php/php-openssl.patch

From 03a4ccd9120e5816e5f9f134f63b76e89558658f Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Tue, 31 May 2022 09:59:58 +0200
Subject: [PATCH] use sha256 in openssl test suite

---
 ext/openssl/tests/bug41033.phpt                    |  4 ++--
 ext/openssl/tests/bug61930.phpt                    | 11 ++++++-----
 ext/openssl/tests/bug66501.phpt                    |  2 +-
 ext/openssl/tests/ecc.phpt                         |  2 +-
 ext/openssl/tests/openssl.cnf                      |  1 +
 ext/openssl/tests/openssl_csr_export_basic.phpt    |  2 +-
 .../tests/openssl_csr_export_to_file_basic.phpt    | 14 +++++++-------
 .../tests/openssl_csr_get_public_key_basic.phpt    |  2 +-
 .../tests/openssl_csr_get_subject_basic.phpt       |  2 +-
 ext/openssl/tests/openssl_csr_sign_basic.phpt      |  2 +-
 ext/openssl/tests/openssl_sign_basic.phpt          |  2 +-
 .../tests/openssl_spki_export_challenge_basic.phpt | 14 --------------
 ext/openssl/tests/openssl_spki_new_basic.phpt      |  8 --------
 ext/openssl/tests/openssl_spki_verify_basic.phpt   | 14 --------------
 ext/openssl/tests/openssl_verify_basic.phpt        | 12 ++++++------
 15 files changed, 29 insertions(+), 63 deletions(-)

diff --git a/ext/openssl/tests/bug41033.phpt b/ext/openssl/tests/bug41033.phpt
index ff30d8b266d0..73cca19506af 100644
--- a/ext/openssl/tests/bug41033.phpt
+++ b/ext/openssl/tests/bug41033.phpt
@@ -10,11 +10,11 @@ $pub = 'file://' . __DIR__ . '/' . 'bug41033pub.pem';
 
 $prkeyid = openssl_get_privatekey($prv, "1234");
 $ct = "Hello I am some text!";
-openssl_sign($ct, $signature, $prkeyid, OPENSSL_ALGO_SHA1);
+openssl_sign($ct, $signature, $prkeyid, OPENSSL_ALGO_SHA256);
 echo "Signature: ".base64_encode($signature) . "\n";
 
 $pukeyid = openssl_get_publickey($pub);
-$valid = openssl_verify($ct, $signature, $pukeyid, OPENSSL_ALGO_SHA1);
+$valid = openssl_verify($ct, $signature, $pukeyid, OPENSSL_ALGO_SHA256);
 echo "Signature validity: " . $valid . "\n";
 
 
diff --git a/ext/openssl/tests/bug61930.phpt b/ext/openssl/tests/bug61930.phpt
index 862c6a07bfd0..d97f4990173a 100644
--- a/ext/openssl/tests/bug61930.phpt
+++ b/ext/openssl/tests/bug61930.phpt
@@ -4,19 +4,20 @@ Bug #61930: openssl corrupts ssl key resource when using openssl_get_publickey()
 openssl
 --FILE--
 <?php
-$cert = file_get_contents(__DIR__.'/cert.crt');
+$cert = file_get_contents(__DIR__.'/public.crt');
 
 $data = <<<DATA
 Please verify me
 DATA;
 
-$sig = 'f9Gyb6NV/ENn7GUa37ygTLcF93XHf5fbFTnoYF/O+fXbq3iChGUbET0RuhOsptl' .
-        'AODi6JsDLnJO4ikcVZo0tC1fFTj3LyCuPy3ZdgJbbVxQ/rviROCmuMFTqUW/Xa2' .
-        'LQYiapeCCgLQeWTLg7TM/BoHEkKbKLG/XT5jHvep1758A=';
+$sig = 'w45LtLoRY/WPk/kcmP6CwGysOMuxuLbD35xMB/iAe5IMiBJjz2D1WGEY7Vz+rLZmYqOo58qNC3VtTg6ge9+UhfQHplvs6cXGKm' .
+       'SkQlYv4EeFoByqYfPU9k2dE/WEItOJUUyqu9pHaCmRtLpxoLnJcdQVdiXfT0t8KwxUzZYDjrSfhp7rbKhhCc4jZMwo9PvBuPAT' .
+       'MEfZbRNaVpwCFpjmmJczZCHFZFm7JYzR2jU0sjJMGALXidNBs9p0Fi1TGz3pZkxnQ5lwI5DX5ZSY0jiOcoVFt7k29GVFd0DPjm' .
+       '1NyieYU6tpnanG+ZqHIT8Um3FajYh0x1iMMe2lLETjklqYiw==';
 
