump(openssl_csr_new(1,$a,1,1));
+$a = array();
+var_dump(openssl_csr_new(array(), $a, array('config' => __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf'), array()));
+
+//this leaks
+$a = array(1,2);
+$b = array(1,2);
+var_dump(openssl_csr_new($a, $b, array('config' => __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf')));
+
+
+echo "Done\n";
+?>
@@ -0,0 +1,9 @@
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+HipHop Warning: %a
+bool(false)
+resource(%d) of type (OpenSSL X.509 CSR)
+Done
@@ -0,0 +1,12 @@
+<?php
+/* openssl_pkey_get_details() segfaults when getting the information
+	from openssl_pkey_new() with an empty sub-array arg 		*/
+
+$rsa = array("rsa" => array());
+$dsa = array("dsa" => array());
+$dh = array("dh" => array());
+
+openssl_pkey_get_details(openssl_pkey_new($rsa));
+openssl_pkey_get_details(openssl_pkey_new($dsa));
+openssl_pkey_get_details(openssl_pkey_new($dh));
+?>
@@ -0,0 +1,3 @@
+HipHop Warning: %a
+HipHop Warning: %a
+HipHop Warning: %a
@@ -0,0 +1,30 @@
+<?php
+$fp = fopen(dirname(__FILE__) . "/cert.crt","r");
+$a = fread($fp,8192);
+fclose($fp); 
+
+$b = "file://" . dirname(__FILE__) . "/cert.crt";
+$c = "invalid cert";
+$d = openssl_x509_read($a);
+$e = array();
+$f = array($b);
+
+var_dump($res = openssl_x509_read($a));         // read cert as a string
+openssl_x509_free($res);
+var_dump($res);
+var_dump($res = openssl_x509_read($b));         // read cert as a filename string
+openssl_x509_free($res);
+var_dump($res);
+var_dump($res = openssl_x509_read($c));         // read an invalid cert, fails
+openssl_x509_free($res);
+var_dump($res);
+var_dump($res = openssl_x509_read($d));         // read cert from a resource
+openssl_x509_free($res);
+var_dump($res);
+var_dump($res = openssl_x509_read($e));         // read an array
+openssl_x509_free($res);
+var_dump($res);
+var_dump($res = openssl_x509_read($f));         // read an array with the filename
+openssl_x509_free($res);
+var_dump($res);
+?>
@@ -0,0 +1,18 @@
+resource(%d) of type (OpenSSL X.509)
+resource(%d) of type (Unknown)
+resource(%d) of type (OpenSSL X.509)
+resource(%d) of type (Unknown)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+resource(%d) of type (OpenSSL X.509)
+resource(%d) of type (Unknown)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
@@ -0,0 +1,12 @@
+<?php
+$data = "openssl_open() test";
+$pub_key = "file://" . dirname(__FILE__) . "/public.key";
+$wrong = "wrong";
+
+openssl_seal($data, $sealed, $ekeys, array($pub_key));                  // no output
+openssl_seal($data, $sealed, $ekeys, array($pub_key, $pub_key));        // no output
+openssl_seal($data, $sealed, $ekeys, array($pub_key, $wrong));
+openssl_seal($data, $sealed, $ekeys, $pub_key);
+openssl_seal($data, $sealed, $ekeys, array());
+openssl_seal($data, $sealed, $ekeys, array($wrong));
+?>
@@ -0,0 +1,4 @@
+HipHop Warning: %a
+HipHop Warning: %a
+HipHop Warning: %a
+HipHop Warning: %a
@@ -0,0 +1,20 @@
+<?php
+$data = "Testing openssl_public_decrypt()";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$pubkey = "file://" . dirname(__FILE__) . "/public.key";
+$wrong = "wrong";
+
+openssl_private_encrypt($data, $encrypted, $privkey);
+var_dump(openssl_public_decrypt($encrypted, $output, $pubkey));
+var_dump($output);
+var_dump(openssl_public_decrypt($encrypted, $output2, $wrong));
+var_dump($output2);
+var_dump(openssl_public_decrypt($wrong, $output3, $pubkey));
+var_dump($output3);
+var_dump(openssl_public_decrypt($encrypted, $output4, array()));
+var_dump($output4);
+var_dump(openssl_public_decrypt($encrypted, $output5, array($pubkey)));
+var_dump($output5);
+var_dump(openssl_public_decrypt($encrypted, $output6, array($pubkey, "")));
+var_dump($output6);
+?>
@@ -0,0 +1,17 @@
+bool(true)
+string(32) "Testing openssl_public_decrypt()"
+HipHop Warning: %a
+bool(false)
+NULL
+bool(false)
+NULL
+HipHop Warning: %a
+HipHop Warning: %a
+bool(false)
+NULL
+HipHop Warning: %a
+HipHop Warning: %a
+bool(false)
+NULL
+bool(true)
+string(32) "Testing openssl_public_decrypt()"
@@ -0,0 +1,18 @@
+<?php
+$data = "Testing openssl_public_decrypt()";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$pubkey = "file://" . dirname(__FILE__) . "/public.key";
+$wrong = "wrong";
+
+openssl_public_encrypt($data, $encrypted, $pubkey);
+var_dump(openssl_private_decrypt($encrypted, $output, $privkey));
+var_dump($output);
+var_dump(openssl_private_decrypt($encrypted, $output2, $wrong));
+var_dump($output2);
+var_dump(openssl_private_decrypt($wrong, $output3, $privkey));
+var_dump($output3);
+var_dump(openssl_private_decrypt($encrypted, $output4, array($privkey)));
+var_dump($output4);
+var_dump(openssl_private_decrypt($encrypted, $output5, array($privkey, "")));
+var_dump($output5);
+?>
@@ -0,0 +1,13 @@
+bool(true)
+string(32) "Testing openssl_public_decrypt()"
+HipHop Warning: %a
+bool(false)
+NULL
+bool(false)
+NULL
+HipHop Warning: %a
+HipHop Warning: %a
+bool(false)
+NULL
+bool(true)
+string(32) "Testing openssl_public_decrypt()"
@@ -0,0 +1,9 @@
+<?php
+$data = "Testing openssl_sign()";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$wrong = "wrong";
+
+var_dump(openssl_sign($data, $sign, $privkey));                 // no output
+var_dump(openssl_sign($data, $sign, $wrong));
+var_dump(openssl_sign(array(), $sign, $privkey));
+?>
@@ -0,0 +1,5 @@
+bool(true)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+NULL
@@ -0,0 +1,40 @@
+<?php
+$cert = "file://" . dirname(__FILE__) . "/cert.crt";
+$priv = "file://" . dirname(__FILE__) . "/private.key";
+$wrong = "wrong";
+$pub = "file://" . dirname(__FILE__) . "/public.key";
+$config = __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf';
+$config_arg = array('config' => $config);
+
+$dn = array(
+	"countryName" => "BR",
+	"stateOrProvinceName" => "Rio Grande do Sul",
+	"localityName" => "Porto Alegre",
+	"commonName" => "Henrique do N. Angelo",
+	"emailAddress" => "hnangelo@php.net"
+	);
+
+$args = array(
+	"digest_alg" => "sha1",
+	"private_key_bits" => 2048,
+	"private_key_type" => OPENSSL_KEYTYPE_DSA,
+	"encrypt_key" => true,
+	"config" => $config
+	);
+
+$privkey = openssl_pkey_new($config_arg);
+$csr = openssl_csr_new($dn, $privkey, $args);
+var_dump(openssl_csr_sign($csr, null, $privkey, 365, $args));
+var_dump(openssl_csr_sign($csr, null, $privkey, 365, $config_arg));
+var_dump(openssl_csr_sign($csr, $cert, $priv, 365, $config_arg));
+var_dump(openssl_csr_sign($csr, $wrong, $privkey, 365));
+var_dump(openssl_csr_sign($csr, null, $wrong, 365));
+var_dump(openssl_csr_sign($csr, null, $privkey, $wrong));
+var_dump(openssl_csr_sign($csr, null, $privkey, 365, $wrong));
+var_dump(openssl_csr_sign($wrong, null, $privkey, 365));
+var_dump(openssl_csr_sign(array(), null, $privkey, 365));
+var_dump(openssl_csr_sign($csr, array(), $privkey, 365));
+var_dump(openssl_csr_sign($csr, null, array(), 365));
+var_dump(openssl_csr_sign($csr, null, $privkey, array()));
+var_dump(openssl_csr_sign($csr, null, $privkey, 365, $config_arg));
+?>
@@ -0,0 +1,23 @@
+resource(%d) of type (OpenSSL X.509)
+resource(%d) of type (OpenSSL X.509)
+resource(%d) of type (OpenSSL X.509)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+NULL
+resource(%d) of type (OpenSSL X.509)
@@ -0,0 +1,29 @@
+<?php
+$wrong = "wrong";
+$config = __DIR__ . DIRECTORY_SEPARATOR . 'openssl.cnf';
+$config_arg = array('config' => $config);
+
+$dn = array(
+	"countryName" => "BR",
+	"stateOrProvinceName" => "Rio Grande do Sul",
+	"localityName" => "Porto Alegre",
+	"commonName" => "Henrique do N. Angelo",
+	"emailAddress" => "hnangelo@php.net"
+	);
+
+$args = array(
+	"digest_alg" => "sha1",
+	"private_key_bits" => 2048,
+	"private_key_type" => OPENSSL_KEYTYPE_DSA,
+	"encrypt_key" => true,
+	"config" => $config,
+	);
+
+$privkey = openssl_pkey_new($config_arg);
+$csr = openssl_csr_new($dn, $privkey, $args);
+var_dump(openssl_csr_export($csr, $output));
+var_dump(openssl_csr_export($wrong, $output));
+var_dump(openssl_csr_export($privkey, $output));
+var_dump(openssl_csr_export(array(), $output));
+var_dump(openssl_csr_export($csr, $output, false));
+?>
@@ -0,0 +1,9 @@
+bool(true)
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+NULL
+bool(true)
@@ -0,0 +1,40 @@
+<?php
+$infile = dirname(__FILE__) . "/cert.crt";
+$outfile = tempnam("/tmp", "ssl");
+if ($outfile === false)
+	die("failed to get a temporary filename!");
+$outfile2 = tempnam("/tmp", "ssl");
+if ($outfile2 === false)
+	die("failed to get a temporary filename!");
+
