Re: [PHP-DEV] In memory support for openssl_pkcs7_*

[Jille Timmermans]

For the record: I created a proof-of-concept patch which changes 
openssl_pkcs7_sign() to use the input filename as a string instead as a 
filename. Paul has tested this and it seems to work.

I don't know what the best way is to go from here. We could add an extra 
argument to all those functions which toggles whether they are threated as 
filenames or not. Or we could let all the functies also accept streams, etc..
Is there a maintainer of the OpenSSL (pcks7) functions?
-- Jille

Op 15-7-2010 11:15, Paul van Brouwershaven schreef:
Hi,

The PHP functions openssl_pkcs7_(sign|encrypt|decrypt|verify) do require files 
to be executed. In
many cases this will create the unintended requirement of temporary files. In 
compare with
openssl_(sign|encrypt|decrypt|verify|...) which are doing almost the same thing 
this is a strange
behavior.

When we look at the purpose of openssl_pkcs7_* (working with digital signatures 
in mail), you would
not expect to work with files instead of strings for this few data.

Regards,

Paul

Index: openssl.c
===================================================================
--- openssl.c   (revision 14)
+++ openssl.c   (working copy)
@@ -3514,12 +3514,12 @@
        uint strindexlen;
        HashPosition hpos;
        char * strindex;
-       char * infilename;      int infilename_len;
+       char * infiledata;      int infiledata_len;
        char * outfilename;     int outfilename_len;
        char * extracertsfilename = NULL; int extracertsfilename_len;
 
        if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "ssZZa!|ls",
-                               &infilename, &infilename_len, &outfilename, 
&outfilename_len,
+                               &infiledata, &infiledata_len, &outfilename, 
&outfilename_len,
                                &zcert, &zprivkey, &zheaders, &flags, 
&extracertsfilename,
                                &extracertsfilename_len) == FAILURE) {
                return;
@@ -3546,13 +3546,13 @@
                goto clean_exit;
        }
 
-       if (php_openssl_safe_mode_chk(infilename TSRMLS_CC) || 
php_openssl_safe_mode_chk(outfilename TSRMLS_CC)) {
+       if (php_openssl_safe_mode_chk(outfilename TSRMLS_CC)) {
                goto clean_exit;
        }
 
-       infile = BIO_new_file(infilename, "r");
+       infile = BIO_new_mem_buf(infiledata, infiledata_len);
        if (infile == NULL) {
-               php_error_docref(NULL TSRMLS_CC, E_WARNING, "error opening 
input file %s!", infilename);
+               php_error_docref(NULL TSRMLS_CC, E_WARNING, "error opening 
memory input!");
                goto clean_exit;
        }
 

-- 
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php