 $key = openssl_get_publickey($cert);
 var_dump(openssl_get_publickey($key));
-var_dump(openssl_verify($data, base64_decode($sig), $key));
+var_dump(openssl_verify($data, base64_decode($sig), $key, OPENSSL_ALGO_SHA256));
 ?>
 --EXPECTF--
 object(OpenSSLAsymmetricKey)#%d (0) {
diff --git a/ext/openssl/tests/bug66501.phpt b/ext/openssl/tests/bug66501.phpt
index 4a7bfbf1361b..56d391032f7e 100644
--- a/ext/openssl/tests/bug66501.phpt
+++ b/ext/openssl/tests/bug66501.phpt
@@ -18,7 +18,7 @@ AwEHoUQDQgAEPq4hbIWHvB51rdWr8ejrjWo4qVNWVugYFtPg/xLQw0mHkIPZ4DvK
 sqOTOnMoezkbSmVVMuwz9flvnqHGmQvmug==
 -----END EC PRIVATE KEY-----';
 $key = openssl_pkey_get_private($pkey);
-$res = openssl_sign($data ='alpha', $sign, $key, 'SHA1');
+$res = openssl_sign($data ='alpha', $sign, $key, 'SHA256');
 var_dump($res);
 ?>
 --EXPECT--
diff --git a/ext/openssl/tests/ecc.phpt b/ext/openssl/tests/ecc.phpt
index a18651dc5e4b..297af1dccd0c 100644
--- a/ext/openssl/tests/ecc.phpt
+++ b/ext/openssl/tests/ecc.phpt
@@ -64,7 +64,7 @@ $csr = openssl_csr_new($dn, $keyGenerate, $args);
 
 var_dump($keyGenerate);
 
-$args["digest_alg"] = "sha1";
+$args["digest_alg"] = "sha256";
 echo "Testing openssl_csr_new with existing ecc key\n";
 $csr = openssl_csr_new($dn, $key1, $args);
 var_dump($csr);
diff --git a/ext/openssl/tests/openssl.cnf b/ext/openssl/tests/openssl.cnf
index f3025aeb5caa..6146b93142cc 100644
--- a/ext/openssl/tests/openssl.cnf
+++ b/ext/openssl/tests/openssl.cnf
@@ -7,6 +7,7 @@ tsa_policy2 = 1.2.3.4.5.6
 
 [ req ]
 default_bits		= 1024
+default_md          = sha256
 default_keyfile 	= privkey.pem
 distinguished_name	= req_distinguished_name
 attributes		= req_attributes
diff --git a/ext/openssl/tests/openssl_csr_export_basic.phpt b/ext/openssl/tests/openssl_csr_export_basic.phpt
index 559befe23c92..95bf741e9ec1 100644
--- a/ext/openssl/tests/openssl_csr_export_basic.phpt
+++ b/ext/openssl/tests/openssl_csr_export_basic.phpt
@@ -17,7 +17,7 @@ $dn = array(
 );
 
 $args = array(
-    "digest_alg" => "sha1",
+    "digest_alg" => "sha256",
     "private_key_bits" => 2048,
     "private_key_type" => OPENSSL_KEYTYPE_DSA,
     "encrypt_key" => true,
diff --git a/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt b/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt
index dfa533b729cb..5b0920888163 100644
--- a/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt
+++ b/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt
@@ -25,7 +25,7 @@ $dn = array(
 );
 
 $args = array(
-    "digest_alg" => "sha1",
+    "digest_alg" => "sha256",
     "private_key_bits" => 2048,
     "private_key_type" => OPENSSL_KEYTYPE_DSA,
     "encrypt_key" => true,
@@ -66,12 +66,12 @@ BggTncBh9ozkVQGS/P1m0zn/SKSgDO+6DdeLHLMjpUASaoYfsay4PJLAdnTqLOeM
 g6qNE6u0ebZXVfmpSmV1pSZ6kQnxbsb6rX1iOZxkwHnVWYb40Hy0EILo31x6BVqB
 m159m7s38ChiRHqlj20DmRfxXjiT5YDgYYQ29wQBTVQrTN5O9UW5Y+eKTXd8r6te
 dsbIBXdKN7NeX7ksGYHq1I3hLsP8EyvZO78qfjKyEB0Jj3UCAwEAAaAAMA0GCSqG
-SIb3DQEBBQUAA4IBAQCamzVmIbElkiDQKzQpkfU5tHjrWPrHDSB186NI0sQ8i6GQ
-1YT6yPAXBPTQ1aER/6uAZJL5HfWEX8V1rKbe8GkPAPCHHQzmHyWlaO2EHS57zJhk
-sRrhqkhhkSNiDg4OrsguhRtbB2VMGeDbqHGI89uGqqGHUiZc/Bh8N7WFXZkUU/A0
-sfBgVeqg0P4SWez5fHXqBNcjMdMI5f0bikcDZSIfTHS8FX+PMurLBC8UPB0YNIOl
-1r2Lvo+6YUHOziG1OwQd3K0xxu/JzzOE+lMB73ynz4V6DY5Qv3qVno1GpupvgmQA
-JViHkCA9x6m8RJXAFvqmgLlWlUzbDv/cRrDfjWjR
+SIb3DQEBCwUAA4IBAQCNtCIfMHBDRvNqHmrDfR/+A7ZJ+n/XzA2uQhvjEq91DeT8
+IE7gjUtmj2sqKmHGIDO4uN4F9ZHYzcNk23n6CMljYqJLbB2dHC0V6vkDB7qod1TH
+/SK39Yj0ji2AT45LD5rLH3vd1bjxdwwhyPyGhshKOIdnmBv4mwTRANIsiISMQV4Y
+ZPAXJ5DTKkgdsY14hqhyWct1bWMPpj2MCLQGjKxK8vmbiKaNL1XxAS7chTXoy7un
+NvBKc82Wy3XEuC9AkNFEytD6kA9gu8nFydvYTOvvhaQrf9RzwSitgi9Vj3mbujsN
+f1JMPX0/eHrKvG9wBZu28FdS54xoWGeD1NGraW24
 -----END CERTIFICATE REQUEST-----
 "
 