+$single_cert = "file://" . dirname(__FILE__) . "/cert.crt";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$multi_certs = array($single_cert, $single_cert);
+$assoc_headers = array("To" => "test@test", "Subject" => "testing openssl_pkcs7_encrypt()");
+$headers = array("test@test", "testing openssl_pkcs7_encrypt()");
+$empty_headers = array();
+$wrong = "wrong";
+$empty = "";
+
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $headers));
+var_dump(openssl_pkcs7_decrypt($outfile, $outfile2, $single_cert, $privkey));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $assoc_headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $empty_headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $wrong));
+var_dump(openssl_pkcs7_encrypt($wrong, $outfile, $single_cert, $headers));
+var_dump(openssl_pkcs7_encrypt($empty, $outfile, $single_cert, $headers));
+var_dump(openssl_pkcs7_encrypt($infile, $empty, $single_cert, $headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $wrong, $headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $empty, $headers));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $single_cert, $empty));
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $multi_certs, $headers));
+
+if (file_exists($outfile)) {
+	echo "true\n";
+	unlink($outfile);
+}
+if (file_exists($outfile2)) {
+	echo "true\n";
+	unlink($outfile2);
+}
+?>
@@ -0,0 +1,16 @@
+bool(true)
+bool(true)
+bool(true)
+bool(true)
+HipHop Warning: %a
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+HipHop Warning: %a
+bool(false)
+bool(true)
+true
+true
@@ -0,0 +1,37 @@
+<?php
+$infile = dirname(__FILE__) . "/cert.crt";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$encrypted = tempnam("/tmp", "ssl");
+if ($encrypted === false)
+	die("failed to get a temporary filename!");
+$outfile = tempnam("/tmp", "ssl");
+if ($outfile === false) {
+	unlink($outfile);
+	die("failed to get a temporary filename!");
+}
+
+$single_cert = "file://" . dirname(__FILE__) . "/cert.crt";
+$headers = array("test@test", "testing openssl_pkcs7_encrypt()");
+$wrong = "wrong";
+$empty = "";
+
+openssl_pkcs7_encrypt($infile, $encrypted, $single_cert, $headers);
+var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $single_cert, $privkey));
+var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $single_cert, $wrong));
+var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $wrong, $privkey));
+var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, null, $privkey));
+var_dump(openssl_pkcs7_decrypt($wrong, $outfile, $single_cert, $privkey));
+var_dump(openssl_pkcs7_decrypt($empty, $outfile, $single_cert, $privkey));
+var_dump(openssl_pkcs7_decrypt($encrypted, $empty, $single_cert, $privkey));
+var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $empty, $privkey));
+var_dump(openssl_pkcs7_decrypt($encrypted, $outfile, $single_cert, $empty));
+
+if (file_exists($encrypted)) {
+	echo "true\n";
+	unlink($encrypted);
+}
+if (file_exists($outfile)) {
+	echo "true\n";
+	unlink($outfile);
+}
+?>
@@ -0,0 +1,16 @@
+bool(true)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+bool(false)
+bool(false)
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+true
+true
@@ -0,0 +1,31 @@
+<?php
+$infile = dirname(__FILE__) . "/cert.crt";
+$outfile = tempnam("/tmp", "ssl");
+if ($outfile === false)
+	die("failed to get a temporary filename!");
+
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$single_cert = "file://" . dirname(__FILE__) . "/cert.crt";
+$assoc_headers = array("To" => "test@test", "Subject" => "testing openssl_pkcs7_sign()");
+$headers = array("test@test", "testing openssl_pkcs7_sign()");
+$empty_headers = array();
+$wrong = "wrong";
+$empty = "";
+
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $assoc_headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $empty_headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $wrong));
+var_dump(openssl_pkcs7_sign($wrong, $outfile, $single_cert, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($empty, $outfile, $single_cert, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $empty, $single_cert, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $wrong, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $empty, $privkey, $headers));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $privkey, $empty));
+var_dump(openssl_pkcs7_sign($infile, $outfile, $single_cert, $wrong, $headers));
+
+if (file_exists($outfile)) {
+	echo "true\n";
+	unlink($outfile);
+}
+?>
@@ -0,0 +1,20 @@
+bool(true)
+bool(true)
+bool(true)
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+bool(false)
+true
@@ -0,0 +1,10 @@
+<?php
+$cert = file_get_contents(dirname(__FILE__) . "/bug28382cert.txt");
+$ext = openssl_x509_parse($cert);
+var_dump($ext['extensions']);
+/* openssl 1.0 prepends the string "Full Name:" to the crlDistributionPoints array key.
+	For now, as this is the one difference only between 0.9.x and 1.x, it's handled with
+	placeholders to not to duplicate the test. When more diffs come, a duplication would
+	be probably a better solution.
+*/
+?>
@@ -0,0 +1,27 @@
+array(11) {
+  ["basicConstraints"]=>
+  string(8) "CA:FALSE"
+  ["nsComment"]=>
+  string(38) "For Grid use only; request tag userTag"
+  ["nsCertType"]=>
+  string(30) "SSL Client, SSL Server, S/MIME"
+  ["crlDistributionPoints"]=>
+  string(%d) "%AURI:http://mobile.blue-software.ro:90/ca/crl.shtml
+"
+  ["nsCaPolicyUrl"]=>
+  string(38) "http://mobile.blue-software.ro:90/pub/"
+  ["subjectAltName"]=>
+  string(28) "email:sergiu@bluesoftware.ro"
+  ["subjectKeyIdentifier"]=>
+  string(59) "B0:A7:FF:F9:41:15:DE:23:39:BD:DD:31:0F:97:A0:B2:A2:74:E0:FC"
+  ["authorityKeyIdentifier"]=>
+  string(115) "DirName:/C=RO/ST=Romania/L=Craiova/O=Sergiu/OU=Sergiu SRL/CN=Sergiu CA/emailAddress=n_sergiu@hotmail.com
+serial:00
+"
+  ["keyUsage"]=>
+  string(71) "Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment"
+  ["nsBaseUrl"]=>
+  string(20) "http://62.231.98.52/"
+  ["1.2.3.4"]=>
+  string(4) "%s"
+}
@@ -0,0 +1,24 @@
+<?php
+$pub_key_id = false; 
+$signature = '';
+$ok = openssl_verify("foo", $signature, $pub_key_id, OPENSSL_ALGO_MD5);
+
+class test {
+	function __toString() {
+		return "test object";
+	}
+}
+$t = new test;
+
+
+var_dump(openssl_verify("foo", $signature, $pub_key_id, OPENSSL_ALGO_MD5));
+var_dump(openssl_verify("foo", $t, $pub_key_id, OPENSSL_ALGO_MD5));
+var_dump(openssl_verify("foo", new stdClass, $pub_key_id, OPENSSL_ALGO_MD5));
+var_dump(openssl_verify("foo", new stdClass, array(), OPENSSL_ALGO_MD5));
+var_dump(openssl_verify("foo", array(), array(), OPENSSL_ALGO_MD5));
+var_dump(openssl_verify());
+var_dump(openssl_verify(new stdClass, new stdClass, array(), 10000));
+
+echo "Done\n";
+
+?>
@@ -0,0 +1,16 @@
+HipHop Warning: %a
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+NULL
+Done
@@ -0,0 +1,17 @@
+<?php
+$cert = false;
+class test {
+	function __toString() {
+		return "test object";
+	}
+}
+$t = new test;
+
+var_dump(openssl_x509_parse("foo"));
+var_dump(openssl_x509_parse($t));
+var_dump(openssl_x509_parse(array()));
+var_dump(openssl_x509_parse());
+var_dump(openssl_x509_parse($cert));
+var_dump(openssl_x509_parse(new stdClass));
+
+?>
@@ -0,0 +1,8 @@
+bool(false)
+bool(false)
+bool(false)
+HipHop Warning: %a
+NULL
+bool(false)
+
+Catchable fatal error: Object of class stdClass could not be converted to string in %sbug38261.php on line %d
@@ -0,0 +1,16 @@
+<?php
+$prv = 'file://' . dirname(__FILE__) . '/' . 'bug41033.pem';
+$pub = 'file://' . dirname(__FILE__) . '/' . 'bug41033pub.pem';
+
+
+$prkeyid = openssl_get_privatekey($prv, "1234");
+$ct = "Hello I am some text!";
+openssl_sign($ct, $signature, $prkeyid, OPENSSL_ALGO_DSS1);
+echo "Signature: ".base64_encode($signature) . "\n";
+
+$pukeyid = openssl_get_publickey($pub);
+$valid = openssl_verify($ct, $signature, $pukeyid, OPENSSL_ALGO_DSS1);
+echo "Signature validity: " . $valid . "\n";
+
+
+?>
@@ -0,0 +1,2 @@
+Signature: %s
+Signature validity: 1
@@ -0,0 +1,46 @@
+<?php
+
+function ssl_server($port) {
+	$pem = dirname(__FILE__) . '/bug46127.pem';
+	$ssl = array(
+			'verify_peer' => false,
+			'allow_self_signed' => true,
+			'local_cert' => $pem,
+			//		'passphrase' => '',
+		    );
+	$context = stream_context_create(array('ssl' => $ssl));
+	$sock = stream_socket_server('ssl://127.0.0.1:'.$port, $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $context);
+	if (!$sock) return false;
+
+	$link = stream_socket_accept($sock);
+	if (!$link) return false; // bad link?
