I find having to encrypt to and from a file quite a pain. I create a message
in PHP, save it to a temporary file, encrypt it to a second temporary file,
read this file, then mail the contents. If you are working with the message,
either before or after encryption, in PHP then this process clearly contains
more effort than it needs to. Also, writing the plain text message to disk
and then deleting it with the unlink, isn't all that secure.
This patch allows you to supply the message to encrypt as a string, and
allows you to get back the encrypted message as a string. Of course it is
still possible to use files if you prefer (by specifying files with the
"file://" prefix, as used by the certificate parameter). It's fairly
simple, and should probably be applied to other functions in this extension
too. If people like it, I'd be happy to do the same to these functions.
As I see it there are three potential problems with this patch:
- Changes default behaviour (people wanting to use files would need to add
"file://" to their filenames), so would be best added at a major version. - Encrypting a message from memory may not be binary safe (output to memory
will always be binary safe). - It's my first patch, so it may not be perfect. I'm happy to accept
criticism.
Richard.
Hi !
In the same series ..
I have no patch to provide but i've written two functions related to
php_openssl:
openssl_pubkey_export
openssl_pubkey_export_to_file
That simply allow the export of public keys that seems to be not possible
before.
I there is no special reason for that i can submit them (they are small
modification of openssl_pkey_export & openssl_pkey_export_to_file)
Eric
At 12:22 05/11/2003, Richard Antony Burton wrote:
I find having to encrypt to and from a file quite a pain. I create a message
in PHP, save it to a temporary file, encrypt it to a second temporary file,
read this file, then mail the contents. If you are working with the message,
either before or after encryption, in PHP then this process clearly contains
more effort than it needs to. Also, writing the plain text message to disk
and then deleting it with the unlink, isn't all that secure.This patch allows you to supply the message to encrypt as a string, and
allows you to get back the encrypted message as a string. Of course it is
still possible to use files if you prefer (by specifying files with the
"file://" prefix, as used by the certificate parameter). It's fairly
simple, and should probably be applied to other functions in this extension
too. If people like it, I'd be happy to do the same to these functions.As I see it there are three potential problems with this patch:
- Changes default behaviour (people wanting to use files would need to add
"file://" to their filenames), so would be best added at a major version.- Encrypting a message from memory may not be binary safe (output to memory
will always be binary safe).- It's my first patch, so it may not be perfect. I'm happy to accept
criticism.Richard.
I'm always open to patches; please send it as I plan to do some work on
openssl in the near future.
Thanks!
--Wez.
----- Original Message -----
From: "Eric COLINET" e.colinet@laposte.net
To: internals@lists.php.net
Cc: wez@php.net
Sent: Wednesday, November 05, 2003 12:57 PM
Subject: Re: [PHP-DEV] [PATCH] openssl_pkcs7_encrypt to/from variable or
file
Hi !
In the same series ..
I have no patch to provide but i've written two functions related to
php_openssl:
openssl_pubkey_export
openssl_pubkey_export_to_fileThat simply allow the export of public keys that seems to be not possible
before.I there is no special reason for that i can submit them (they are small
modification of openssl_pkey_export & openssl_pkey_export_to_file)