diff --git a/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt b/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt
index 7faaf2f23454..9f128c200bea 100644
--- a/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt
+++ b/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt
@@ -23,7 +23,7 @@ $dn = array(
 );
 
 $args = array(
-    "digest_alg" => "sha1",
+    "digest_alg" => "sha256",
     "private_key_bits" => 2048,
     "private_key_type" => OPENSSL_KEYTYPE_DSA,
     "encrypt_key" => true,
diff --git a/ext/openssl/tests/openssl_csr_get_subject_basic.phpt b/ext/openssl/tests/openssl_csr_get_subject_basic.phpt
index 6fe63e971775..79baeb65b8a5 100644
--- a/ext/openssl/tests/openssl_csr_get_subject_basic.phpt
+++ b/ext/openssl/tests/openssl_csr_get_subject_basic.phpt
@@ -23,7 +23,7 @@ $dn = array(
 );
 
 $args = array(
-    "digest_alg" => "sha1",
+    "digest_alg" => "sha256",
     "private_key_bits" => 2048,
     "private_key_type" => OPENSSL_KEYTYPE_DSA,
     "encrypt_key" => true,
diff --git a/ext/openssl/tests/openssl_csr_sign_basic.phpt b/ext/openssl/tests/openssl_csr_sign_basic.phpt
index a7030b392145..0cf678cc2944 100644
--- a/ext/openssl/tests/openssl_csr_sign_basic.phpt
+++ b/ext/openssl/tests/openssl_csr_sign_basic.phpt
@@ -20,7 +20,7 @@ $dn = array(
 );
 
 $args = array(
-    "digest_alg" => "sha1",
+    "digest_alg" => "sha256",
     "private_key_bits" => 2048,
     "private_key_type" => OPENSSL_KEYTYPE_DSA,
     "encrypt_key" => true,
diff --git a/ext/openssl/tests/openssl_sign_basic.phpt b/ext/openssl/tests/openssl_sign_basic.phpt
index 48deac9337c1..047028101893 100644
--- a/ext/openssl/tests/openssl_sign_basic.phpt
+++ b/ext/openssl/tests/openssl_sign_basic.phpt
@@ -8,7 +8,7 @@ $data = "Testing openssl_sign()";
 $privkey = "file://" . __DIR__ . "/private_rsa_1024.key";
 $wrong = "wrong";
 
-var_dump(openssl_sign($data, $sign, $privkey));                 // no output
+var_dump(openssl_sign($data, $sign, $privkey, OPENSSL_ALGO_SHA256));                 // no output
 var_dump(openssl_sign($data, $sign, $wrong));
 ?>
 --EXPECTF--
diff --git a/ext/openssl/tests/openssl_spki_export_challenge_basic.phpt b/ext/openssl/tests/openssl_spki_export_challenge_basic.phpt
index ab9076791be4..2fadc30e6810 100644
--- a/ext/openssl/tests/openssl_spki_export_challenge_basic.phpt
+++ b/ext/openssl/tests/openssl_spki_export_challenge_basic.phpt
@@ -22,8 +22,6 @@ foreach ($key_sizes as $key_size) {
 
 /* array of available hashings to test */
 $algo = array(
-    OPENSSL_ALGO_MD5,
-    OPENSSL_ALGO_SHA1,
     OPENSSL_ALGO_SHA224,
     OPENSSL_ALGO_SHA256,
     OPENSSL_ALGO_SHA384,
@@ -76,15 +74,3 @@ string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"
 bool\(false\)
 string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"
 bool\(false\)
-string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"
-bool\(false\)
-string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"
-bool\(false\)
-string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"
-bool\(false\)
-string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"
-bool\(false\)
-string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"
-bool\(false\)
-string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"
-bool\(false\)
diff --git a/ext/openssl/tests/openssl_spki_new_basic.phpt b/ext/openssl/tests/openssl_spki_new_basic.phpt
index 1d29fe05bd81..6b661afde36f 100644
--- a/ext/openssl/tests/openssl_spki_new_basic.phpt
+++ b/ext/openssl/tests/openssl_spki_new_basic.phpt
@@ -16,8 +16,6 @@ foreach ($key_sizes as $key_size) {
 
