Hi,
The PHP functions openssl_pkcs7_(sign|encrypt|decrypt|verify) do require files to be executed. In
many cases this will create the unintended requirement of temporary files. In compare with
openssl_(sign|encrypt|decrypt|verify|...) which are doing almost the same thing this is a strange
behavior.
When we look at the purpose of openssl_pkcs7_* (working with digital signatures in mail), you would
not expect to work with files instead of strings for this few data.
Regards,
Paul
For the record: I created a proof-of-concept patch which changes
openssl_pkcs7_sign() to use the input filename as a string instead as a
filename. Paul has tested this and it seems to work.
I don't know what the best way is to go from here. We could add an extra
argument to all those functions which toggles whether they are threated as
filenames or not. Or we could let all the functies also accept streams, etc..
Is there a maintainer of the OpenSSL (pcks7) functions?
-- Jille
Op 15-7-2010 11:15, Paul van Brouwershaven schreef:
Hi,
The PHP functions openssl_pkcs7_(sign|encrypt|decrypt|verify) do require files to be executed. In
many cases this will create the unintended requirement of temporary files. In compare with
openssl_(sign|encrypt|decrypt|verify|...) which are doing almost the same thing this is a strange
behavior.When we look at the purpose of openssl_pkcs7_* (working with digital signatures in mail), you would
not expect to work with files instead of strings for this few data.Regards,
Paul
hi,
For the record: I created a proof-of-concept patch which changes
openssl_pkcs7_sign()to use the input filename as a string instead as a
filename. Paul has tested this and it seems to work.I don't know what the best way is to go from here. We could add an extra
argument to all those functions which toggles whether they are threated as
filenames or not. Or we could let all the functies also accept streams,
etc..
Is there a maintainer of the OpenSSL (pcks7) functions?-- Jille
Op 15-7-2010 11:15, Paul van Brouwershaven schreef:
Hi,
The PHP functions openssl_pkcs7_(sign|encrypt|decrypt|verify) do require
files to be executed. In
many cases this will create the unintended requirement of temporary files.
In compare with
openssl_(sign|encrypt|decrypt|verify|...) which are doing almost the same
thing this is a strange
behavior.When we look at the purpose of openssl_pkcs7_* (working with digital
signatures in mail), you would
not expect to work with files instead of strings for this few data.
Can you open a feature request for these changes/features please? So I
won't lost track of them.
Thanks for your workd and feedbacks,
Cheers,
Pierre
@pierrejoye | http://blog.thepimp.net | http://www.libgd.org
Op 16-7-2010 9:54, Pierre Joye schreef:
Can you open a feature request for these changes/features please? So I
won't lost track of them.