+
+	fputs($link, "Sending bug 46127\n");
+
+	// close stuff
+	fclose($link);
+	fclose($sock);
+
+	exit;
+}
+
+echo "Running bug46127\n";
+
+$port = rand(15000, 32000);
+
+$pid = pcntl_fork();
+if ($pid == 0) { // child
+	ssl_server($port);
+	exit;
+}
+
+// client or failed
+sleep(1);
+$sock = fsockopen('ssl://127.0.0.1', $port, $errno, $errstr);
+if (!$sock) exit;
+
+echo fgets($sock);
+
+pcntl_waitpid($pid, $status);
+
+?>
@@ -0,0 +1,2 @@
+Running bug46127
+Sending bug 46127
@@ -0,0 +1,79 @@
+<?php
+
+function ssl_server($port) {
+	$host = 'ssl://127.0.0.1'.':'.$port;
+	$flags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
+	$data = "Sending bug48182\n";
+
+	$pem = dirname(__FILE__) . '/bug46127.pem';
+	$ssl_params = array( 'verify_peer' => false, 'allow_self_signed' => true, 'local_cert' => $pem);
+	$ssl = array('ssl' => $ssl_params);
+
+	$context = stream_context_create($ssl);
+	$sock = stream_socket_server($host, $errno, $errstr, $flags, $context);
+	if (!$sock) return false;
+
+	$link = stream_socket_accept($sock);
+	if (!$link) return false; // bad link?
+
+	$r = array($link);
+	$w = array();
+	$e = array();
+	if (stream_select($r, $w, $e, 1, 0) != 0)
+		$data .= fread($link, 8192);
+
+	$r = array();
+	$w = array($link);
+	if (stream_select($r, $w, $e, 1, 0) != 0)
+		$wrote = fwrite($link, $data, strlen($data));
+
+	// close stuff
+	fclose($link);
+	fclose($sock);
+
+	exit;
+}
+
+function ssl_async_client($port) {
+	$host = 'ssl://127.0.0.1'.':'.$port;
+	$flags = STREAM_CLIENT_CONNECT | STREAM_CLIENT_ASYNC_CONNECT;
+	$data = "Sending data over to SSL server in async mode with contents like Hello World\n";
+
+	$socket = stream_socket_client($host, $errno, $errstr, 10, $flags);
+	stream_set_blocking($socket, 0);
+
+	while ($socket && $data) {
+		$wrote = fwrite($socket, $data, strlen($data));
+		$data = substr($data, $wrote);
+	}
+
+	$r = array($socket);
+	$w = array();
+	$e = array();
+	if (stream_select($r, $w, $e, 1, 0) != 0) 
+	{
+		$data .= fread($socket, 1024);
+	}
+
+	echo "$data";
+
+	fclose($socket);
+}
+
+echo "Running bug48182\n";
+
+$port = rand(15000, 32000);
+
+$pid = pcntl_fork();
+if ($pid == 0) { // child
+	ssl_server($port);
+	exit;
+}
+
+// client or failed
+sleep(1);
+ssl_async_client($port);
+
+pcntl_waitpid($pid, $status);
+
+?>
@@ -0,0 +1,3 @@
+Running bug48182
+Sending bug48182
+Sending data over to SSL server in async mode with contents like Hello World
@@ -0,0 +1,28 @@
+<?php
+$context = stream_context_create();
+
+stream_context_set_option($context, 'ssl', 'local_cert', __DIR__ . "/bug54992.pem");
+stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
+$server = stream_socket_server('ssl://127.0.0.1:64321', $errno, $errstr,
+	STREAM_SERVER_BIND|STREAM_SERVER_LISTEN, $context);
+
+
+$pid = pcntl_fork();
+if ($pid == -1) {
+	die('could not fork');
+} else if ($pid) {
+	$contextC = stream_context_create(
+		array(
+			'ssl' => array(
+				'verify_peer'		=> true,
+				'cafile'		=> __DIR__ . '/bug54992-ca.pem',
+				'CN_match'		=> 'buga_buga',
+			)
+		)
+	);
+	var_dump(stream_socket_client("ssl://127.0.0.1:64321", $errno, $errstr, 1,
+		STREAM_CLIENT_CONNECT, $contextC));
+} else {	
+	@pcntl_wait($status);
+	@stream_socket_accept($server, 1);
+}
@@ -0,0 +1,4 @@
+HipHop Warning: %a
+HipHop Warning: %a
+HipHop Warning: %a
+bool(false)
@@ -0,0 +1,26 @@
+<?php
+function stringAsHex($string){$unpacked = unpack("H*", $string);return implode(" ", str_split($unpacked[1],2));}
+
+$config = array("digest_alg" => "sha1","x509_extensions" => "v3_ca","req_extensions" => "v3_req","private_key_bits" => 2048,"private_key_type" => OPENSSL_KEYTYPE_RSA,"encrypt_key" => false,);
+$csr_info = array(
+  "countryName" => "US",
+  "stateOrProvinceName" => "Utah",
+  "localityName" => "Lindon",
+  "organizationName" => "Chinese",
+  "organizationalUnitName" => "IT \xe4\xba\x92",
+  "commonName" => "www.example.com",);
+$private = openssl_pkey_new($config);
+while (openssl_error_string()) {}
+$csr_res = openssl_csr_new($csr_info, $private,
+	['config' => __DIR__."/openssl.cnf"]);
+if (!$csr_res) {
+	while ($e = openssl_error_string()) { $err = $e; }
+	die("Failed; last error: $err");
+}
+openssl_csr_export($csr_res, $csr);
+$output = openssl_csr_get_subject($csr);
+
+echo "A: ".$csr_info["organizationalUnitName"]."\n";
+echo "B: ".stringAsHex($csr_info["organizationalUnitName"])."\n";
+echo "C: ".$output['OU']."\n";
+echo "D: ".stringAsHex($output['OU'])."\n";
@@ -0,0 +1,4 @@
+A: IT 互
+B: 49 54 20 e4 ba 92
+C: IT 互
+D: 49 54 20 e4 ba 92
@@ -0,0 +1,20 @@
+<?php
+$data = "openssl_decrypt() tests";
+$method = "AES-128-CBC";
+$password = "openssl";
+$wrong = "wrong";
+$iv = str_repeat("\0", openssl_cipher_iv_length($method));
+
+$encrypted = openssl_encrypt($data, $method, $password);
+var_dump($encrypted); /* Not passing $iv should be the same as all-NULL iv, but with a warning */
+var_dump(openssl_encrypt($data, $method, $password, 0, $iv)); 
+var_dump(openssl_decrypt($encrypted, $method, $wrong));
+var_dump(openssl_decrypt($encrypted, $wrong, $password));
+var_dump(openssl_decrypt($wrong, $method, $password));
+var_dump(openssl_decrypt($wrong, $wrong, $password));
+var_dump(openssl_decrypt($encrypted, $wrong, $wrong));
+var_dump(openssl_decrypt($wrong, $wrong, $wrong));
+var_dump(openssl_decrypt(array(), $method, $password));
+var_dump(openssl_decrypt($encrypted, array(), $password));
+var_dump(openssl_decrypt($encrypted, $method, array()));
+?>
@@ -0,0 +1,19 @@
+HipHop Warning: %a
+string(44) "yof6cPPH4mLee6TOc0YQSrh4dvywMqxGUyjp0lV6+aM="
+string(44) "yof6cPPH4mLee6TOc0YQSrh4dvywMqxGUyjp0lV6+aM="
+bool(false)
+HipHop Warning: %a
+bool(false)
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+NULL
@@ -0,0 +1,16 @@
+<?php
+$data = "openssl_encrypt() tests";
+$method = "AES-128-CBC";
+$password = "openssl";
+$wrong = "wrong";
+$object = new stdclass;
+$arr = array(1);
+
+var_dump(openssl_encrypt($data, $wrong, $password));