 /* array of available hashings to test */
 $algo = array(
-    OPENSSL_ALGO_MD5,
-    OPENSSL_ALGO_SHA1,
     OPENSSL_ALGO_SHA224,
     OPENSSL_ALGO_SHA256,
     OPENSSL_ALGO_SHA384,
@@ -47,16 +45,10 @@ string(478) "%s"
 string(478) "%s"
 string(478) "%s"
 string(478) "%s"
-string(478) "%s"
-string(478) "%s"
-string(830) "%s"
 string(830) "%s"
 string(830) "%s"
 string(830) "%s"
 string(830) "%s"
-string(830) "%s"
-string(1510) "%s"
-string(1510) "%s"
 string(1510) "%s"
 string(1510) "%s"
 string(1510) "%s"
diff --git a/ext/openssl/tests/openssl_spki_verify_basic.phpt b/ext/openssl/tests/openssl_spki_verify_basic.phpt
index 9b624a7a5f72..19704b4a4fa8 100644
--- a/ext/openssl/tests/openssl_spki_verify_basic.phpt
+++ b/ext/openssl/tests/openssl_spki_verify_basic.phpt
@@ -18,8 +18,6 @@ foreach ($key_sizes as $key_size) {
 
 /* array of available hashings to test */
 $algo = array(
-    OPENSSL_ALGO_SHA1,
-    OPENSSL_ALGO_SHA224,
     OPENSSL_ALGO_SHA256,
     OPENSSL_ALGO_SHA384,
     OPENSSL_ALGO_SHA512,
@@ -65,15 +63,3 @@ bool(true)
 bool(false)
 bool(true)
 bool(false)
-bool(true)
-bool(false)
-bool(true)
-bool(false)
-bool(true)
-bool(false)
-bool(true)
-bool(false)
-bool(true)
-bool(false)
-bool(true)
-bool(false)
diff --git a/ext/openssl/tests/openssl_verify_basic.phpt b/ext/openssl/tests/openssl_verify_basic.phpt
index 0e93a21319d9..674a3c58a9ea 100644
--- a/ext/openssl/tests/openssl_verify_basic.phpt
+++ b/ext/openssl/tests/openssl_verify_basic.phpt
@@ -9,12 +9,12 @@ $privkey = "file://" . __DIR__ . "/private_rsa_1024.key";
 $pubkey = "file://" . __DIR__ . "/public.key";
 $wrong = "wrong";
 
-openssl_sign($data, $sign, $privkey);
-var_dump(openssl_verify($data, $sign, $pubkey));
-var_dump(openssl_verify($data, $sign, $privkey));
-var_dump(openssl_verify($data, $sign, $wrong));
-var_dump(openssl_verify($data, $wrong, $pubkey));
-var_dump(openssl_verify($wrong, $sign, $pubkey));
+openssl_sign($data, $sign, $privkey, OPENSSL_ALGO_SHA256);
+var_dump(openssl_verify($data, $sign, $pubkey, OPENSSL_ALGO_SHA256));
+var_dump(openssl_verify($data, $sign, $privkey, OPENSSL_ALGO_SHA256));
+var_dump(openssl_verify($data, $sign, $wrong, OPENSSL_ALGO_SHA256));
+var_dump(openssl_verify($data, $wrong, $pubkey, OPENSSL_ALGO_SHA256));
+var_dump(openssl_verify($wrong, $sign, $pubkey, OPENSSL_ALGO_SHA256));
 ?>
 --EXPECTF--
 int(1)
add upstream patch to initialize pcre before mbstring add upstream patch to use more sha256 in openssl tests Related: #2070040 2022-06-03 07:17:50 +00:00			`From 03a4ccd9120e5816e5f9f134f63b76e89558658f Mon Sep 17 00:00:00 2001`
			`From: Remi Collet <remi@remirepo.net>`
			`Date: Tue, 31 May 2022 09:59:58 +0200`
			`Subject: [PATCH] use sha256 in openssl test suite`

