Hi
I'm new to the PHP developers lists, so please sorry if i'm writing to
the wrong mailing list.
I'm using openssl extension and have found that it does not allow
to specify encryption method for generated pkcs12 containers when
using openssl_pkcs12_export() or openssl_pkcs12_export_to_file()
functions.
I'm using SSL-based authorization and have a system that generate
and sign certificates and send them to users as pkcs12 containers.
By default OpenSSL creates pkcs12 with certificates encrypted
using 40-bit RC2 method and private key encrypted with TripleDES.
However, there is a problem in Opera 9.50 browser, that prevents
loading of pkcs12 created this way and there is a need to change
certificate encryption scheme from RC2 to TripleDES. Currently,
there is no standard way to do this in PHP.
So I did modify a code and added support of two additional options in the
configuration array of openssl_pkcs12_export* functions: nid_key and
nid_cert. They correspond to the same parameters of PKCS12_Create()
function of OpenSSL and default to zero when not specified. Also
I have added an OPENSSL_PBE_* constants for encryption
methods.
I have tested this modification on my system and for me it works fine,
so I have decided to contribute my patch to the community in hope that
it will be useful for somebody like it is useful for me.
I do not know the patch contribution scheme of PHP project and did
not find how to do this at the PHP web site. Can you please tell me
where can I send my patch?
hi!
I do not know the patch contribution scheme of PHP project and did
not find how to do this at the PHP web site. Can you please tell me
where can I send my patch?
Best would be to create a new report (http://bugs.php.net) with a link
to the patch, examples and tests. You can reply as well to this thread
with the info. I may have the time to review and test it before the
next 5.3 alpha3.
Cheers,
Hi Pierre,
If you have time to look at his bug, maybe you'll also have time to look
at my one-line patch also related to OpenSSL ?
http://bugs.php.net/bug.php?id=46127
I really don't know if I'm being ignored or what, but every time I write
something for PHP, it gets nowhere (see: bug #46073 and #46496), to the
point I'm thinking of creating my own branch of PHP with my own patches.
So, is that my own impression, or is it just that everybody is just too
worried with choices of namespace separators (yeah I also have an
opinion about this, but it's not relevant to the scope of this mail) or
whatever?
Mark
Le dimanche 09 novembre 2008 à 01:05 +0100, Pierre Joye a écrit :
hi!
I do not know the patch contribution scheme of PHP project and did
not find how to do this at the PHP web site. Can you please tell me
where can I send my patch?Best would be to create a new report (http://bugs.php.net) with a link
to the patch, examples and tests. You can reply as well to this thread
with the info. I may have the time to review and test it before the
next 5.3 alpha3.Cheers,
hi,
Hi Pierre,
If you have time to look at his bug, maybe you'll also have time to look
at my one-line patch also related to OpenSSL ?http://bugs.php.net/bug.php?id=46127
I really don't know if I'm being ignored or what, but every time I write
something for PHP, it gets nowhere (see: bug #46073 and #46496), to the
point I'm thinking of creating my own branch of PHP with my own patches.
It is more a matter of availability. I will take a look at them too.
So, is that my own impression, or is it just that everybody is just too
worried with choices of namespace separators (yeah I also have an
opinion about this, but it's not relevant to the scope of this mail) or
whatever?
Namespace discussions are irrelevant in any other feature requests.
--
Pierre
http://blog.thepimp.net | http://www.libgd.org