Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:46175 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 9434 invoked from network); 24 Nov 2009 21:51:37 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 24 Nov 2009 21:51:37 -0000 Authentication-Results: pb1.pair.com header.from=rrichards@cdatazone.org; sender-id=softfail Authentication-Results: pb1.pair.com smtp.mail=rrichards@cdatazone.org; spf=softfail; sender-id=softfail Received-SPF: softfail (pb1.pair.com: domain cdatazone.org does not designate 207.58.142.213 as permitted sender) X-PHP-List-Original-Sender: rrichards@cdatazone.org X-Host-Fingerprint: 207.58.142.213 smtp2go.com Linux 2.6 Received: from [207.58.142.213] ([207.58.142.213:49370] helo=smtp2go.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id BB/56-04364-6655C0B4 for ; Tue, 24 Nov 2009 16:51:36 -0500 Received: from [67.158.171.203] (helo=Rob-Richardss-MacBook-Pro.local) by smtp2go.com with esmtp (Exim 4.69) (envelope-from ) id 1ND3IF-0006lb-DO; Tue, 24 Nov 2009 21:51:27 +0000 Message-ID: <4B0C555E.4030004@cdatazone.org> Date: Tue, 24 Nov 2009 16:51:26 -0500 User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: Rasmus Lerdorf CC: PHP Developers Mailing List References: <4B0C177A.6020500@cdatazone.org> <4B0C1A7C.9030306@lerdorf.com> In-Reply-To: <4B0C1A7C.9030306@lerdorf.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-SMTP2Go-MailScanner-Information: Please contact support@smtp2go.com for more information X-SMTP2Go-MailScanner-ID: 1ND3IF-0006lb-DO X-SMTP2Go-MailScanner: Found to be clean X-SMTP2Go-MailScanner-From: rrichards@cdatazone.org Subject: Re: [PHP-DEV] openssl supported algorithms From: rrichards@cdatazone.org (Rob Richards) If I had only checked... Appears its been in trunk (and 5_3) for over 2 years now :) Rob Rasmus Lerdorf wrote: > Seems like a no-brainer for 5.3 and trunk. You will have to discuss > with Ilia for 5.2. It seems a bit late in the game for that branch to > get this. > > -Rasmus > > Rob Richards wrote: > >> The openssl extension is way to restrictive in the algorithms it >> supports, i.e. no support for SHA265 which is starting to become the >> standard algo to use, etc.. Rather than having to always add more >> constants and additional logic for any new algorithms, I'd like to >> change the sign and verify functions to not only accept the current >> integers, but also a string so the EVP_get_digestbyname function can be >> used. >> >> So while still supporting something list: >> openssl_sign($data, $signature, $priv_key_id, OPENSSL_ALGO_SHA1) >> >> It can also be called using: >> openssl_sign($data, $signature, $priv_key_id, "SHA1") >> openssl_sign($data, $signature, $priv_key_id, "SHA256") >> >> Attached is a patch to illustrate the change made to the PHP_5_2 branch >> (only to the sign function but same change would be made to verify as >> well). >> I'd really like to be able to support the string based algorithm rather >> than always having to add constants just for the added flexibility but >> in any case we really need to add support for more than what we have >> now. Personally I'd also like to see this in 5.2.12 but know that might >> be pushing it. >> >> Rob >> >> >> > > >