Hi Wez,
On 2/10/07, Wez Furlong <[EMAIL PROTECTED]> wrote:
I'd like to tuck the attached patch into the PHP 5 branch.
It provides the following functions, and does not modify the behavior
of any of the others:
openssl_bignum_from_bin
openssl_bignum_from_hex
openssl_bignum_from_dec
openssl_bignum_to_string
openssl_dh_generate_key
openssl_dh_compute_key
openssl_dh_get_params
openssl_dh_generate_parameters
openssl_dsa_verify
These functions allow one to implement OpenID and TypeKey
authentication schemes without resorting to writing crypto code in
user-space PHP--aside from the speed advantage, you have the benefit
of using the tried and trusted OpenSSL for your DH kex.
As the idea is good (we discussed it many times), I would like a
cleaner approach. The main problem in ext/openssl is its API. We
added new functions for each small features addition, even if the
feature itself is 99% the same as an existing function.
The Big numbers API is not an exception. It can be even worst as it is
really a single instance (a openssl big number) which can be processed
(BN operations), exported or set.
If you are in a hurry, I can clean my patch for the OO interface and
prepare a php5 version. I think it would definitively better. However,
if other prefers to go with your new functions for now, it will not be
a big problem, it only clutters the api a bit more ;).
Cheers,
--Pierre
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
