Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:46174
Return-Path: <rasmus@lerdorf.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 67871 invoked from network); 24 Nov 2009 17:40:22 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 24 Nov 2009 17:40:22 -0000
Authentication-Results: pb1.pair.com header.from=rasmus@lerdorf.com; sender-id=unknown
Authentication-Results: pb1.pair.com smtp.mail=rasmus@lerdorf.com; spf=permerror; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain lerdorf.com from 209.85.218.213 cause and error)
X-PHP-List-Original-Sender: rasmus@lerdorf.com
X-Host-Fingerprint: 209.85.218.213 mail-bw0-f213.google.com  
Received: from [209.85.218.213] ([209.85.218.213:55687] helo=mail-bw0-f213.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 08/D8-25180-38A1C0B4 for <internals@lists.php.net>; Tue, 24 Nov 2009 12:40:20 -0500
Received: by bwz5 with SMTP id 5so6551784bwz.23
        for <internals@lists.php.net>; Tue, 24 Nov 2009 09:40:16 -0800 (PST)
Received: by 10.204.143.153 with SMTP id v25mr6406294bku.116.1259084416119;
        Tue, 24 Nov 2009 09:40:16 -0800 (PST)
Received: from ?192.168.200.22? (c-98-234-184-167.hsd1.ca.comcast.net [98.234.184.167])
        by mx.google.com with ESMTPS id 13sm66678fxm.5.2009.11.24.09.40.14
        (version=TLSv1/SSLv3 cipher=RC4-MD5);
        Tue, 24 Nov 2009 09:40:15 -0800 (PST)
Message-ID: <4B0C1A7C.9030306@lerdorf.com>
Date: Tue, 24 Nov 2009 09:40:12 -0800
User-Agent: Thunderbird 2.0.0.23 (X11/20090817)
MIME-Version: 1.0
To: Rob Richards <rrichards@cdatazone.org>
CC: PHP Developers Mailing List <internals@lists.php.net>
References: <4B0C177A.6020500@cdatazone.org>
In-Reply-To: <4B0C177A.6020500@cdatazone.org>
X-Enigmail-Version: 0.95.7
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] openssl supported algorithms
From: rasmus@lerdorf.com (Rasmus Lerdorf)

Seems like a no-brainer for 5.3 and trunk.  You will have to discuss
with Ilia for 5.2.  It seems a bit late in the game for that branch to
get this.

-Rasmus

Rob Richards wrote:
> The openssl extension is way to restrictive in the algorithms it
> supports, i.e. no support for SHA265 which is starting to become the
> standard algo to use, etc.. Rather than having to always add more
> constants and additional logic for any new algorithms, I'd like to
> change the sign and verify functions to not only accept the current
> integers, but also a string so the EVP_get_digestbyname function can be
> used.
> 
> So while still supporting something list:
> openssl_sign($data, $signature, $priv_key_id, OPENSSL_ALGO_SHA1)
> 
> It can also be called using:
> openssl_sign($data, $signature, $priv_key_id, "SHA1")
> openssl_sign($data, $signature, $priv_key_id, "SHA256")
> 
> Attached is a patch to illustrate the change made to the PHP_5_2 branch
> (only to the sign function but same change would be made to verify as
> well).
> I'd really like to be able to support the string based algorithm rather
> than always having to add constants just for the added flexibility but
> in any case we really need to add support for more than what we have
> now. Personally I'd also like to see this in 5.2.12 but know that might
> be pushing it.
> 
> Rob
> 
>