I'm new to the PHP developers lists, so please sorry if i'm writing to
the wrong mailing list.
I'm using openssl extension and have found that it does not allow
to specify encryption method for generated pkcs12 containers when
using openssl_pkcs12_export() or openssl_pkcs12_export_to_file()
I'm using SSL-based authorization and have a system that generate
and sign certificates and send them to users as pkcs12 containers.
By default OpenSSL creates pkcs12 with certificates encrypted
using 40-bit RC2 method and private key encrypted with TripleDES.
However, there is a problem in Opera 9.50 browser, that prevents
loading of pkcs12 created this way and there is a need to change
certificate encryption scheme from RC2 to TripleDES. Currently,
there is no standard way to do this in PHP.
So I did modify a code and added support of two additional options in the
configuration array of openssl_pkcs12_export* functions: nid_key and
nid_cert. They correspond to the same parameters of PKCS12_Create()
function of OpenSSL and default to zero when not specified. Also
I have added an OPENSSL_PBE_* constants for encryption
I have tested this modification on my system and for me it works fine,
so I have decided to contribute my patch to the community in hope that
it will be useful for somebody like it is useful for me.
I do not know the patch contribution scheme of PHP project and did
not find how to do this at the PHP web site. Can you please tell me
where can I send my patch?