Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:56800
Return-Path: <jason.gerfen@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 94176 invoked from network); 6 Dec 2011 13:09:37 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 6 Dec 2011 13:09:37 -0000
Authentication-Results: pb1.pair.com smtp.mail=jason.gerfen@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=jason.gerfen@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.215.42 as permitted sender)
X-PHP-List-Original-Sender: jason.gerfen@gmail.com
X-Host-Fingerprint: 209.85.215.42 mail-lpp01m010-f42.google.com  
Received: from [209.85.215.42] ([209.85.215.42:40106] helo=mail-lpp01m010-f42.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 96/A7-55854-0141EDE4 for <internals@lists.php.net>; Tue, 06 Dec 2011 08:09:36 -0500
Received: by lahc1 with SMTP id c1so1091865lah.29
        for <internals@lists.php.net>; Tue, 06 Dec 2011 05:09:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=mime-version:date:message-id:subject:from:to:content-type;
        bh=nJ+PB4wzwOK+h7bt2D9lEmM/1qfF+YkE6Rp6suNpsyc=;
        b=eWS5GPKq66jgbQ61WY09rr/kvU5QmPIvx+9R3UqK9ntvuDHvF1noaAzf6mZJMSnE7J
         x0nt5DJxwVChAIbvzSGisWhnTRZ5K0rtNakI3yJLX7FtUOxTZKn/hVQYFOUBBghptJRr
         g0UGAn9CHAC/PslQh3hTOmRAASfh6vlHv3j38=
MIME-Version: 1.0
Received: by 10.152.103.132 with SMTP id fw4mr8996088lab.37.1323176973373;
 Tue, 06 Dec 2011 05:09:33 -0800 (PST)
Received: by 10.152.19.228 with HTTP; Tue, 6 Dec 2011 05:09:33 -0800 (PST)
Date: Tue, 6 Dec 2011 06:09:33 -0700
Message-ID: <CAMU2igub2SfC=8j1aL3ceqnpvv1deBVZ7dJQOFcz5+F229S2Qg@mail.gmail.com>
To: internals@lists.php.net
Content-Type: multipart/mixed; boundary=f46d04088cb7790f9f04b36c2564
Subject: Patch to implement SPKAC/SPKI support within OpenSSL extension
From: jason.gerfen@gmail.com (Jason Gerfen)

--f46d04088cb7790f9f04b36c2564
Content-Type: text/plain; charset=ISO-8859-1

Over the weekend I went ahead and created a patch to implement support
for SPKAC keys for the old/new KEYGEN element within the HTML5 spec.
According to feature requests at bugs.php.net I came accross this
existing request: https://bugs.php.net/bug.php?id=38917

I have filed a patch under this feature request but figured I would
make sure it doesn't get over looked as I am sure there are a few
developers out there (myself included) that would like to see this
upstream.

A little background. The patch implements the SPKAC support the
extisting OpenSSL extension has been missing. I am attatching the
patch as well as providing a simple test case of the functions it
implements. Any feedback is appreciated.

$key = openssl_pkey_new(array('digest_alg' => 'sha1',
                              'private_key_type' => OPENSSL_KEYTYPE_RSA,
                              'private_key_bits' => 2048));

if (function_exists('openssl_spki_new')){
 $spki = openssl_spki_new($key, 'password');
 echo $spki.'\n\r';
}

if (function_exists('openssl_spki_verify')){
 echo (empty($_POST['keygen'])) ?
openssl_spki_verify(preg_replace('/SPKAC=/', '', $spki)).'\n\r' :
openssl_spki_verify($_POST['keygen']);
}

if (function_exists('openssl_spki_export')){
 echo (empty($_POST['keygen'])) ?
openssl_spki_export(preg_replace('/SPKAC=/', '', $spki)).'\n\r' :
openssl_spki_export($_POST['keygen']);
}

The attatched patch should be pretty seamless and has been tested
again PHP-5.3.8 and OpenSSL-1.0.0e.