			`---`
			`ext/openssl/tests/bug41033.phpt \| 4 ++--`
			`ext/openssl/tests/bug61930.phpt \| 11 ++++++-----`
			`ext/openssl/tests/bug66501.phpt \| 2 +-`
			`ext/openssl/tests/ecc.phpt \| 2 +-`
			`ext/openssl/tests/openssl.cnf \| 1 +`
			`ext/openssl/tests/openssl_csr_export_basic.phpt \| 2 +-`
			`.../tests/openssl_csr_export_to_file_basic.phpt \| 14 +++++++-------`
			`.../tests/openssl_csr_get_public_key_basic.phpt \| 2 +-`
			`.../tests/openssl_csr_get_subject_basic.phpt \| 2 +-`
			`ext/openssl/tests/openssl_csr_sign_basic.phpt \| 2 +-`
			`ext/openssl/tests/openssl_sign_basic.phpt \| 2 +-`
			`.../tests/openssl_spki_export_challenge_basic.phpt \| 14 --------------`
			`ext/openssl/tests/openssl_spki_new_basic.phpt \| 8 --------`
			`ext/openssl/tests/openssl_spki_verify_basic.phpt \| 14 --------------`
			`ext/openssl/tests/openssl_verify_basic.phpt \| 12 ++++++------`
			`15 files changed, 29 insertions(+), 63 deletions(-)`

			`diff --git a/ext/openssl/tests/bug41033.phpt b/ext/openssl/tests/bug41033.phpt`
			`index ff30d8b266d0..73cca19506af 100644`
			`--- a/ext/openssl/tests/bug41033.phpt`
			`+++ b/ext/openssl/tests/bug41033.phpt`
			`@@ -10,11 +10,11 @@ $pub = 'file://' . __DIR__ . '/' . 'bug41033pub.pem';`

			`$prkeyid = openssl_get_privatekey($prv, "1234");`
			`$ct = "Hello I am some text!";`
			`-openssl_sign($ct, $signature, $prkeyid, OPENSSL_ALGO_SHA1);`
			`+openssl_sign($ct, $signature, $prkeyid, OPENSSL_ALGO_SHA256);`
			`echo "Signature: ".base64_encode($signature) . "\n";`

			`$pukeyid = openssl_get_publickey($pub);`
			`-$valid = openssl_verify($ct, $signature, $pukeyid, OPENSSL_ALGO_SHA1);`
			`+$valid = openssl_verify($ct, $signature, $pukeyid, OPENSSL_ALGO_SHA256);`
			`echo "Signature validity: " . $valid . "\n";`


			`diff --git a/ext/openssl/tests/bug61930.phpt b/ext/openssl/tests/bug61930.phpt`
			`index 862c6a07bfd0..d97f4990173a 100644`
			`--- a/ext/openssl/tests/bug61930.phpt`
			`+++ b/ext/openssl/tests/bug61930.phpt`
			`@@ -4,19 +4,20 @@ Bug #61930: openssl corrupts ssl key resource when using openssl_get_publickey()`
			`openssl`
			`--FILE--`
			`<?php`
			`-$cert = file_get_contents(__DIR__.'/cert.crt');`
			`+$cert = file_get_contents(__DIR__.'/public.crt');`

			`$data = <<<DATA`
			`Please verify me`
			`DATA;`

			`-$sig = 'f9Gyb6NV/ENn7GUa37ygTLcF93XHf5fbFTnoYF/O+fXbq3iChGUbET0RuhOsptl' .`
			`- 'AODi6JsDLnJO4ikcVZo0tC1fFTj3LyCuPy3ZdgJbbVxQ/rviROCmuMFTqUW/Xa2' .`
			`- 'LQYiapeCCgLQeWTLg7TM/BoHEkKbKLG/XT5jHvep1758A=';`
			`+$sig = 'w45LtLoRY/WPk/kcmP6CwGysOMuxuLbD35xMB/iAe5IMiBJjz2D1WGEY7Vz+rLZmYqOo58qNC3VtTg6ge9+UhfQHplvs6cXGKm' .`
			`+ 'SkQlYv4EeFoByqYfPU9k2dE/WEItOJUUyqu9pHaCmRtLpxoLnJcdQVdiXfT0t8KwxUzZYDjrSfhp7rbKhhCc4jZMwo9PvBuPAT' .`
			`+ 'MEfZbRNaVpwCFpjmmJczZCHFZFm7JYzR2jU0sjJMGALXidNBs9p0Fi1TGz3pZkxnQ5lwI5DX5ZSY0jiOcoVFt7k29GVFd0DPjm' .`
			`+ '1NyieYU6tpnanG+ZqHIT8Um3FajYh0x1iMMe2lLETjklqYiw==';`