+var_dump(openssl_encrypt($object, $method, $password));
+var_dump(openssl_encrypt($data, $object, $password));
+var_dump(openssl_encrypt($data, $method, $object));
+var_dump(openssl_encrypt($arr, $method, $object));
+var_dump(openssl_encrypt($data, $arr, $object));
+var_dump(openssl_encrypt($data, $method, $arr));
+?>
@@ -0,0 +1,14 @@
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+NULL
+HipHop Warning: %a
+NULL
@@ -0,0 +1,6 @@
+<?php
+for ($i = 0; $i < 10; $i++) {
+	var_dump(bin2hex(openssl_random_pseudo_bytes($i, $strong)));
+}
+
+?>
@@ -0,0 +1,10 @@
+string(0) ""
+string(2) "%s"
+string(4) "%s"
+string(6) "%s"
+string(8) "%s"
+string(10) "%s"
+string(12) "%s"
+string(14) "%s"
+string(16) "%s"
+string(18) "%s"
@@ -0,0 +1,6 @@
+<?php
+$cert = "file://" . dirname(__FILE__) . "/cert.crt";
+
+var_dump(openssl_x509_parse($cert));
+var_dump(openssl_x509_parse($cert, false));
+?>
@@ -0,0 +1,262 @@
+array(12) {
+  ["name"]=>
+  string(96) "/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net"
+  ["subject"]=>
+  array(5) {
+    ["C"]=>
+    string(2) "BR"
+    ["ST"]=>
+    string(17) "Rio Grande do Sul"
+    ["L"]=>
+    string(12) "Porto Alegre"
+    ["CN"]=>
+    string(21) "Henrique do N. Angelo"
+    ["emailAddress"]=>
+    string(16) "hnangelo@php.net"
+  }
+  ["hash"]=>
+  string(8) "%s"
+  ["issuer"]=>
+  array(5) {
+    ["C"]=>
+    string(2) "BR"
+    ["ST"]=>
+    string(17) "Rio Grande do Sul"
+    ["L"]=>
+    string(12) "Porto Alegre"
+    ["CN"]=>
+    string(21) "Henrique do N. Angelo"
+    ["emailAddress"]=>
+    string(16) "hnangelo@php.net"
+  }
+  ["version"]=>
+  int(2)
+  ["serialNumber"]=>
+  string(20) "12593567369101004962"
+  ["validFrom"]=>
+  string(13) "080630102843Z"
+  ["validTo"]=>
+  string(13) "080730102843Z"
+  ["validFrom_time_t"]=>
+  int(1214821723)
+  ["validTo_time_t"]=>
+  int(1217413723)
+  ["purposes"]=>
+  array(8) {
+    [1]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(9) "sslclient"
+    }
+    [2]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(9) "sslserver"
+    }
+    [3]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(11) "nssslserver"
+    }
+    [4]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(9) "smimesign"
+    }
+    [5]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(12) "smimeencrypt"
+    }
+    [6]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(7) "crlsign"
+    }
+    [7]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(3) "any"
+    }
+    [8]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(10) "ocsphelper"
+    }
+  }
+  ["extensions"]=>
+  array(3) {
+    ["subjectKeyIdentifier"]=>
+    string(59) "DB:7E:40:72:BD:5C:35:85:EC:29:29:81:12:E8:62:68:6A:B7:3F:7D"
+    ["authorityKeyIdentifier"]=>
+    string(202) "keyid:DB:7E:40:72:BD:5C:35:85:EC:29:29:81:12:E8:62:68:6A:B7:3F:7D
+DirName:/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net
+serial:AE:C5:56:CC:72:37:50:A2
+"
+    ["basicConstraints"]=>
+    string(7) "CA:TRUE"
+  }
+}
+array(12) {
+  ["name"]=>
+  string(96) "/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net"
+  ["subject"]=>
+  array(5) {
+    ["countryName"]=>
+    string(2) "BR"
+    ["stateOrProvinceName"]=>
+    string(17) "Rio Grande do Sul"
+    ["localityName"]=>
+    string(12) "Porto Alegre"
+    ["commonName"]=>
+    string(21) "Henrique do N. Angelo"
+    ["emailAddress"]=>
+    string(16) "hnangelo@php.net"
+  }
+  ["hash"]=>
+  string(8) "%s"
+  ["issuer"]=>
+  array(5) {
+    ["countryName"]=>
+    string(2) "BR"
+    ["stateOrProvinceName"]=>
+    string(17) "Rio Grande do Sul"
+    ["localityName"]=>
+    string(12) "Porto Alegre"
+    ["commonName"]=>
+    string(21) "Henrique do N. Angelo"
+    ["emailAddress"]=>
+    string(16) "hnangelo@php.net"
+  }
+  ["version"]=>
+  int(2)
+  ["serialNumber"]=>
+  string(20) "12593567369101004962"
+  ["validFrom"]=>
+  string(13) "080630102843Z"
+  ["validTo"]=>
+  string(13) "080730102843Z"
+  ["validFrom_time_t"]=>
+  int(1214821723)
+  ["validTo_time_t"]=>
+  int(1217413723)
+  ["purposes"]=>
+  array(8) {
+    [1]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(10) "SSL client"
+    }
+    [2]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(10) "SSL server"
+    }
+    [3]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(19) "Netscape SSL server"
+    }
+    [4]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(14) "S/MIME signing"
+    }
+    [5]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(17) "S/MIME encryption"
+    }
+    [6]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(11) "CRL signing"
+    }
+    [7]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(11) "Any Purpose"
+    }
+    [8]=>
+    array(3) {
+      [0]=>
+      bool(true)
+      [1]=>
+      bool(true)
+      [2]=>
+      string(11) "OCSP helper"
+    }
+  }
+  ["extensions"]=>
+  array(3) {
+    ["subjectKeyIdentifier"]=>
+    string(59) "DB:7E:40:72:BD:5C:35:85:EC:29:29:81:12:E8:62:68:6A:B7:3F:7D"
+    ["authorityKeyIdentifier"]=>
+    string(202) "keyid:DB:7E:40:72:BD:5C:35:85:EC:29:29:81:12:E8:62:68:6A:B7:3F:7D
+DirName:/C=BR/ST=Rio Grande do Sul/L=Porto Alegre/CN=Henrique do N. Angelo/emailAddress=hnangelo@php.net
+serial:AE:C5:56:CC:72:37:50:A2
+"
+    ["basicConstraints"]=>
+    string(7) "CA:TRUE"
+  }
+}
@@ -0,0 +1,141 @@
+<?php
+/* Server Name Indication (SNI) tests
+ * 
+ * This test relies on https://sni.velox.ch/ and thus is disabled by default.
+ *
+ * sni.velox.ch uses 3 certificates :
+ * - CN=alice.sni.velox.ch (sent in response to server_name = alice.sni.velox.ch or not set)
+ * - CN=bob.sni.velox.ch (sent in response to server_name = bob.sni.velox.ch)
+ * - CN=*.sni.velox.ch (sent in response to server_name = mallory.sni.velox.ch or *.sni.velox.ch or sni.velox.ch)
+ *
+ * The test sends requests to the server, sending different names, and checks which certificate
+ * the server returned.