-- 
Jas

--f46d04088cb7790f9f04b36c2564
Content-Type: text/x-patch; charset=US-ASCII; name="spki.patch"
Content-Disposition: attachment; filename="spki.patch"
Content-Transfer-Encoding: base64
X-Attachment-Id: f_gvuxgwj20

ZGlmZiAtTmF1ciBwaHAtNS4zLjgvZXh0L29wZW5zc2wvb3BlbnNzbC5jIHBocC01LjMuOC1wYXRj
aGVkL2V4dC9vcGVuc3NsL29wZW5zc2wuYwotLS0gcGhwLTUuMy44L2V4dC9vcGVuc3NsL29wZW5z
c2wuYwkyMDExLTA3LTI1IDA1OjQyOjUzLjAwMDAwMDAwMCAtMDYwMAorKysgcGhwLTUuMy44LXBh
dGNoZWQvZXh0L29wZW5zc2wvb3BlbnNzbC5jCTIwMTEtMTItMDYgMDQ6MjQ6MzIuNDAzNTc4NjIx
IC0wNzAwCiAKQEAgLTM3MiwxMSArMzcyLDMwIEBACiAgICAgWkVORF9BUkdfSU5GTygwLCBsZW5n
dGgpCiAgICAgWkVORF9BUkdfSU5GTygxLCByZXN1bHRfaXNfc3Ryb25nKQogWkVORF9FTkRfQVJH
X0lORk8oKQorCitaRU5EX0JFR0lOX0FSR19JTkZPX0VYKGFyZ2luZm9fb3BlbnNzbF9zcGtpX25l
dywgMCwgMCwgMCkKKyAgICBaRU5EX0FSR19JTkZPKDAsIHByaXZrZXkpCisgICAgWkVORF9BUkdf
SU5GTygwLCBwYXNzd29yZCkKKyAgICBaRU5EX0FSR19JTkZPKDAsIHNwa2lfaGFzaCkKK1pFTkRf
RU5EX0FSR19JTkZPKCkKKworWkVORF9CRUdJTl9BUkdfSU5GTyhhcmdpbmZvX29wZW5zc2xfc3Br
aV92ZXJpZnksIDApCisgICAgWkVORF9BUkdfSU5GTygwLCBzcGtpKQorWkVORF9FTkRfQVJHX0lO
Rk8oKQorCitaRU5EX0JFR0lOX0FSR19JTkZPKGFyZ2luZm9fb3BlbnNzbF9zcGtpX2V4cG9ydCwg
MCkKKyAgICBaRU5EX0FSR19JTkZPKDAsIHNwa2kpCitaRU5EX0VORF9BUkdfSU5GTygpCiAvKiB9
fX0gKi8KIAogLyoge3t7IG9wZW5zc2xfZnVuY3Rpb25zW10KICAqLwogY29uc3QgemVuZF9mdW5j
dGlvbl9lbnRyeSBvcGVuc3NsX2Z1bmN0aW9uc1tdID0geworLyogc3BraSBmdW5jdGlvbnMgKi8K
KwlQSFBfRkUob3BlbnNzbF9zcGtpX25ldywgCQlhcmdpbmZvX29wZW5zc2xfc3BraV9uZXcpCisJ
UEhQX0ZFKG9wZW5zc2xfc3BraV92ZXJpZnksCQlhcmdpbmZvX29wZW5zc2xfc3BraV92ZXJpZnkp
CisJUEhQX0ZFKG9wZW5zc2xfc3BraV9leHBvcnQsCQlhcmdpbmZvX29wZW5zc2xfc3BraV9leHBv
cnQpCisKIC8qIHB1YmxpYy9wcml2YXRlIGtleSBmdW5jdGlvbnMgKi8KIAlQSFBfRkUob3BlbnNz
bF9wa2V5X2ZyZWUsCQkJYXJnaW5mb19vcGVuc3NsX3BrZXlfZnJlZSkKIAlQSFBfRkUob3BlbnNz
bF9wa2V5X25ldywJCQlhcmdpbmZvX29wZW5zc2xfcGtleV9uZXcpCgpAQCAtMTI1Miw2ICsxMjcx
LDE1MSBAQAogfQogLyogfX19ICovCiAKKy8qIHt7eyBwcm90byBzdHJpbmcgb3BlbnNzbF9zcGtp
