Hi James,

No, this question has never been asked not answered AFAICT.
You are correct: the passphrase _is_ being ignored; I'll
fix it in CVS; the fix should also make it into PHP 4.2 (but RC2,
not the current one).

Thanks for reporting this problem: I have had virtually no feedback
on the newer functions in the openssl extension (perhaps because the
docs are not all that great right now).

BTW: some of the alternative methods of getting the key might work
for your current build, so you could try something like this:

$passphrase = "banana";
$key = openssl_pkey_get_private(
   array(
      "file:///tmp/banana/pkey1.pem",
      $passphrase
   )
);

which saves you the fopen() call.
openssl_pkey_get_private is the "preferred" name for the function;
openssl_get_privatekey is a backwards compatible alias.

--Wez.


On 26/03/02, "James Blast" <[EMAIL PROTECTED]> wrote:
> Hi,
> 
> hope this question has not been answered too often, but search is
> offline :(
> 
> I have a problem with openssl_get_privatekey. Im trying to generate an
> private-key, writing it encrypted to disk and using it later to decrypt
> a secret message.
> The functions works without a password like a charm, but if I'm trying
> to read the private key with a password nothing seems to work. 
> In a browser I get errors fprom openssl_open because it has no valid
> key-resource (how without a password .. works as designed) and with the
> cgi-verion on command-line, the openssl callback pops up and prompts me
> for a password. If I enter there the passphrase the message gets
> decrypted. 
> I'm going nuts on this ... resource openssl_get_privatekey ( mixed key
> [, string passphrase]) ist not that complicated :(
> 
> Here're some code-snippets (very simple, just inteded to verifiy basic
> functionality)
> 
> Generating the key :
> ---snip---
> $passphrase = "banana";
> $privkey = openssl_pkey_new($dn);
> openssl_pkey_export_to_file($privkey, "/tmp/banana/pkey1.pem",
> $passphrase);
> ---snip---
> 
> Loading the key and decoding something
> ---snip---
> $passphrase = "banana";
> $fp = fopen("/tmp/banana/pkey1.pem", "r");
> $pkey = fread($fp, 8192);
> fclose($fp);
> $key = openssl_get_privatekey($pkey,$passphrase);
> ...
> openssl_open("$sealed",$open,"$ekey","$key");
> ---snip---
> 
> Output on command-line :
> 
> vincent:/w3/data/ssltest# php decrypt.php 
> X-Powered-By: PHP/4.3.0-dev
> Content-type: text/html; charset=iso-8859-15
> 
> Enter PEM pass phrase:
> 
> Used versions :
> 
> php4-200203240600
> openssl-0.9.6c
> openssl-0.9.7-stable-SNAP-20020324
> apache_1.3.24
> 
> Also tries gcc-2.95.4 and gcc-3.0.4 with and without -O3
> compile-arguments ... nothing :(
> 
> Any Ideas Folks ?
> 
> 
> TIA & Greetz
> 
> James
> 
> 
> 
> 
> 
> -- 
> PHP Development Mailing List <http://www.php.net/>
> To unsubscribe, visit: http://www.php.net/unsub.php




-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to