+ */
+
+function context() {
+	return stream_context_create(array(
+		'ssl' => array(
+			'capture_peer_cert' => true,
+		),
+	));
+}
+
+function get_CN($context) {
+
+	$ary = stream_context_get_options($context);
+	assert($ary);
+
+	$cert = $ary['ssl']['peer_certificate'];
+	assert($cert);
+
+	$cert_ary = openssl_x509_parse($cert);
+	return $cert_ary['subject']['CN'];
+}
+
+function do_http_test($url, $context) {
+
+	$fh = fopen($url, 'r', false, $context);
+	assert($fh);
+
+	var_dump(get_CN($context));
+}
+
+function do_ssl_test($url, $context) {
+
+	$fh = stream_socket_client($url, $errno, $errstr, 
+			ini_get("default_socket_timeout"), STREAM_CLIENT_CONNECT, $context);
+	assert($fh);
+
+	var_dump(get_CN($context));
+}
+
+function do_enable_crypto_test($url, $context) {
+
+	$fh = stream_socket_client($url, $errno, $errstr,
+		ini_get("default_socket_timeout"), STREAM_CLIENT_CONNECT, $context);
+	assert($fh);
+
+	$r = stream_socket_enable_crypto($fh, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);
+	assert($r);
+
+	var_dump(get_CN($context));
+}
+
+/* Test https:// streams */
+
+echo "-- auto host name (1) --\n";
+do_http_test('https://alice.sni.velox.ch/', context());
+
+echo "-- auto host name (2) --\n";
+do_http_test('https://bob.sni.velox.ch/', context());
+
+echo "-- auto host name (3) --\n";
+do_http_test('https://bob.sni.velox.ch./', context());
+
+echo "-- user supplied server name --\n";
+
+$context = context();
+stream_context_set_option($context, 'ssl', 'SNI_server_name', 'bob.sni.velox.ch');
+stream_context_set_option($context, 'http', 'header', b'Host: bob.sni.velox.ch');
+do_http_test('https://alice.sni.velox.ch/', $context);
+
+echo "-- sni disabled --\n";
+
+$context = context();
+stream_context_set_option($context, 'ssl', 'SNI_enabled', false);
+do_http_test('https://bob.sni.velox.ch/', $context);
+
+/* Test ssl:// socket streams */
+
+echo "-- raw SSL stream (1) --\n";
+do_ssl_test('ssl://bob.sni.velox.ch:443', context());
+
+echo "-- raw SSL stream (2) --\n";
+do_ssl_test('ssl://mallory.sni.velox.ch:443', context());
+
+echo "-- raw SSL stream with user supplied sni --\n";
+
+$context = context();
+stream_context_set_option($context, 'ssl', 'SNI_server_name', 'bob.sni.velox.ch');
+
+do_ssl_test('ssl://mallory.sni.velox.ch:443', $context);
+
+echo "-- raw SSL stream with sni disabled --\n";
+
+$context = context();
+stream_context_set_option($context, 'ssl', 'SNI_enabled', false);
+
+do_ssl_test('ssl://mallory.sni.velox.ch:443', $context);
+
+/* Test tcp:// socket streams with SSL enabled */
+
+echo "-- stream_socket_enable_crypto (1) --\n";
+
+do_enable_crypto_test('tcp://bob.sni.velox.ch:443', context());
+
+echo "-- stream_socket_enable_crypto (2) --\n";
+
+do_enable_crypto_test('tcp://mallory.sni.velox.ch:443', context());
+
+echo "-- stream_socket_enable_crypto with user supplied sni --\n";
+
+$context = context();
+stream_context_set_option($context, 'ssl', 'SNI_server_name', 'bob.sni.velox.ch');
+
+do_enable_crypto_test('tcp://mallory.sni.velox.ch:443', $context);
+
+echo "-- stream_socket_enable_crypto with sni disabled --\n";
+
+$context = context();
+stream_context_set_option($context, 'ssl', 'SNI_enabled', false);
+
+do_enable_crypto_test('tcp://mallory.sni.velox.ch:443', $context);
+
+echo "-- stream_socket_enable_crypto with long name --\n";
+
+$context = context();
+stream_context_set_option($context, 'ssl', 'SNI_server_name', str_repeat('a.', 500) . '.sni.velox.ch');
+
+do_enable_crypto_test('tcp://mallory.sni.velox.ch:443', $context);
+
+?>
@@ -0,0 +1,28 @@
+-- auto host name (1) --
+%unicode|string%(18) "alice.sni.velox.ch"
+-- auto host name (2) --
+%unicode|string%(16) "bob.sni.velox.ch"
+-- auto host name (3) --
+%unicode|string%(16) "bob.sni.velox.ch"
+-- user supplied server name --
+%unicode|string%(16) "bob.sni.velox.ch"
+-- sni disabled --
+%unicode|string%(18) "alice.sni.velox.ch"
+-- raw SSL stream (1) --
+%unicode|string%(16) "bob.sni.velox.ch"
+-- raw SSL stream (2) --
+%unicode|string%(14) "*.sni.velox.ch"
+-- raw SSL stream with user supplied sni --
+%unicode|string%(16) "bob.sni.velox.ch"
+-- raw SSL stream with sni disabled --
+%unicode|string%(18) "alice.sni.velox.ch"
+-- stream_socket_enable_crypto (1) --
+%unicode|string%(16) "bob.sni.velox.ch"
+-- stream_socket_enable_crypto (2) --
+%unicode|string%(14) "*.sni.velox.ch"
+-- stream_socket_enable_crypto with user supplied sni --
+%unicode|string%(16) "bob.sni.velox.ch"
+-- stream_socket_enable_crypto with sni disabled --
+%unicode|string%(18) "alice.sni.velox.ch"
+-- stream_socket_enable_crypto with long name --
+%unicode|string%(18) "alice.sni.velox.ch"
@@ -0,0 +1,9 @@
+<?php
+
+$csr = file_get_contents(dirname(__FILE__) . '/005_crt.txt');
+if ($out = openssl_csr_get_subject($csr, 1)) {
+	var_dump($out);
+}
+echo "\n";
+$cn = utf8_decode($out['CN']);
+var_dump($cn);
@@ -0,0 +1,16 @@
+array(6) {
+  ["C"]=>
+  string(2) "NL"
+  ["ST"]=>
+  string(13) "Noord Brabant"
+  ["L"]=>
+  string(4) "Uden"
+  ["O"]=>
+  string(10) "Triconnect"
+  ["OU"]=>
+  string(10) "Triconnect"
+  ["CN"]=>
+  string(15) "*.triconnect.nl"
+}
+
+string(15) "*.triconnect.nl"
@@ -0,0 +1,22 @@
+-----BEGIN NEW CERTIFICATE REQUEST-----
+MIIDYzCCAswCAQAwgYcxCzAJBgNVBAYTAk5MMRYwFAYDVQQIEw1Ob29yZCBCcmFi
+YW50MQ0wCwYDVQQHEwRVZGVuMRMwEQYDVQQKEwpUcmljb25uZWN0MRMwEQYDVQQL
+EwpUcmljb25uZWN0MScwJQYDVQQDHh4AKgAuAHQAcgBpAGMAbwBuAG4AZQBjAHQA
+LgBuAGwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANjE/qKAKgo93162HhtX
+OZdvunF5eG/PFK2yn6uAUDWgZciPoKBslgL6a6sK+RdcS7LjWdjWEOOANGzZY1Kk
+FelzxrIjIGSGJHC9eubebdu2LWFFM5cEMDiH0QSD9Rdiy7svSLWvngUDYj0wwd+m
+iV2duzUFHnusj9iVPpD9s47RAgMBAAGgggGZMBoGCisGAQQBgjcNAgMxDBYKNS4y
+LjM3OTAuMjB7BgorBgEEAYI3AgEOMW0wazAOBgNVHQ8BAf8EBAMCBPAwRAYJKoZI
+hvcNAQkPBDcwNTAOBggqhkiG9w0DAgICAIAwDgYIKoZIhvcNAwQCAgCAMAcGBSsO
+AwIHMAoGCCqGSIb3DQMHMBMGA1UdJQQMMAoGCCsGAQUFBwMBMIH9BgorBgEEAYI3
+DQICMYHuMIHrAgEBHloATQBpAGMAcgBvAHMAbwBmAHQAIABSAFMAQQAgAFMAQwBo
+AGEAbgBuAGUAbAAgAEMAcgB5AHAAdABvAGcAcgBhAHAAaABpAGMAIABQAHIAbwB2
+AGkAZABlAHIDgYkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAADANBgkqhkiG9w0BAQUFAAOBgQA4agiUkIblhF+n0wth4vQY+PwMadyaBpA4
+epr4TKL0QEkA0bQBbIERw5dDE3WQi6aVFJe6y870QymBwmKIvfBBfOyyA0IlQq/n
+uybhzQNQbSMKF1T82hpfh1w2RwVGaGrw7f6qH+CLyP1ydvBPvmD88HwiibNBBB3c
+R23mEEGYUQ==
+-----END NEW CERTIFICATE REQUEST-----
+
@@ -0,0 +1,41 @@
+<?php
+$fp = fopen(dirname(__FILE__) . "/cert.crt","r");
+$a = fread($fp,8192);
+fclose($fp); 
+
+$b = "file://" . dirname(__FILE__) . "/cert.crt";
+$c = "invalid cert";
+$d = openssl_x509_read($a);
+$e = array();
+
+var_dump(openssl_x509_export($a, $output));	// read cert as a binary string
+var_dump(openssl_x509_export($b, $output2));	// read cert from a filename string
+var_dump(openssl_x509_export($c, $output3));	// read an invalid cert, fails
+var_dump(openssl_x509_export($d, $output4));	// read cert from a resource
+var_dump(openssl_x509_export($e, $output5));	// read an array, fails
+
+$outfilename = tempnam("/tmp", "ssl");
+if ($outfilename === false)
+        die("failed to get a temporary filename!");
+
+echo "---\n";
+
+var_dump(openssl_x509_export_to_file($a, $outfilename));      // read cert as a binary string
+var_dump(openssl_x509_export_to_file($b, $outfilename));      // read cert from a filename string
+var_dump(openssl_x509_export_to_file($c, $outfilename));      // read an invalid cert, fails
+var_dump(openssl_x509_export_to_file($d, $outfilename));      // read cert from a resource
+var_dump(openssl_x509_export_to_file($e, $outfilename));      // read an array, fails
+echo "---\n";
+
+var_dump($exists = file_exists($outfilename));
+if ($exists) {
+        @unlink($outfilename);
+}
+echo "---\n";
+
+var_dump(strcmp($output, $a));
+var_dump(strcmp($output, $output2));
+var_dump(strcmp($output, $output3));
+var_dump(strcmp($output, $output4));	// different
+var_dump(strcmp($output, $output5));	// different
+?>
@@ -0,0 +1,23 @@
+bool(true)
+bool(true)
+HipHop Warning: %a
+bool(false)
+bool(true)
+HipHop Warning: %a
+bool(false)
+---
+bool(true)
+bool(true)
+HipHop Warning: %a
+bool(false)
+bool(true)
+HipHop Warning: %a
+bool(false)
+---
+bool(true)
+---
+int(0)
+int(0)
+int(%d)
+int(0)
+int(%d)
@@ -0,0 +1,18 @@
+<?php
+$fp = fopen(dirname(__FILE__) . "/cert.crt","r");
+$a = fread($fp,8192);
+fclose($fp);
+
+$fp = fopen(dirname(__FILE__) . "/private.key","r");
+$b = fread($fp,8192);
+fclose($fp);
+
+$cert = "file://" . dirname(__FILE__) . "/cert.crt";
+$key = "file://" . dirname(__FILE__) . "/private.key";
+
+var_dump(openssl_x509_check_private_key($cert, $key));
+var_dump(openssl_x509_check_private_key("", $key));
+var_dump(openssl_x509_check_private_key($cert, ""));
+var_dump(openssl_x509_check_private_key("", ""));
+var_dump(openssl_x509_check_private_key($a, $b));
+?>
@@ -0,0 +1,5 @@
+bool(true)
+bool(false)
+bool(false)
+bool(false)
+bool(true)
@@ -0,0 +1,22 @@
+<?php
+$data = "openssl_encrypt() and openssl_decrypt() tests";
+$method = "AES-128-CBC";
+$password = "openssl";
+
+$ivlen = openssl_cipher_iv_length($method);
+$iv    = '';
+srand(time() + ((microtime(true) * 1000000) % 1000000));
+while(strlen($iv) < $ivlen) $iv .= chr(rand(0,255));
+
+$encrypted = openssl_encrypt($data, $method, $password, 0, $iv);
+$output = openssl_decrypt($encrypted, $method, $password, 0, $iv);
+var_dump($output);
+$encrypted = openssl_encrypt($data, $method, $password, OPENSSL_RAW_DATA, $iv);
+$output = openssl_decrypt($encrypted, $method, $password, OPENSSL_RAW_DATA, $iv);
+var_dump($output);
+// if we want to manage our own padding
+$padded_data = $data . str_repeat(' ', 16 - (strlen($data) % 16));
+$encrypted = openssl_encrypt($padded_data, $method, $password, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING, $iv);
+$output = openssl_decrypt($encrypted, $method, $password, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING, $iv);
+var_dump(rtrim($output));
+?>
@@ -0,0 +1,3 @@
+string(45) "openssl_encrypt() and openssl_decrypt() tests"
+string(45) "openssl_encrypt() and openssl_decrypt() tests"
+string(45) "openssl_encrypt() and openssl_decrypt() tests"
@@ -0,0 +1,16 @@
+<?php
+$data = "openssl_open() test";
+$pub_key = "file://" . dirname(__FILE__) . "/public.key";
+$priv_key = "file://" . dirname(__FILE__) . "/private.key";
+$wrong = "wrong";
+
+openssl_seal($data, $sealed, $ekeys, array($pub_key, $pub_key, $pub_key));
+openssl_open($sealed, $output, $ekeys[0], $priv_key);
+var_dump($output);
+openssl_open($sealed, $output2, $ekeys[1], $wrong);
+var_dump($output2);
+openssl_open($sealed, $output3, $ekeys[2], $priv_key);
+var_dump($output3);
+openssl_open($sealed, $output4, $wrong, $priv_key);
+var_dump($output4);
+?>
@@ -0,0 +1,5 @@
+string(19) "openssl_open() test"
+HipHop Warning: %a
+NULL
+string(19) "openssl_open() test"
+NULL
@@ -0,0 +1,20 @@
+<?php
+$data = "Testing openssl_private_encrypt()";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$pubkey = "file://" . dirname(__FILE__) . "/public.key";
+$wrong = "wrong";
+class test {
+        function __toString() {
+                return "test";
+        }
+}
+$obj = new test;
+
+var_dump(openssl_private_encrypt($data, $encrypted, $privkey));
+var_dump(openssl_private_encrypt($data, $encrypted, $pubkey));
+var_dump(openssl_private_encrypt($data, $encrypted, $wrong));
+var_dump(openssl_private_encrypt($data, $encrypted, $obj));
+var_dump(openssl_private_encrypt($obj, $encrypted, $privkey));
+openssl_public_decrypt($encrypted, $output, $pubkey);
+var_dump($output);
+?>
@@ -0,0 +1,9 @@
+bool(true)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+bool(true)
+string(4) "test"
@@ -0,0 +1,20 @@
+<?php
+$data = "Testing openssl_public_encrypt()";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$pubkey = "file://" . dirname(__FILE__) . "/public.key";
+$wrong = "wrong";
+class test {
+        function __toString() {
+                return "test";
+        }
+}
+$obj = new test;
+
+var_dump(openssl_public_encrypt($data, $encrypted, $pubkey));
+var_dump(openssl_public_encrypt($data, $encrypted, $privkey));
+var_dump(openssl_public_encrypt($data, $encrypted, $wrong));