X25ldyhtaXhlZCBwcml2X2tleSwgc3RyaW5nIHBhc3N3b3JkKQorICAgQ3JlYXRlcyBuZXcgcHJp
dmF0ZSBrZXkgKG9yIHVzZXMgZXhpc3RpbmcpIGFuZCBjcmVhdGVzIGEgbmV3IHNwa2kgY2VydAor
ICAgb3V0cHV0dGluZyByZXN1bHRzIHRvIHZhciAqLworUEhQX0ZVTkNUSU9OKG9wZW5zc2xfc3Br
aV9uZXcpCit7CisgenZhbCAqIHpvdXQsICogenBrZXkgPSBOVUxMOworIEVWUF9QS0VZICogcGtl
eSA9IE5VTEw7CisgTkVUU0NBUEVfU1BLSSAqc3BraT1OVUxMOworIGNoYXIgKiBwYXNzd29yZCwg
KiBzcGtzdHI7CisgbG9uZyBrZXlyZXNvdXJjZTsKKyBjb25zdCBjaGFyICpzcGthYyA9ICJTUEtB
Qz0iOworCisgUkVUVkFMX0ZBTFNFOworCisgemVuZF9wYXJzZV9wYXJhbWV0ZXJzKFpFTkRfTlVN
X0FSR1MoKSBUU1JNTFNfQ0MsICJyc3xzIiwgJnpwa2V5LCAmcGFzc3dvcmQsICZ6b3V0KTsKKwor
IHBrZXkgPSBwaHBfb3BlbnNzbF9ldnBfZnJvbV96dmFsKCZ6cGtleSwgMCwgcGFzc3dvcmQsIDEs
ICZrZXlyZXNvdXJjZSBUU1JNTFNfQ0MpOworCisgaWYgKHBrZXkgPT0gTlVMTCkgeworICBwaHBf
ZXJyb3JfZG9jcmVmKE5VTEwgVFNSTUxTX0NDLCBFX1dBUk5JTkcsICJjYW5ub3QgZ2V0IHByaXZh
dGUga2V5IGZyb20gcGFyYW1ldGVyIDEiKTsKKyAgZ290byBjbGVhbnVwOworIH0KKworIGlmICgo
c3BraSA9IE5FVFNDQVBFX1NQS0lfbmV3KCkpID09IE5VTEwpIHsKKyAgcGhwX2Vycm9yX2RvY3Jl
ZihOVUxMIFRTUk1MU19DQywgRV9XQVJOSU5HLCAiY2Fubm90IGdldCBzcGtpIGludGVyZmFjZSIp
OworICBnb3RvIGNsZWFudXA7CisgfQorCisgaWYgKHBhc3N3b3JkKSB7CisgIEFTTjFfU1RSSU5H
X3NldChzcGtpLT5zcGthYy0+Y2hhbGxlbmdlLCBwYXNzd29yZCwgKGludClzdHJsZW4ocGFzc3dv
cmQpKTsKKyB9CisKKyBpZiAoIU5FVFNDQVBFX1NQS0lfc2V0X3B1YmtleShzcGtpLCBwa2V5KSkg
eworICBwaHBfZXJyb3JfZG9jcmVmKE5VTEwgVFNSTUxTX0NDLCBFX1dBUk5JTkcsICJjYW5ub3Qg
Z2V0IHB1YmxpYyBrZXkgZnJvbSBzcGtpIik7CisgIGdvdG8gY2xlYW51cDsKKyB9CisKKyBpZiAo
IU5FVFNDQVBFX1NQS0lfc2lnbihzcGtpLCBwa2V5LCBFVlBfbWQ1KCkpKSB7CisgIHBocF9lcnJv
cl9kb2NyZWYoTlVMTCBUU1JNTFNfQ0MsIEVfV0FSTklORywgImNhbm5vdCBzaWduIHB1YmxpYyBr
ZXkgd2l0aCBzcGtpIik7CisgIGdvdG8gY2xlYW51cDsKKyB9CisKKyBzcGtzdHIgPSBORVRTQ0FQ
RV9TUEtJX2I2NF9lbmNvZGUoc3BraSk7CisKKyBjaGFyICogcyA9IG1hbGxvYyhzbnByaW50ZihO
VUxMLCAwLCAiJXMlcyIsIHNwa2FjLCBzcGtzdHIpICsgMSk7Cisgc3ByaW50ZihzLCAiJXMlcyIs
IHNwa2FjLCBzcGtzdHIpOworCisgUkVUVkFMX1NUUklOR0wocywgc3RybGVuKHMpLCAwKTsKKwor
Y2xlYW51cDoKKyBpZiAoa2V5cmVzb3VyY2UgPT0gLTEgJiYgcGtleSkgeworICBORVRTQ0FQRV9T
