[alpine3.17] [openssl3] openssl_pkey_new always return false

[ahmed-alaa]

Hi,

I'm trying to upgrade from alpine 3.16 to 3.17 which comes with OpenSSL 3.0.x as default but I face issue with openssl_pkey_new that it always return false with some errors.

Tried the below method call with and without configs

openssl_pkey_new([
    'digest_alg' => 'sha256',
    'private_key_bits' => 512,
    'private_key_type' => OPENSSL_KEYTYPE_DSA,
]);

errors

error:0480006C:PEM routines::no start line<br />
error:0200008A:rsa routines::invalid padding<br />
error:02000072:rsa routines::padding check failed<br />
error:1C880004:Provider routines::RSA lib<br />
error:0480006C:PEM routines::no start line<br />
error:0480006C:PEM routines::no start line<br />
error:0480006C:PEM routines::no start line<br />
error:0480006C:PEM routines::no start line<br />
error:0480006C:PEM routines::no start line<br />
error:0480006C:PEM routines::no start line<br />
error:0480006C:PEM routines::no start line<br />
error:0480006C:PEM routines::no start line<br />
error:0480006C:PEM routines::no start line<br />
error:0480006C:PEM routines::no start line<br />
error:05000072:dsa routines::bad ffc parameters<br />

Env:

• Alpine 3.17
• PHP 8.1.18
• OpenSSL 3.0.8

Would be great if could get some ideas.

Thanks! :)

[tianon]

This sounds highly reminiscent of https://github.com/docker-library/php/issues/569

[ahmed-alaa]

Thnx @tianon will check it 👍