FAQ
Hi

I'm new to the PHP developers lists, so please sorry if i'm writing to
the wrong mailing list.

I'm using openssl extension and have found that it does not allow
to specify encryption method for generated pkcs12 containers when
using openssl_pkcs12_export() or openssl_pkcs12_export_to_file()
functions.

I'm using SSL-based authorization and have a system that generate
and sign certificates and send them to users as pkcs12 containers.
By default OpenSSL creates pkcs12 with certificates encrypted
using 40-bit RC2 method and private key encrypted with TripleDES.
However, there is a problem in Opera 9.50 browser, that prevents
loading of pkcs12 created this way and there is a need to change
certificate encryption scheme from RC2 to TripleDES. Currently,
there is no standard way to do this in PHP.

So I did modify a code and added support of two additional options in the
configuration array of openssl_pkcs12_export* functions: nid_key and
nid_cert. They correspond to the same parameters of PKCS12_Create()
function of OpenSSL and default to zero when not specified. Also
I have added an OPENSSL_PBE_* constants for encryption
methods.

I have tested this modification on my system and for me it works fine,
so I have decided to contribute my patch to the community in hope that
it will be useful for somebody like it is useful for me.

I do not know the patch contribution scheme of PHP project and did
not find how to do this at the PHP web site. Can you please tell me
where can I send my patch?

Search Discussions

  • Pierre Joye at Nov 9, 2008 at 12:05 am
    hi!
    On Sat, Nov 8, 2008 at 11:37 PM, Nikolay Zapolnov wrote:

    I do not know the patch contribution scheme of PHP project and did
    not find how to do this at the PHP web site. Can you please tell me
    where can I send my patch?
    Best would be to create a new report (http://bugs.php.net) with a link
    to the patch, examples and tests. You can reply as well to this thread
    with the info. I may have the time to review and test it before the
    next 5.3 alpha3.

    Cheers,
  • "M." Karpelès at Nov 9, 2008 at 8:39 am
    Hi Pierre,

    If you have time to look at his bug, maybe you'll also have time to look
    at my one-line patch also related to OpenSSL ?

    http://bugs.php.net/bug.php?id=46127

    I really don't know if I'm being ignored or what, but every time I write
    something for PHP, it gets nowhere (see: bug #46073 and #46496), to the
    point I'm thinking of creating my own branch of PHP with my own patches.

    So, is that my own impression, or is it just that everybody is just too
    worried with choices of namespace separators (yeah I also have an
    opinion about this, but it's not relevant to the scope of this mail) or
    whatever?


    Mark

    Le dimanche 09 novembre 2008 à 01:05 +0100, Pierre Joye a écrit :
    hi!
    On Sat, Nov 8, 2008 at 11:37 PM, Nikolay Zapolnov wrote:

    I do not know the patch contribution scheme of PHP project and did
    not find how to do this at the PHP web site. Can you please tell me
    where can I send my patch?
    Best would be to create a new report (http://bugs.php.net) with a link
    to the patch, examples and tests. You can reply as well to this thread
    with the info. I may have the time to review and test it before the
    next 5.3 alpha3.

    Cheers,
    --
    Pierre
    http://blog.thepimp.net | http://www.libgd.org
  • Pierre Joye at Nov 9, 2008 at 5:18 pm
    hi,
    On Sun, Nov 9, 2008 at 9:39 AM, M. Karpelès wrote:
    Hi Pierre,

    If you have time to look at his bug, maybe you'll also have time to look
    at my one-line patch also related to OpenSSL ?

    http://bugs.php.net/bug.php?id=46127

    I really don't know if I'm being ignored or what, but every time I write
    something for PHP, it gets nowhere (see: bug #46073 and #46496), to the
    point I'm thinking of creating my own branch of PHP with my own patches.
    It is more a matter of availability. I will take a look at them too.
    So, is that my own impression, or is it just that everybody is just too
    worried with choices of namespace separators (yeah I also have an
    opinion about this, but it's not relevant to the scope of this mail) or
    whatever?
    Namespace discussions are irrelevant in any other feature requests.
  • Jani Taskinen at Nov 9, 2008 at 9:44 pm

    Pierre Joye kirjoitti:
    hi,
    On Sun, Nov 9, 2008 at 9:39 AM, M. Karpelès wrote:
    Hi Pierre,

    If you have time to look at his bug, maybe you'll also have time to look
    at my one-line patch also related to OpenSSL ?

    http://bugs.php.net/bug.php?id=46127

    I really don't know if I'm being ignored or what, but every time I write
    something for PHP, it gets nowhere (see: bug #46073 and #46496), to the
    point I'm thinking of creating my own branch of PHP with my own patches.
    It is more a matter of availability. I will take a look at them too.
    Given your track record for keeping promises, I wouldn't hold my breath waiting.
    Please leave the bugs for the people who actually deliver what they promise.

    --Jani

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupphp-internals @
categoriesphp
postedNov 8, '08 at 10:38p
activeNov 9, '08 at 9:44p
posts5
users4
websitephp.net

People

Translate

site design / logo © 2022 Grokbase