			`$key = openssl_get_publickey($cert);`
			`var_dump(openssl_get_publickey($key));`
			`-var_dump(openssl_verify($data, base64_decode($sig), $key));`
			`+var_dump(openssl_verify($data, base64_decode($sig), $key, OPENSSL_ALGO_SHA256));`
			`?>`
			`--EXPECTF--`
			`object(OpenSSLAsymmetricKey)#%d (0) {`
			`diff --git a/ext/openssl/tests/bug66501.phpt b/ext/openssl/tests/bug66501.phpt`
			`index 4a7bfbf1361b..56d391032f7e 100644`
			`--- a/ext/openssl/tests/bug66501.phpt`
			`+++ b/ext/openssl/tests/bug66501.phpt`
			`@@ -18,7 +18,7 @@ AwEHoUQDQgAEPq4hbIWHvB51rdWr8ejrjWo4qVNWVugYFtPg/xLQw0mHkIPZ4DvK`
			`sqOTOnMoezkbSmVVMuwz9flvnqHGmQvmug==`
			`-----END EC PRIVATE KEY-----';`
			`$key = openssl_pkey_get_private($pkey);`
			`-$res = openssl_sign($data ='alpha', $sign, $key, 'SHA1');`
			`+$res = openssl_sign($data ='alpha', $sign, $key, 'SHA256');`
			`var_dump($res);`
			`?>`
			`--EXPECT--`
			`diff --git a/ext/openssl/tests/ecc.phpt b/ext/openssl/tests/ecc.phpt`
			`index a18651dc5e4b..297af1dccd0c 100644`
			`--- a/ext/openssl/tests/ecc.phpt`
			`+++ b/ext/openssl/tests/ecc.phpt`
			`@@ -64,7 +64,7 @@ $csr = openssl_csr_new($dn, $keyGenerate, $args);`

			`var_dump($keyGenerate);`

			`-$args["digest_alg"] = "sha1";`
			`+$args["digest_alg"] = "sha256";`
			`echo "Testing openssl_csr_new with existing ecc key\n";`
			`$csr = openssl_csr_new($dn, $key1, $args);`
			`var_dump($csr);`
			`diff --git a/ext/openssl/tests/openssl.cnf b/ext/openssl/tests/openssl.cnf`
			`index f3025aeb5caa..6146b93142cc 100644`
			`--- a/ext/openssl/tests/openssl.cnf`
			`+++ b/ext/openssl/tests/openssl.cnf`
			`@@ -7,6 +7,7 @@ tsa_policy2 = 1.2.3.4.5.6`

			`[ req ]`
			`default_bits = 1024`
			`+default_md = sha256`
			`default_keyfile = privkey.pem`
			`distinguished_name = req_distinguished_name`
			`attributes = req_attributes`
			`diff --git a/ext/openssl/tests/openssl_csr_export_basic.phpt b/ext/openssl/tests/openssl_csr_export_basic.phpt`
			`index 559befe23c92..95bf741e9ec1 100644`
			`--- a/ext/openssl/tests/openssl_csr_export_basic.phpt`
			`+++ b/ext/openssl/tests/openssl_csr_export_basic.phpt`
			`@@ -17,7 +17,7 @@ $dn = array(`
			`);`

			`$args = array(`
			`- "digest_alg" => "sha1",`
			`+ "digest_alg" => "sha256",`
			`"private_key_bits" => 2048,`
			`"private_key_type" => OPENSSL_KEYTYPE_DSA,`
			`"encrypt_key" => true,`
			`diff --git a/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt b/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt`
			`index dfa533b729cb..5b0920888163 100644`
			`--- a/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt`
			`+++ b/ext/openssl/tests/openssl_csr_export_to_file_basic.phpt`
			`@@ -25,7 +25,7 @@ $dn = array(`
			`);`

			`$args = array(`
			`- "digest_alg" => "sha1",`
			`+ "digest_alg" => "sha256",`
			`"private_key_bits" => 2048,`
			`"private_key_type" => OPENSSL_KEYTYPE_DSA,`
			`"encrypt_key" => true,`
			`@@ -66,12 +66,12 @@ BggTncBh9ozkVQGS/P1m0zn/SKSgDO+6DdeLHLMjpUASaoYfsay4PJLAdnTqLOeM`
			`g6qNE6u0ebZXVfmpSmV1pSZ6kQnxbsb6rX1iOZxkwHnVWYb40Hy0EILo31x6BVqB`
			`m159m7s38ChiRHqlj20DmRfxXjiT5YDgYYQ29wQBTVQrTN5O9UW5Y+eKTXd8r6te`
			`dsbIBXdKN7NeX7ksGYHq1I3hLsP8EyvZO78qfjKyEB0Jj3UCAwEAAaAAMA0GCSqG`
			`-SIb3DQEBBQUAA4IBAQCamzVmIbElkiDQKzQpkfU5tHjrWPrHDSB186NI0sQ8i6GQ`
			`-1YT6yPAXBPTQ1aER/6uAZJL5HfWEX8V1rKbe8GkPAPCHHQzmHyWlaO2EHS57zJhk`
			`-sRrhqkhhkSNiDg4OrsguhRtbB2VMGeDbqHGI89uGqqGHUiZc/Bh8N7WFXZkUU/A0`
			`-sfBgVeqg0P4SWez5fHXqBNcjMdMI5f0bikcDZSIfTHS8FX+PMurLBC8UPB0YNIOl`
			`-1r2Lvo+6YUHOziG1OwQd3K0xxu/JzzOE+lMB73ynz4V6DY5Qv3qVno1GpupvgmQA`
			`-JViHkCA9x6m8RJXAFvqmgLlWlUzbDv/cRrDfjWjR`
			`+SIb3DQEBCwUAA4IBAQCNtCIfMHBDRvNqHmrDfR/+A7ZJ+n/XzA2uQhvjEq91DeT8`
			`+IE7gjUtmj2sqKmHGIDO4uN4F9ZHYzcNk23n6CMljYqJLbB2dHC0V6vkDB7qod1TH`
			`+/SK39Yj0ji2AT45LD5rLH3vd1bjxdwwhyPyGhshKOIdnmBv4mwTRANIsiISMQV4Y`
			`+ZPAXJ5DTKkgdsY14hqhyWct1bWMPpj2MCLQGjKxK8vmbiKaNL1XxAS7chTXoy7un`
			`+NvBKc82Wy3XEuC9AkNFEytD6kA9gu8nFydvYTOvvhaQrf9RzwSitgi9Vj3mbujsN`
			`+f1JMPX0/eHrKvG9wBZu28FdS54xoWGeD1NGraW24`
			`-----END CERTIFICATE REQUEST-----`
			`"`

