Edit report at https://bugs.php.net/bug.php?id=38917&edit=1
ID: 38917 Updated by: s...@php.net Reported by: zeph at purotesto dot it Summary: OpenSSL: signing function for spkac -Status: No Feedback +Status: Open Type: Feature/Change Request Package: OpenSSL related Operating System: Irrilevant PHP Version: trunk Block user comment: N Private report: N Previous Comments: ------------------------------------------------------------------------ [2013-02-18 00:33:52] php-bugs at lists dot php dot net No feedback was provided. The bug is being suspended because we assume that you are no longer experiencing the problem. If this is not the case and you are able to provide the information that was requested earlier, please do so and change the status of the bug back to "Open". Thank you. ------------------------------------------------------------------------ [2012-12-19 15:14:04] queenzeal at gmail dot com If you want SPKAC support in PHP without having to recompile it, try the latest Git version of phpseclib (http://phpseclib.sourceforge.net/). An example of how to use it: http://www.frostjedi.com/phpbb3/viewtopic.php?p=389618#p389618 ------------------------------------------------------------------------ [2012-01-10 10:38:37] jason dot gerfen at gmail dot com I have added the requested test case and it is included in the patch as 026.phpt. I have also performed the required testing against the Openssl 0.9.8x and 1.0.0x. It is attached to the original bug report #38917. In addition to attaching the proposed patch I have created a github repo to make maintenance on the patch simple for myself. The URL is https://github.com/jas-/SPKAC-PHP-OpenSSL. ------------------------------------------------------------------------ [2011-12-21 10:49:08] jason dot gerfen at gmail dot com Once again, please disregard the last message. After researching the documentation I found that where I had been using NULL with the openssl_csr_sign() function allows for a CA option as well as the SPKAC addition to the configargs optional array. The patch was updated last night to include the 026.phpt test script, as well as the five new functions to work with the SPKI provided by keygen tags. How do patch inclusions work besides posting them to the php internals list? ------------------------------------------------------------------------ [2011-12-14 22:10:52] jason dot gerfen at gmail dot com Please disregard my previous comment. I did a little more digging and am under the impression that adding the following to php_openssl_make_REQ() function should allow me to create a self signed certificate using the SPKAC NID like so? if (strcmp(strindex, "SPKAC") == 0) { if (!X509_NAME_add_entry_by_txt(subj, strindex, MBSTRING_ASC, (unsigned char*)Z_STRVAL_PP(item), -1, -1, 0)){ php_error_docref(NULL TSRMLS_CC, E_WARNING, "dn: add_entry_by_txt %s -> %s (failed)", strindex, Z_STRVAL_PP(item)); return FAILURE; } } Would you recommend another method? Please advise. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=38917 -- Edit this bug report at https://bugs.php.net/bug.php?id=38917&edit=1