+var_dump(openssl_public_encrypt($data, $encrypted, $obj));
+var_dump(openssl_public_encrypt($obj, $encrypted, $pubkey));
+openssl_private_decrypt($encrypted, $output, $privkey);
+var_dump($output);
+?>
@@ -0,0 +1,9 @@
+bool(true)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+bool(true)
+string(4) "test"
@@ -0,0 +1,13 @@
+<?php
+$data = "Testing openssl_verify()";
+$privkey = "file://" . dirname(__FILE__) . "/private.key";
+$pubkey = "file://" . dirname(__FILE__) . "/public.key";
+$wrong = "wrong";
+
+openssl_sign($data, $sign, $privkey);
+var_dump(openssl_verify($data, $sign, $pubkey));
+var_dump(openssl_verify($data, $sign, $privkey));
+var_dump(openssl_verify($data, $sign, $wrong));
+var_dump(openssl_verify($data, $wrong, $pubkey));
+var_dump(openssl_verify($wrong, $sign, $pubkey));
+?>
@@ -0,0 +1,7 @@
+int(1)
+HipHop Warning: %a
+bool(false)
+HipHop Warning: %a
+bool(false)
+int(0)
+int(0)
@@ -0,0 +1,4 @@
+<?php 
+$priv = openssl_pkey_new();
+$pub = openssl_pkey_get_public($priv);
+?>
@@ -0,0 +1 @@
+HipHop Warning: %a
@@ -0,0 +1,30 @@
+<?php 
+$configargs = array(
+        "req_extensions" => "v3_req",
+        "x509_extensions" => "usr_cert",
+		"config" => __DIR__."/openssl.cnf",
+);
+
+$dn = array(
+        "countryName" => "GB",
+        "stateOrProvinceName" => "Berkshire",
+        "localityName" => "Newbury",
+        "organizationName" => "My Company Ltd",
+        "commonName" => "Demo Cert"
+);
+
+$key = openssl_pkey_new();
+$csr = openssl_csr_new($dn, $key, $configargs);
+$crt = openssl_csr_sign($csr, NULL, $key, 365, $configargs);
+
+$str = '';
+openssl_csr_export($csr, $str, false);
+
+if (strpos($str, 'Requested Extensions:')) {
+	echo "Ok\n";
+}
+openssl_x509_export($crt, $str, false);
+if (strpos($str, 'X509v3 extensions:')) {
+	echo "Ok\n";
+}
+?>
@@ -0,0 +1,2 @@
+Ok
+Ok
@@ -0,0 +1,26 @@
+<?php 
+$dir = dirname(__FILE__);
+$file_pub = $dir . '/bug37820cert.pem';
+$file_key = $dir . '/bug37820key.pem';
+
+$priv_key = file_get_contents($file_key);
+$priv_key_id = openssl_get_privatekey($priv_key);
+
+
+
+$pub_key = file_get_contents($file_pub);
+$pub_key_id = openssl_get_publickey($pub_key);
+$data = "some custom data";
+if (!openssl_sign($data, $signature, $priv_key_id, OPENSSL_ALGO_MD5)) {
+	echo "openssl_sign failed.";
+}
+
+$ok = openssl_verify($data, $signature, $pub_key_id, OPENSSL_ALGO_MD5);
+if ($ok == 1) {
+   echo "Ok";
+} elseif ($ok == 0) {
+   echo "openssl_verify failed.";
+}
+
+
+?>
@@ -0,0 +1 @@
+Ok
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv
+bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy
+dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X
+DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw
+EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l
+dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT
+EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp
+MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw
+L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN
+BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX
+9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=
+-----END CERTIFICATE-----
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ
+2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF
+oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr
+8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc
+a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7
+WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA
+6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=
+-----END RSA PRIVATE KEY-----
@@ -0,0 +1,9 @@
+<?php 
+$dir = dirname(__FILE__);
+$certs = array('bug39217cert2.txt', 'bug39217cert1.txt');
+foreach($certs as $cert) {
+	$res = openssl_x509_parse(file_get_contents($dir . '/' . $cert));
+	print_r($res['serialNumber']);
+	echo "\n";
+}
+?>
@@ -0,0 +1,2 @@
+163040343498260435477161879008842183802
+15
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICvzCCAiigAwIBAgIBDzANBgkqhkiG9w0BAQUFADBbMRkwFwYDVQQKExBET0Ug
+U2NpZW5jZSBHcmlkMSAwHgYDVQQLExdDZXJ0aWZpY2F0ZSBBdXRob3JpdGllczEc
+MBoGA1UEAxMTQ2VydGlmaWNhdGUgTWFuYWdlcjAeFw0wMDA4MjkyMjI4MDJaFw0w
+MTA4MjkyMjI4MDJaMHgxDTALBgNVBAoTBEdyaWQxLjAsBgNVBAoTJUxhd3JlbmNl
+IEJlcmtlbGV5IE5hdGlvbmFsIExhYm9yYXRvcnkxIDAeBgNVBAsTF0NlcnRpZmlj
+YXRlIEF1dGhvcml0aWVzMRUwEwYDVQQDEwxMQk5MLUdyaWQtQ0EwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAL2t4aX933WXYlofuY+L+16Tdl/KxpAammyfcW8u
+kHHT6RYDjaQdfV1FpNEqfSrRjKNwGGGkrG4XHZWiUO0Di0AlBN04lsRY6jB68l6B
+5byujfZv+8EeCI2c1ObBLYZYi4lToJf0sm0Hpn3GD7PZBv6BVHLOuwEFDl9z9Dnc
+DFDdAgMBAAGjdjB0MBEGCWCGSAGG+EIBAQQEAwIAhzAOBgNVHQ8BAf8EBAMCAcYw
+HQYDVR0OBBYEFIn+csPVyp+iprpYUIu1SziMQiDxMA8GA1UdEwEB/wQFMAMBAf8w
+HwYDVR0jBBgwFoAUm85P8ry9WHAx1fIyDn6eveJRFOcwDQYJKoZIhvcNAQEFBQAD
+gYEAHindWQ4P4VUmJVt5sUGA05hSAZriDJDDnkvkm/9AR7xgGxtsy21QruhUVe2E
+eVFBws85zbwRqMpfUQyE/xHhUcka2GQTaKlBlcEjZTMnsh27Si2PMYU/UPr/PIpq
+kBkoxVV1bMWRK57mG2tzzTy9j0wkct4G5IjEsrYNDzW6U3E=
+-----END CERTIFICATE-----
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC3DCCAkWgAwIBAgIQeqhtj1pzHCrTTq2AldV0ejANBgkqhkiG9w0BAQQFADAy
+MRcwFQYDVQQKEw5FLUFDSEFUIE1JTkRFRjEXMBUGA1UEAxMORS1BQ0hBVCBNSU5E
+RUYwHhcNMDQwMTA1MDAwMDAwWhcNMDYwMTA0MjM1OTU5WjCB5DEOMAwGA1UEBxQF
+UEFSSVMxCzAJBgNVBAYTAkZSMRcwFQYDVQQKFA5FLUFDSEFUIE1JTkRFRjEtMCsG
+A1UECxQkRW50LiAtIENhcCBHZW1pbmkgRXJuc3QgWW91bmcgRnJhbmNlMR8wHQYD
+VQQLFBZTSVJFTiAtIDMyODc4MTc4NjAwMDUzMTQwMgYDVQQDEytDR0VZIEZyYW5j
+ZSAtIENhcCBHZW1pbmkgRXJuc3QgWW91bmcgRnJhbmNlMSYwJAYJKoZIhvcNAQkB
+FhdkZ2FlbWEtbWNvQGNhcGdlbWluaS5mcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
+gYkCgYEApFgcuVTuUe0z+iGTaPw7yVxhZsPq6aIqGHsCvU9fqUcymbmg9l4oTfAk
+gR5bvDo+JTQb1/OPlQCKqyVa7wn6lPs97dMOZMobjCRcvw7z0jVphortA1NS8FRH
+6LsWELZ13uC57IIakpW726Vz3tST9qHHbQoWbX/n8NjHcwL4zUECAwEAAaNAMD4w
+CQYDVR0TBAIwADALBgNVHQ8EBAMCBaAwEQYJYIZIAYb4QgEBBAQDAgeAMBEGCmCG
+SAGG+EUBBgkEAwEB/zANBgkqhkiG9w0BAQQFAAOBgQAWdmEu8TkFdgqA/xN6llo9
+zZR3EUH0X5HstxJRYgofcQyfumJHhgvaNB8vkDhZ3iJORVVxcJ27W36TAJ6b4jcr
+yWjO/nc42XdgknS8r9NIV7VKzmjY7Ip2+9N6JOAWFkjGrnF1G69nrerIJavJTzrb
+PYlQnzJO6SHAoi5j6WsKPw==
