Explanation about OpenSSL in PHP
Hello everyone,
I am having some doubt related to the PHP programming language. I am not able to understand about an OpenSSL. I have never heard about this before, I just read this in my tutorial. So thought to ask you guys, as you always give the proper explanation. Please tell me about OpenSSL in PHP.!! Expecting the same help as you always do.!! :ohmy:
Re: Explanation about OpenSSL in PHP
This extension uses the functions of OpenSSL to generate and verify signatures and to seal (encrypt) and opening (decrypting) data. OpenSSL offers many features that this module currently does not. Some may be added in the future. To use the OpenSSL functions you must install functions "OpenSSL. PHP from version 4.0.5 and 4.3.1 work with OpenSSL> = 0.9.5. Other versions (PHP <= 4.0.4 and> = 4.3 .2) require OpenSSL> = 0.9.6. You are strongly encouraged to use the latest version of OpenSSL to avoid certain vulnerabilities on your web server.
Re: Explanation about OpenSSL in PHP
To use PHP's OpenSSL support, you must also compile PHP with the configure option - with-openssl [= DIR]. If you are using the Win32, then to run this extension, some DLLs must be available via the Windows systems PATH. Although copying DLL files from the PHP folder in the Windows system folder also works, because the system is lacking in the PATH system, but this method is not recommended. This extension requires the following files are in the PATH :
Also, if you plan to use the functions relating to the generation of keys and certificates, you must install a valid openssl.cnf on your system. Since PHP 4.3.0, we include a configuration file basis in distributions of PHP for win32. PHP 4.3.x and 4.4.x have this file in the openssl. PHP 5.x and 6.x have this file in the extras / openssl. If you use PHP 4.2.x or if the file is not present, you can get on top of the OpenSSL binary or downloading a recent version of PHP.
Re: Explanation about OpenSSL in PHP
You should keep in mind that windows explorer default cache files whose extension is .Cnf and indicates that the file type is SpeedDial. PHP will search for the openssl.cnf following the following :
- The OPENSSL_CONF environment variable, if defined, will be used as the path to the configuration file.
- The SSLEAY_CONF environment variable, if defined, will be used as the path to the configuration file.
- The file openssl.cnf will be assumed to be in the folder of certificates, as configured at compile openssl library.
In your installation, you must decide whether to install the file in c: \ usr \ local \ ssl \ openssl.cnf or whether you do it elsewhere and configure an environment variable
Re: Explanation about OpenSSL in PHP
I am providing you some of the predefined constants of OpenSSL, which are as follows :
- Checking flags
- Filling Options (Padding)
- Key types
- PKCS7 Flags / Constants
- Signature Algorithm
- Ciphers
- Version constants
Re: Explanation about OpenSSL in PHP
Many of the OpenSSL functions require a key or a certificate parameter. PHP 4.0.5 and earlier have to use keys or certificates as a resource returned by one function openssl_get_xxx (). Later versions may use the following version :
- A key resource returned by openssl_get_publickey () or openssl_get_privatekey ()
- An X.509 resource returned by openssl_x509_read ()
- A string format file: / / path / to / cert.pem; The file identified must contain a certificate, PEM encoded
- A string containing a key or certificate PEM encoded
- For private keys, you can also use the syntax array ($ key, $ passphrase) where $ key represents a key specified by a file or a textual representation as mentioned above, and $ passphrase represents a string containing the phrase password for that private key.