			`diff --git a/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt b/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt`
			`index 7faaf2f23454..9f128c200bea 100644`
			`--- a/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt`
			`+++ b/ext/openssl/tests/openssl_csr_get_public_key_basic.phpt`
			`@@ -23,7 +23,7 @@ $dn = array(`
			`);`

			`$args = array(`
			`- "digest_alg" => "sha1",`
			`+ "digest_alg" => "sha256",`
			`"private_key_bits" => 2048,`
			`"private_key_type" => OPENSSL_KEYTYPE_DSA,`
			`"encrypt_key" => true,`
			`diff --git a/ext/openssl/tests/openssl_csr_get_subject_basic.phpt b/ext/openssl/tests/openssl_csr_get_subject_basic.phpt`
			`index 6fe63e971775..79baeb65b8a5 100644`
			`--- a/ext/openssl/tests/openssl_csr_get_subject_basic.phpt`
			`+++ b/ext/openssl/tests/openssl_csr_get_subject_basic.phpt`
			`@@ -23,7 +23,7 @@ $dn = array(`
			`);`

			`$args = array(`
			`- "digest_alg" => "sha1",`
			`+ "digest_alg" => "sha256",`
			`"private_key_bits" => 2048,`
			`"private_key_type" => OPENSSL_KEYTYPE_DSA,`
			`"encrypt_key" => true,`
			`diff --git a/ext/openssl/tests/openssl_csr_sign_basic.phpt b/ext/openssl/tests/openssl_csr_sign_basic.phpt`
			`index a7030b392145..0cf678cc2944 100644`
			`--- a/ext/openssl/tests/openssl_csr_sign_basic.phpt`
			`+++ b/ext/openssl/tests/openssl_csr_sign_basic.phpt`
			`@@ -20,7 +20,7 @@ $dn = array(`
			`);`

			`$args = array(`
			`- "digest_alg" => "sha1",`
			`+ "digest_alg" => "sha256",`
			`"private_key_bits" => 2048,`
			`"private_key_type" => OPENSSL_KEYTYPE_DSA,`
			`"encrypt_key" => true,`
			`diff --git a/ext/openssl/tests/openssl_sign_basic.phpt b/ext/openssl/tests/openssl_sign_basic.phpt`
			`index 48deac9337c1..047028101893 100644`
			`--- a/ext/openssl/tests/openssl_sign_basic.phpt`
			`+++ b/ext/openssl/tests/openssl_sign_basic.phpt`
			`@@ -8,7 +8,7 @@ $data = "Testing openssl_sign()";`
			`$privkey = "file://" . __DIR__ . "/private_rsa_1024.key";`
			`$wrong = "wrong";`

			`-var_dump(openssl_sign($data, $sign, $privkey)); // no output`
			`+var_dump(openssl_sign($data, $sign, $privkey, OPENSSL_ALGO_SHA256)); // no output`
			`var_dump(openssl_sign($data, $sign, $wrong));`
			`?>`
			`--EXPECTF--`
			`diff --git a/ext/openssl/tests/openssl_spki_export_challenge_basic.phpt b/ext/openssl/tests/openssl_spki_export_challenge_basic.phpt`
			`index ab9076791be4..2fadc30e6810 100644`
			`--- a/ext/openssl/tests/openssl_spki_export_challenge_basic.phpt`
			`+++ b/ext/openssl/tests/openssl_spki_export_challenge_basic.phpt`
			`@@ -22,8 +22,6 @@ foreach ($key_sizes as $key_size) {`

