Over the weekend I went ahead and created a patch to implement support
for SPKAC keys for the old/new KEYGEN element within the HTML5 spec.
According to feature requests at bugs.php.net I came accross this
existing request: https://bugs.php.net/bug.php?id=38917
I have filed a patch under this feature request but figured I would
make sure it doesn't get over looked as I am sure there are a few
developers out there (myself included) that would like to see this
upstream.
A little background. The patch implements the SPKAC support the
extisting OpenSSL extension has been missing. I am attatching the
patch as well as providing a simple test case of the functions it
implements. Any feedback is appreciated.
$key = openssl_pkey_new(array('digest_alg' => 'sha1',
'private_key_type' => OPENSSL_KEYTYPE_RSA,
'private_key_bits' => 2048));
if (function_exists('openssl_spki_new')){
$spki = openssl_spki_new($key, 'password');
echo $spki.'\n\r';
}
if (function_exists('openssl_spki_verify')){
echo (empty($_POST['keygen'])) ?
openssl_spki_verify(preg_replace('/SPKAC=/', '', $spki)).'\n\r' :
openssl_spki_verify($_POST['keygen']);
}
if (function_exists('openssl_spki_export')){
echo (empty($_POST['keygen'])) ?
openssl_spki_export(preg_replace('/SPKAC=/', '', $spki)).'\n\r' :
openssl_spki_export($_POST['keygen']);
}
The attatched patch should be pretty seamless and has been tested
again PHP-5.3.8 and OpenSSL-1.0.0e.
--
Jas