UEtJX2ZyZWUoc3BraSk7CisgIEVWUF9QS0VZX2ZyZWUocGtleSk7CisgfQorfQorLyogfX19ICov
CisKKy8qIHt7eyBwcm90byBib29sIG9wZW5zc2xfc3BraV92ZXJpZnkoc3RyaW5nIHNwa2kpCisg
ICBWZXJpZmllcyBzcGtpIHJldHVybnMgYm9vbGVhbiAqLworUEhQX0ZVTkNUSU9OKG9wZW5zc2xf
c3BraV92ZXJpZnkpCit7CisgaW50IHNwa3N0cl9sZW4sIGksIHg9MDsKKyBjaGFyICpzcGtzdHIg
PSBOVUxMOworIEVWUF9QS0VZICpwa2V5ID0gTlVMTDsKKyBORVRTQ0FQRV9TUEtJICpzcGtpID0g
TlVMTDsKKworIGlmICh6ZW5kX3BhcnNlX3BhcmFtZXRlcnMoWkVORF9OVU1fQVJHUygpIFRTUk1M
U19DQywgInMiLCAmc3Brc3RyLCAmc3Brc3RyX2xlbikgPT0gRkFJTFVSRSkgeworICBwaHBfZXJy
b3JfZG9jcmVmKE5VTEwgVFNSTUxTX0NDLCBFX1dBUk5JTkcsICJtaXNzaW5nIGFyZ3VtZW50IDEi
KTsKKyAgZ290byBjbGVhbnVwOworIH0KKworIGlmICghc3Brc3RyKSB7CisgIHBocF9lcnJvcl9k
b2NyZWYoTlVMTCBUU1JNTFNfQ0MsIEVfV0FSTklORywgInNwa2kgbm90IGZvdW5kIik7CisgIGdv
dG8gY2xlYW51cDsKKyB9CisKKyBzcGtpID0gTkVUU0NBUEVfU1BLSV9iNjRfZGVjb2RlKHNwa3N0
ciwgLTEpOworIGlmICghc3BraSkgeworICBwaHBfZXJyb3JfZG9jcmVmKE5VTEwgVFNSTUxTX0ND
LCBFX1dBUk5JTkcsICJlcnJvciBkZWNvZGluZyBzcGtpIik7CisgIGdvdG8gY2xlYW51cDsKKyB9
CisKKyBwa2V5ID0gTkVUU0NBUEVfU1BLSV9nZXRfcHVia2V5KHNwa2kpOworIGlmIChwa2V5ID09
IE5VTEwpIHsKKyAgcGhwX2Vycm9yX2RvY3JlZihOVUxMIFRTUk1MU19DQywgRV9XQVJOSU5HLCAi
ZXJyb3IgZ2V0dGluZyBwdWJsaWMga2V5IGZyb20gc3BraSIpOworICBnb3RvIGNsZWFudXA7Cisg
fQorCisgaSA9IE5FVFNDQVBFX1NQS0lfdmVyaWZ5KHNwa2ksIHBrZXkpOworCisgaWYgKGkgPiAw
KSB7CisgIHggPSAxOworIH0gZWxzZSB7CisgIHggPSAwOworIH0KKyBnb3RvIGNsZWFudXA7CisK
K2NsZWFudXA6CisgRVZQX1BLRVlfZnJlZShwa2V5KTsKKyBSRVRWQUxfQk9PTCh4KTsKK30KKy8q
IH19fSAqLworCisvKiB7e3sgcHJvdG8gc3RyaW5nIG9wZW5zc2xfc3BraV9leHBvcnQoc3RyaW5n
IHNwa2kpCisgICBFeHBvcnRzIHB1YmxpYyBrZXkgZnJvbSBleGlzdGluZyBzcGtpIHRvIHZhciAq
LworUEhQX0ZVTkNUSU9OKG9wZW5zc2xfc3BraV9leHBvcnQpCit7CisgaW50IHNwa3N0cl9sZW47
CisgRVZQX1BLRVkgKnBrZXkgPSBOVUxMOworIE5FVFNDQVBFX1NQS0kgKnNwa2kgPSBOVUxMOwor
IEJJTyAqb3V0ID0gQklPX25ld19mcChzdGRvdXQsIEJJT19OT0NMT1NFKTsKKyBjaGFyICpzcGtz
dHI7CisKKyBSRVRWQUxfRkFMU0U7CisKKyBpZiAoemVuZF9wYXJzZV9wYXJhbWV0ZXJzKFpFTkRf
