Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:27987 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 49424 invoked by uid 1010); 10 Feb 2007 15:25:02 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 49409 invoked from network); 10 Feb 2007 15:25:02 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 10 Feb 2007 15:25:02 -0000 Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass; domainkeys=bad Received-SPF: pass (pb1.pair.com: domain gmail.com designates 64.233.162.237 as permitted sender) DomainKey-Status: bad X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01 X-PHP-List-Original-Sender: pierre.php@gmail.com X-Host-Fingerprint: 64.233.162.237 nz-out-0506.google.com Linux 2.4/2.6 Received: from [64.233.162.237] ([64.233.162.237:18350] helo=nz-out-0506.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 16/D4-06763-EC3EDC54 for ; Sat, 10 Feb 2007 10:25:02 -0500 Received: by nz-out-0506.google.com with SMTP id k1so1193554nzf for ; Sat, 10 Feb 2007 07:24:59 -0800 (PST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=j0FilEWKOimvxEYznQzljQh8glLoUE/lWKBCjrzYahkXvHlT6CqDvClSsUuPPXAJb4WlJjooQcjp4WH2KOl7mFlxUvH+9NXwSuoV74XVHa91PWpd/XNDgvu6fP6FXJoB1dsc85tCxfibr6E3muzglxLO01tzPbPYx4s/PmvMMCY= Received: by 10.65.236.18 with SMTP id n18mr17725054qbr.1171121099251; Sat, 10 Feb 2007 07:24:59 -0800 (PST) Received: by 10.65.241.7 with HTTP; Sat, 10 Feb 2007 07:24:59 -0800 (PST) Message-ID: Date: Sat, 10 Feb 2007 16:24:59 +0100 To: "Wez Furlong" Cc: internals@lists.php.net In-Reply-To: <700A466F-7822-4371-AD6A-36F6880E6368@omniti.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <700A466F-7822-4371-AD6A-36F6880E6368@omniti.com> Subject: Re: [PHP-DEV] OpenID enabling patch for OpenSSL and PHP 5 From: pierre.php@gmail.com (Pierre) Hi Wez, On 2/10/07, Wez Furlong wrote: > I'd like to tuck the attached patch into the PHP 5 branch. > It provides the following functions, and does not modify the behavior > of any of the others: > > openssl_bignum_from_bin > openssl_bignum_from_hex > openssl_bignum_from_dec > openssl_bignum_to_string > > openssl_dh_generate_key > openssl_dh_compute_key > openssl_dh_get_params > openssl_dh_generate_parameters > > openssl_dsa_verify > > These functions allow one to implement OpenID and TypeKey > authentication schemes without resorting to writing crypto code in > user-space PHP--aside from the speed advantage, you have the benefit > of using the tried and trusted OpenSSL for your DH kex. As the idea is good (we discussed it many times), I would like a cleaner approach. The main problem in ext/openssl is its API. We added new functions for each small features addition, even if the feature itself is 99% the same as an existing function. The Big numbers API is not an exception. It can be even worst as it is really a single instance (a openssl big number) which can be processed (BN operations), exported or set. If you are in a hurry, I can clean my patch for the OO interface and prepare a php5 version. I think it would definitively better. However, if other prefers to go with your new functions for now, it will not be a big problem, it only clutters the api a bit more ;). Cheers, --Pierre