Hello all. > Openssl starting from version 0.9.8 supports the ECDSA signature > algorithm. Return value of the openssl_get_md_methods() also includes > "ecdsa-with-SHA1" string. But if I call openssl_sign() with EC key > then I have an error: "key type not supported in this PHP build!". > > After some time of digging I discover that this error is rises in the > php_openssl_is_private_key() in the openssl.c file. This function > simply don't includes check for EVP_PKEY_EC. All signature related > actions are performed by OpenSSL library by self and don't depend on > any internal code.
I apologize for the clamor. I made premature conclusions. Actually PHP generates a warning, not an error. And despite this warning ECDSA signing is working perfectly. The php_openssl_is_private_key() function determines the presence of the private key. If this function doesn't know a key's structure of particular type, then it generate a warning and return a __positive__ result. Since the OpenSSL header files do not include ec_key_st structure definition we can not test private key presence. And this warning stay here permanently until developers from OpenSSL not supplied us with a special API or definition of the structure. So it goes. -- With best wishes Sergey Ryazanov -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