TlVNX0FSR1MoKSBUU1JNTFNfQ0MsICJzIiwgJnNwa3N0ciwgJnNwa3N0cl9sZW4pID09IEZBSUxV
UkUpIHsKKyAgcGhwX2Vycm9yX2RvY3JlZihOVUxMIFRTUk1MU19DQywgRV9XQVJOSU5HLCAibWlz
c2luZyBhcmd1bWVudCAxIik7CisgIGdvdG8gY2xlYW51cDsKKyB9CisKKyBpZiAoIXNwa3N0cikg
eworICBwaHBfZXJyb3JfZG9jcmVmKE5VTEwgVFNSTUxTX0NDLCBFX1dBUk5JTkcsICJzcGtpIG5v
dCBmb3VuZCIpOworICBnb3RvIGNsZWFudXA7CisgfQorCisgc3BraSA9IE5FVFNDQVBFX1NQS0lf
YjY0X2RlY29kZShzcGtzdHIsIHN0cmxlbihzcGtzdHIpKTsKKyBpZiAoIXNwa2kpIHsKKyAgcGhw
X2Vycm9yX2RvY3JlZihOVUxMIFRTUk1MU19DQywgRV9XQVJOSU5HLCAiZXJyb3IgZGVjb2Rpbmcg
c3BraSIpOworICBnb3RvIGNsZWFudXA7CisgfQorCisgcGtleSA9IE5FVFNDQVBFX1NQS0lfZ2V0
X3B1YmtleShzcGtpKTsKKyBpZiAoIXBrZXkpIHsKKyAgcGhwX2Vycm9yX2RvY3JlZihOVUxMIFRT
Uk1MU19DQywgRV9XQVJOSU5HLCAiZXJyb3IgZ2V0dGluZyBwdWJsaWMga2V5IGZyb20gc3BraSIp
OworICBnb3RvIGNsZWFudXA7CisgfQorCisgUEVNX3dyaXRlX2Jpb19QVUJLRVkob3V0LCBwa2V5
KTsKKworY2xlYW51cDoKKyBORVRTQ0FQRV9TUEtJX2ZyZWUoc3BraSk7CisgRVZQX1BLRVlfZnJl
ZShwa2V5KTsKK30KKy8qIH19fSAqLworCiAvKiB7e3sgcHJvdG8gYm9vbCBvcGVuc3NsX3g1MDlf
ZXhwb3J0KG1peGVkIHg1MDksIHN0cmluZyAmb3V0IFssIGJvb2wgbm90ZXh0ID0gdHJ1ZV0pCiAg
ICBFeHBvcnRzIGEgQ0VSVCB0byBmaWxlIG9yIGEgdmFyICovCiBQSFBfRlVOQ1RJT04ob3BlbnNz
bF94NTA5X2V4cG9ydCkKCmRpZmYgLU5hdXIgcGhwLTUuMy44L2V4dC9vcGVuc3NsL3BocF9vcGVu
c3NsLmggcGhwLTUuMy44LXBhdGNoZWQvZXh0L29wZW5zc2wvcGhwX29wZW5zc2wuaAotLS0gcGhw
LTUuMy44L2V4dC9vcGVuc3NsL3BocF9vcGVuc3NsLmgJMjAxMC0xMi0zMSAxOToxOTo1OS4wMDAw
MDAwMDAgLTA3MDAKKysrIHBocC01LjMuOC1wYXRjaGVkL2V4dC9vcGVuc3NsL3BocF9vcGVuc3Ns
LmgJMjAxMS0xMi0wNiAwNDoyNDo1Ni41ODEyNzYzNTggLTA3MDAKQEAgLTc0LDYgKzc0LDEwIEBA
CiBQSFBfRlVOQ1RJT04ob3BlbnNzbF9jc3Jfc2lnbik7CiBQSFBfRlVOQ1RJT04ob3BlbnNzbF9j
c3JfZ2V0X3N1YmplY3QpOwogUEhQX0ZVTkNUSU9OKG9wZW5zc2xfY3NyX2dldF9wdWJsaWNfa2V5
KTsKKworUEhQX0ZVTkNUSU9OKG9wZW5zc2xfc3BraV9uZXcpOworUEhQX0ZVTkNUSU9OKG9wZW5z
c2xfc3BraV92ZXJpZnkpOworUEhQX0ZVTkNUSU9OKG9wZW5zc2xfc3BraV9leHBvcnQpOwogI2Vs
c2UKIAogI2RlZmluZSBwaHBleHRfb3BlbnNzbF9wdHIgTlVMTAo=
--f46d04088cb7790f9f04b36c2564--