doc-en icon indicating copy to clipboard operation
doc-en copied to clipboard
verified publisher icon php

openssl_sign() - $private_key in signature shows array but no array in params description

Open piotrekkr opened this issue 1 year ago • 4 comments

From manual page: https://php.net/function.openssl-sign

 openssl_sign(
    string $data,
    string &$signature,
    #[\SensitiveParameter] OpenSSLAsymmetricKey|OpenSSLCertificate|array|string $private_key,
    string|int $algorithm = OPENSSL_ALGO_SHA1
): bool

but in description there is only

private_key

    OpenSSLAsymmetricKey - a key, returned by openssl_get_privatekey()

    string - a PEM formatted key

piotrekkr avatar Oct 04 '24 10:10 piotrekkr

Checked history of doc file for this function and even 10 years ago it did not allow array. It was just resource or string before php 8.0.

piotrekkr avatar Oct 04 '24 10:10 piotrekkr

The documentation of the $private_key parameter certainly needs to be improved. I consider the current state a bug.

Note that the signatures are now declared in stub files. If they do not match the implementation, that should be reported at https://github.com/php/php-src/issues.

cmb69 avatar Oct 04 '24 11:10 cmb69

@cmb69 I've reported his to php-src because I honestly don't know if stub is correct or not. We will see.

piotrekkr avatar Oct 07 '24 08:10 piotrekkr

@cmb69 And I've got the answer. Array is correct and should be like

array(0 => key, 1 => phrase)

where key can be multiple things but this need to be tested. Do you have someone who can test it if this is working as mentioned here ?

piotrekkr avatar Oct 07 '24 08:10 piotrekkr