			`/* array of available hashings to test */`
			`$algo = array(`
			`- OPENSSL_ALGO_MD5,`
			`- OPENSSL_ALGO_SHA1,`
			`OPENSSL_ALGO_SHA224,`
			`OPENSSL_ALGO_SHA256,`
			`OPENSSL_ALGO_SHA384,`
			`@@ -76,15 +74,3 @@ string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"`
			`bool\(false\)`
			`string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"`
			`bool\(false\)`
			`-string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"`
			`-bool\(false\)`
			`-string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"`
			`-bool\(false\)`
			`-string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"`
			`-bool\(false\)`
			`-string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"`
			`-bool\(false\)`
			`-string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"`
			`-bool\(false\)`
			`-string\(36\) \"[0-9a-f]{8}\-([0-9a-f]{4}\-){3}[0-9a-f]{12}\"`
			`-bool\(false\)`
			`diff --git a/ext/openssl/tests/openssl_spki_new_basic.phpt b/ext/openssl/tests/openssl_spki_new_basic.phpt`
			`index 1d29fe05bd81..6b661afde36f 100644`
			`--- a/ext/openssl/tests/openssl_spki_new_basic.phpt`
			`+++ b/ext/openssl/tests/openssl_spki_new_basic.phpt`
			`@@ -16,8 +16,6 @@ foreach ($key_sizes as $key_size) {`

			`/* array of available hashings to test */`
			`$algo = array(`
			`- OPENSSL_ALGO_MD5,`
			`- OPENSSL_ALGO_SHA1,`
			`OPENSSL_ALGO_SHA224,`
			`OPENSSL_ALGO_SHA256,`
			`OPENSSL_ALGO_SHA384,`
			`@@ -47,16 +45,10 @@ string(478) "%s"`
			`string(478) "%s"`
			`string(478) "%s"`
			`string(478) "%s"`
			`-string(478) "%s"`
			`-string(478) "%s"`
			`-string(830) "%s"`
			`string(830) "%s"`
			`string(830) "%s"`
			`string(830) "%s"`
			`string(830) "%s"`
			`-string(830) "%s"`
			`-string(1510) "%s"`
			`-string(1510) "%s"`
			`string(1510) "%s"`
			`string(1510) "%s"`
			`string(1510) "%s"`
			`diff --git a/ext/openssl/tests/openssl_spki_verify_basic.phpt b/ext/openssl/tests/openssl_spki_verify_basic.phpt`
			`index 9b624a7a5f72..19704b4a4fa8 100644`
			`--- a/ext/openssl/tests/openssl_spki_verify_basic.phpt`
			`+++ b/ext/openssl/tests/openssl_spki_verify_basic.phpt`
			`@@ -18,8 +18,6 @@ foreach ($key_sizes as $key_size) {`

			`/* array of available hashings to test */`
			`$algo = array(`
			`- OPENSSL_ALGO_SHA1,`
			`- OPENSSL_ALGO_SHA224,`
			`OPENSSL_ALGO_SHA256,`
			`OPENSSL_ALGO_SHA384,`
			`OPENSSL_ALGO_SHA512,`
			`@@ -65,15 +63,3 @@ bool(true)`
			`bool(false)`
			`bool(true)`
			`bool(false)`
			`-bool(true)`
			`-bool(false)`
			`-bool(true)`
			`-bool(false)`
			`-bool(true)`
			`-bool(false)`
			`-bool(true)`
			`-bool(false)`
			`-bool(true)`
			`-bool(false)`
			`-bool(true)`
			`-bool(false)`
			`diff --git a/ext/openssl/tests/openssl_verify_basic.phpt b/ext/openssl/tests/openssl_verify_basic.phpt`
			`index 0e93a21319d9..674a3c58a9ea 100644`
			`--- a/ext/openssl/tests/openssl_verify_basic.phpt`
			`+++ b/ext/openssl/tests/openssl_verify_basic.phpt`
			`@@ -9,12 +9,12 @@ $privkey = "file://" . __DIR__ . "/private_rsa_1024.key";`
			`$pubkey = "file://" . __DIR__ . "/public.key";`
			`$wrong = "wrong";`

			`-openssl_sign($data, $sign, $privkey);`
			`-var_dump(openssl_verify($data, $sign, $pubkey));`
			`-var_dump(openssl_verify($data, $sign, $privkey));`
			`-var_dump(openssl_verify($data, $sign, $wrong));`
			`-var_dump(openssl_verify($data, $wrong, $pubkey));`
			`-var_dump(openssl_verify($wrong, $sign, $pubkey));`
			`+openssl_sign($data, $sign, $privkey, OPENSSL_ALGO_SHA256);`
			`+var_dump(openssl_verify($data, $sign, $pubkey, OPENSSL_ALGO_SHA256));`
			`+var_dump(openssl_verify($data, $sign, $privkey, OPENSSL_ALGO_SHA256));`
			`+var_dump(openssl_verify($data, $sign, $wrong, OPENSSL_ALGO_SHA256));`
			`+var_dump(openssl_verify($data, $wrong, $pubkey, OPENSSL_ALGO_SHA256));`
			`+var_dump(openssl_verify($wrong, $sign, $pubkey, OPENSSL_ALGO_SHA256));`
			`?>`
			`--EXPECTF--`
			`int(1)`