Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:5208
Return-Path: <e.colinet@laposte.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 4481 invoked by uid 1010); 5 Nov 2003 11:59:09 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 4447 invoked from network); 5 Nov 2003 11:59:09 -0000
Received: from unknown (HELO mwinf0303.wanadoo.fr) (193.252.22.28)
  by pb1.pair.com with SMTP; 5 Nov 2003 11:59:09 -0000
Received: from enolas.laposte.net (AMontsouris-108-1-5-206.w193-253.abo.wanadoo.fr [193.253.216.206])
	by mwinf0303.wanadoo.fr (SMTP Server) with ESMTP
	id AB01350008D4; Wed,  5 Nov 2003 12:59:08 +0100 (CET)
Message-ID: <6.0.0.22.1.20031105123956.01ae5ee0@pop.laposte.net>
X-Sender: e.colinet@pop.laposte.net (Unverified)
X-Mailer: QUALCOMM Windows Eudora Version 6.0.0.22
Date: Wed, 05 Nov 2003 12:57:20 +0100
To: <internals@lists.php.net>
Cc: <wez@php.net>
In-Reply-To: <BAY2-DAV72TRNxgfByK00005fd8@hotmail.com>
References: <BAY2-DAV72TRNxgfByK00005fd8@hotmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Subject: Re: [PHP-DEV] [PATCH] openssl_pkcs7_encrypt to/from variable
  or file
From: e.colinet@laposte.net (Eric COLINET)

Hi !

In the same series ..

I have no patch to provide but i've written two functions related to 
php_openssl:
         openssl_pubkey_export
         openssl_pubkey_export_to_file

That simply allow the export of public keys that seems to be not possible 
before.

I there is no special reason for that i can submit them (they are small 
modification of openssl_pkey_export & openssl_pkey_export_to_file)


Eric


At 12:22 05/11/2003, Richard Antony Burton wrote:
>I find having to encrypt to and from a file quite a pain. I create a message
>in PHP, save it to a temporary file, encrypt it to a second temporary file,
>read this file, then mail the contents. If you are working with the message,
>either before or after encryption, in PHP then this process clearly contains
>more effort than it needs to. Also, writing the plain text message to disk
>and then deleting it with the unlink, isn't all that secure.
>
>This patch allows you to supply the message to encrypt as a string, and
>allows you to get back the encrypted message as a string. Of course it is
>still possible to use files if you prefer (by specifying files with the
>"file://" prefix, as used by the certificate parameter).  It's fairly
>simple, and should probably be applied to other functions in this extension
>too. If people like it, I'd be happy to do the same to these functions.
>
>As I see it there are three potential problems with this patch:
>1) Changes default behaviour (people wanting to use files would need to add
>"file://" to their filenames), so would be best added at a major version.
>2) Encrypting a message from memory may not be binary safe (output to memory
>will always be binary safe).
>3) It's my first patch, so it may not be perfect. I'm happy to accept
>criticism.
>
>Richard.
>
>--
>PHP Internals - PHP Runtime Development Mailing List
>To unsubscribe, visit: http://www.php.net/unsub.php