[imp] Fwd: [PHP-DEV] Re: Bug #20936 Patch for use of public keys

Chuck Hagenbuch chuck at horde.org
Wed Dec 11 16:28:31 PST 2002


Is this useful to anyone working on S/MIME support?

----- Forwarded message from jeroen@derks.it -----
    Date: Wed, 11 Dec 2002 21:59:50 +0100
    From: Jeroen Derks <jeroen@derks.it>
Reply-To: Jeroen Derks <jeroen@derks.it>
 Subject: [PHP-DEV] Re: Bug #20936  Patch for use of public keys
      To: php-dev@lists.php.net

Hi there,

This is the patch for http://bugs.php.net/bug.php?id=20936
The file mentioned in the bug report is no longer available.
I have very slightly changed the documentation also. 

The patch enables reading of public keys with the function
openssl_pkey_get_public(). The following piece of code
would fail before this patch was applied:

<?php

    $key_string =<<< __EOF__
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ksziC2OJin7FhQZSWwC
wJwYA43Iomrhm9Fw7+JOCwjnDGTu+kdsEVNBitzB3qrKjkMlqqTSaacuwc7EwRDe
FKU0VaGHW8E1S+64juw56LIXEP/0I/r16O/feSd05mlOdNCfsNaZEXRiNQkfySDR
loui+699FuXUGUyfIYBVVUmEpTWaH3+vKOmqM9H3ccndAgGC4PVVEGyDfnLMV+l2
uyc9SMAB+OH9qj9cQqI8rqYHTBB5KxjHqHfskvA9bQZEvGlwfz0+fKU/joMqiUie
RV8YzKuh6G/zo5UFLgNXuYAGRt90zD+Fer9ivNJAx1yPvCp6OAvdCXMmEtgVJr1V
TQIDAQAB
-----END PUBLIC KEY-----
__EOF__;

    $public_key = openssl_pkey_get_public( $key_string );
    if ( !$public_key )
        echo 'Error: ' . openssl_error_string() . "\n";

?>

Result:
Error: error:0906D06C:PEM routines:PEM_read_bio:no start line

This is due to the fact that the php_openssl_evp_from_zval()
function was only able to deal with certificates. Perhaps this was
done on purpose, if so, could anyone explain?

Applying the patch will make the above code work and also enable
the resulting key resource to be used in e.g. the
openssl_public_encrypt() function. 

Also a check was added to the php_openssl_evp_from_zval() which
checks whether a key resource contains a private key if requested
(because now it is possible that the key resource only contains a
public key). For this a new function was introduced:

static int php_openssl_is_private_key(EVP_PKEY* pkey TSRMLS_DC);

TODO: perhaps a nicer solution would be to introduce another
resource type: 'OpenSSL public key'?

Please let me know what you think,
Kind regards,
Jeroen Derks

-- 
drs. Jeroen Derks, CISSP, SCJP     http://www.jeroenderks.com/
jeroen@derks.it                    http://www.derks.it/
Derks.IT                           gsm. +31 (0) 6 5577 8224
Postbus 56791                      fax. +31 (0) 84 870 6519
1040 AT  Amsterdam                 tel. +31 (0) 20 777 5488


----- End forwarded message -----


-chuck

--
Charles Hagenbuch, <chuck@horde.org>
"People ask me all the time what it will be like living without otters."
 - Google, thanks to Harpers-------------- next part --------------
-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php


More information about the imp mailing list