+-----END CERTIFICATE-----
@@ -0,0 +1,7 @@
+<?php
+
+$a = 2;
+openssl_pkcs12_read(1, $a, 1);
+
+echo "Done\n";
+?>
@@ -0,0 +1 @@
+Done
@@ -0,0 +1,32 @@
+<?php
+$csr = "-----BEGIN CERTIFICATE-----
+MIIEKzCCAxOgAwIBAgICAtUwDQYJKoZIhvcNAQEFBQAwgewxFjAUBgNVBC0DDQBT
+UFI5NjEyMTdOSzkxETAPBgNVBAcTCENveW9hY+FuMQswCQYDVQQIEwJERjELMAkG
+A1UEBhMCTVgxDjAMBgNVBBETBTA0MDAwMR8wHQYDVQQJExZQYW56YWNvbGEgIzYy
+IDFlciBwaXNvMSgwJgYDVQQDEx9BdXRvcmlkYWQgY2VydGlmaWNhZG9yYSBJbnRl
+cm5hMRMwEQYDVQQLEwpUZWNub2xvZ+1hMRMwEQYDVQQKEwpTZWd1cmlEYXRhMSAw
+HgYJKoZIhvcNAQkBFhFhY0BzZWd1cmlkYXRhLmNvbTAeFw0wNzAyMTIwMDAwMDBa
+Fw0xMjAyMjkwMDAwMDBaMIIBDDEWMBQGA1UELQMNAFNQUjk2MTIxN05LOTEXMBUG
+A1UEBxMOQWx2YXJvIE9icmVnb24xDTALBgNVBAgTBEQuRi4xCzAJBgNVBAYTAk1Y
+MQ4wDAYDVQQREwUwMTAwMDEoMCYGA1UECRMfSW5zdXJnZW50ZXMgU3VyIDIzNzUs
+IDNlci4gUGlzbzEbMBkGA1UEAxMSd3d3LnNlZ3VyaWRhdGEuY29tMREwDwYDVQQL
+EwhJbnRlcm5ldDEpMCcGA1UEChMgU2VndXJpRGF0YSBQcml2YWRhLCBTLkEuIGRl
+IEMuVi4xKDAmBgkqhkiG9w0BCQEWGXBvc3RtYXN0ZXJAc2VndXJpZGF0YS5jb20w
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANG/rb52Ou//dnkHysR5m7T4r8QM
+KOM/CP0OEXTOC+a+47RsZjqNiZsBkSeR92OFPpkw5bJ85IAD/Tgx7Tli3ryJfrdk
+WMfkXpzWW0YmeTrghL0DMNd8nYc9voVv+OGnIZ0W4Mhz31eiThmyy7Fs8ZlFyfkR
+REj5OQvq+z+NP/n/AgMBAAGjODA2MBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1Ud
+DwQFAwMH6AAwEQYJYIZIAYb4QgEBBAQDAgBAMA0GCSqGSIb3DQEBBQUAA4IBAQCq
+nBqQEb7H6Gxi4KXBn1lrPd5KWO40iSD7BREU8e0eI1ZLZvi4IEAlmyG81Le037jo
+irMUDS2Ue5WI61QnGw4LhnYlCIuffU7fTs+UbrOE4qNU67G+XBfjk0gHkXHmEYbb
+EOR9OHeDcYFgcl3j4SLg/ff6oRYbMkQRCrgQzrl/MNkuqDWJrcigS9OD6OTgRyEo
+7Zvf7/ofWIzTIvINbfjQzSTr8AbI4SbuU9iKgVGDQQF6cfpBmOYgnr3QPuoTQCoU
+pz9H9wBlz/Nmw12YtfCmGqpIFAxpRGFQTGPNJWr4FdZkUM792lm7Sf3zzSvi8Ruz
+M3dwifRsZyZyruy4tMsu
+-----END CERTIFICATE-----
+";
+$cert = str_replace("\\n", "\n", $csr);
+$arr = openssl_x509_parse($cert);
+var_dump($arr['hash']);
+echo "Done";
+?>
@@ -0,0 +1,2 @@
+string(8) "%s"
+Done
@@ -0,0 +1,10 @@
+<?php
+
+$data = "jfdslkjvflsdkjvlkfjvlkjfvlkdm,4w 043920r 9234r 32904r 09243
+r7-89437 r892374 r894372 r894 7289r7 f  frwerfh i iurf iuryw uyrfouiwy ruy
+972439 8478942 yrhfjkdhls";
+$pass = "r23498rui324hjbnkj";
+
+openssl_encrypt($data, 'des3', $pass, 0, '1qazxsw2');
+echo "Done";
+?>
@@ -0,0 +1 @@
+Done
@@ -0,0 +1,10 @@
+<?php
+$data = "jfdslkjvflsdkjvlkfjvlkjfvlkdm,4w 043920r 9234r 32904r 09243
+r7-89437 r892374 r894372 r894 7289r7 f  frwerfh i iurf iuryw uyrfouiwy ruy
+972439 8478942 yrhfjkdhls";
+$pass = "r23498rui324hjbnkj";
+
+$cr = openssl_encrypt($data, 'des3', $pass, 0, '1qazxsw2');
+$dcr = openssl_decrypt($cr, 'des3', $pass, 0, '1qazxsw2');
+echo "Done";
+?>
@@ -0,0 +1 @@
+Done
@@ -0,0 +1,2 @@
+<?php
+var_dump(openssl_decrypt('kzo w2RMExUTYQXW2Xzxmg==', 'aes-128-cbc', 'pass', false, 'pass'));
@@ -0,0 +1,2 @@
+HipHop Warning: %a
+bool(false)
@@ -0,0 +1,13 @@
+<?php
+$cert = file_get_contents(__DIR__.'/cert.crt');
+
+$data = <<<DATA
+Please verify me
+DATA;
+
+$sig = 'f9Gyb6NV/ENn7GUa37ygTLcF93XHf5fbFTnoYF/O+fXbq3iChGUbET0RuhOsptlAODi6JsDLnJO4ikcVZo0tC1fFTj3LyCuPy3ZdgJbbVxQ/rviROCmuMFTqUW/Xa2LQYiapeCCgLQeWTLg7TM/BoHEkKbKLG/XT5jHvep1758A=';
+
+$key = openssl_get_publickey($cert);
+var_dump(openssl_get_publickey($key));
+var_dump(openssl_verify($data, base64_decode($sig), $key));
+?>
@@ -0,0 +1,2 @@
+resource(%d) of type (OpenSSL key)
+int(1)
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDbDCCAtWgAwIBAgIJAK7FVsxyN1CiMA0GCSqGSIb3DQEBBQUAMIGBMQswCQYD
+VQQGEwJCUjEaMBgGA1UECBMRUmlvIEdyYW5kZSBkbyBTdWwxFTATBgNVBAcTDFBv
+cnRvIEFsZWdyZTEeMBwGA1UEAxMVSGVucmlxdWUgZG8gTi4gQW5nZWxvMR8wHQYJ
+KoZIhvcNAQkBFhBobmFuZ2Vsb0BwaHAubmV0MB4XDTA4MDYzMDEwMjg0M1oXDTA4
+MDczMDEwMjg0M1owgYExCzAJBgNVBAYTAkJSMRowGAYDVQQIExFSaW8gR3JhbmRl
+IGRvIFN1bDEVMBMGA1UEBxMMUG9ydG8gQWxlZ3JlMR4wHAYDVQQDExVIZW5yaXF1
+ZSBkbyBOLiBBbmdlbG8xHzAdBgkqhkiG9w0BCQEWEGhuYW5nZWxvQHBocC5uZXQw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMteno+QK1ulX4/WDAVBYfoTPRTz
+e4SZLwgael4jwWTytj+8c5nNllrFELD6WjJzfjaoIMhCF4w4I2bkWR6/PTqrvnv+
+iiiItHfKvJgYqIobUhkiKmWa2wL3mgqvNRIqTrTC4jWZuCkxQ/ksqL9O/F6zk+aR
+S1d+KbPaqCR5Rw+lAgMBAAGjgekwgeYwHQYDVR0OBBYEFNt+QHK9XDWF7CkpgRLo
+Ymhqtz99MIG2BgNVHSMEga4wgauAFNt+QHK9XDWF7CkpgRLoYmhqtz99oYGHpIGE
+MIGBMQswCQYDVQQGEwJCUjEaMBgGA1UECBMRUmlvIEdyYW5kZSBkbyBTdWwxFTAT
+BgNVBAcTDFBvcnRvIEFsZWdyZTEeMBwGA1UEAxMVSGVucmlxdWUgZG8gTi4gQW5n
+ZWxvMR8wHQYJKoZIhvcNAQkBFhBobmFuZ2Vsb0BwaHAubmV0ggkArsVWzHI3UKIw
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCP1GUnStC0TBqngr3Kx+zS
+UW8KutKO0ORc5R8aV/x9LlaJrzPyQJgiPpu5hXogLSKRIHxQS3X2+Y0VvIpW72LW
+PVKPhYlNtO3oKnfoJGKin0eEhXRZMjfEW/kznY+ZZmNifV2r8s+KhNAqI4PbClvn
+4vh8xF/9+eVEj+hM+0OflA==
+-----END CERTIFICATE-----
@@ -0,0 +1,43 @@
+[ req ]
+default_bits		= 1024
+default_keyfile 	= privkey.pem
+distinguished_name	= req_distinguished_name
+attributes		= req_attributes
+x509_extensions	= v3_ca	# The extentions to add to the self signed cert
+string_mask = MASK:4294967295
+
+
+[ req_distinguished_name ]
+countryName			= Country Name (2 letter code)
+countryName_default		= AU
+countryName_min			= 2
+countryName_max			= 2
+stateOrProvinceName		= State or Province Name (full name)
+stateOrProvinceName_default	= Some-State
+localityName			= Locality Name (eg, city)
+0.organizationName		= Organization Name (eg, company)
+0.organizationName_default	= Internet Widgits Pty Ltd
+organizationalUnitName		= Organizational Unit Name (eg, section)
+commonName			= Common Name (eg, YOUR name)
+commonName_max			= 64
+emailAddress			= Email Address
+emailAddress_max		= 64
+
+[ req_attributes ]
+challengePassword		= A challenge password
+challengePassword_min		= 4
+challengePassword_max		= 20
+unstructuredName		= An optional company name
+
+[ v3_req ]
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+[ v3_ca ]
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints = CA:true
+
+[ usr_cert ]
+basicConstraints=CA:FALSE
+
@@ -0,0 +1,8 @@
+<?php
+$data = "openssl_digest() basic test";
+$method = "md5";
+$method2 = "sha1";
+
+var_dump(openssl_digest($data, $method));
+var_dump(openssl_digest($data, $method2));
+?>
--- a/Mostrar Mais
+++ b/Mostrar Mais