Re: [PHP] php, openssl and GOST ciphers

2013-03-27 Thread czirzow 
My suggestion is to ensure all the paths to what you use are valid 

This should help:

var_dump('file://'.realpath('./p12.pem'));

Does that and the rest of the files
Exists?

I do hope these files are not in your document root

Curt.
--
Resistance is futile 

On Mar 22, 2013, at 12:35 PM, Eugene M. Zheganin e...@norma.perm.ru wrote:

 Hi.
 
 I'm trying to sign an S/MIME with PHP, using a pair of GOST-encrypted 
 certificate and a private key.
 
 When using openssl itself from a console everything is fine:
 
 /usr/local/openssl/bin/openssl cms -sign -in file.txt -out signedfile.txt 
 -signer p12.pem
 (signedfile.txt is created)
 
 /usr/local/openssl/bin/openssl cms -verify -in signedfile.txt -out 
 signedddata.txt -no_signer_cert_verify -issuer_checks -ignore_critical
 Verification successful
 
 When using PHP code I'm kinda stuck:
 
 $res = openssl_pkcs7_sign(file.txt, phpsignedfile.txt, 
 'file://'.realpath('./p12.pem'), 'file://'.realpath('./p12.pem'), array(To 
 = f...@bar.com, From: FooBar f...@bar.com, Subject = Foo Bar));
 
 if (!$res) {
 while ($msg = openssl_error_string())
  echo $msg . br /\n;
 echo Failed to sign.\n; exit;
 }
 
 I get:
 
 # /usr/local/php/bin/php sign-clear.php
 PHP Warning:  openssl_pkcs7_sign(): error getting private key in 
 /root/tests/sign-clear.php on line 3
 error:0609E09C:digital envelope routines:PKEY_SET_TYPE:unsupported 
 algorithmbr /
 error:0606F076:digital envelope routines:EVP_PKCS82PKEY:unsupported private 
 key algorithmbr /
 error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 libbr /
 Failed to sign.
 
 The 'error getting private key' is all the time here, except for when it 
 really cannot be loaded I get the 'no start line error'. So this output 
 really looks like PHP openssl module cannot find a proper cipher.
 
 How do I tell PHP that this is a GOST cipher ? I'm telling this to openssl 
 either using a config file, or using a direct '-engine gost' option. Is there 
 a way to tell PHP the same thing ?
 
 I have indeed a PHP compiled and linked to a GOST-enabled openss 1.0.1e 
 (openssl module was built with PHP together):
 
 # /usr/local/openssl/bin/openssl ciphers | grep -i GOST
 ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:GOST2001-GOST89-GOST89:GOST94-GOST89-GOST89:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:PSK-3DES-EDE-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:IDEA-CBC-SHA:PSK-AES128-CBC-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:PSK-RC4-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5
 
 (notice it's the default config output)
 
 # ldd /usr/local/php/bin/php
linux-vdso.so.1 =  (0x7fff42455000)
libcrypt.so.1 = /lib/libcrypt.so.1 (0x7f1077404000)
libresolv.so.2 = /lib/libresolv.so.2 (0x7f10771ee000)
librt.so.1 = /lib/librt.so.1 (0x7f1076fe5000)
libmcrypt.so.4 = /usr/lib/libmcrypt.so.4 (0x7f1076db3000)
libltdl.so.7 = /usr/lib/libltdl.so.7 (0x7f1076baa000)
libdl.so.2 = /lib/libdl.so.2 (0x7f10769a5000)
libfreetype.so.6 = /usr/lib/libfreetype.so.6 (0x7f107671d000)
libz.so.1 = /usr/lib/libz.so.1 (0x7f1076506000)
libpng12.so.0 = /lib/libpng12.so.0 (0x7f10762df000)
libjpeg.so.62 = /usr/lib/libjpeg.so.62 (0x7f10760bc000)
libcrypto.so.1.0.0 = /usr/local/openssl/lib/libcrypto.so.1.0.0 
 (0x7f1075ce2000)
libssl.so.1.0.0 = /usr/local/openssl/lib/libssl.so.1.0.0 
 (0x7f1075a78000)

Re: [PHP] Compiler for the PHP code

2013-03-27 Thread czirzow 
As suggested look at APC, although I expect the problem is not with php but how 
you wrote things, it could be database related.

If you need to compile php to make things faster, you have a problem outside of 
php

Curt.

On Mar 19, 2013, at 4:46 AM, Kevin Peterson qh.res...@gmail.com wrote:

 My webcode written in PHP and it is running in the interpreted way. My 
 problem is it is not giving the desired performance so want to try the 
 compiler if any. 
 Please suggest if we have any compiler option available for the PHP code and 
 more important is this new option.
 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php