From my perspective, pecl/oauth would need to support a 
setRSACertificate() method (or something similar) which 
would take a single argument and pass the value along to openssl_get_privatekey(). From there, it's a matter of 
simply signing with openssl_sign() in place of hash_hmac.

We should look into adding this for pecl/oauth-1.0.

Thanks for the feedback!

- JJ

Fixed in SVN, but not tested ;-)

Fantastic, I'll give it a whirl this afternoon.

Build using process of 
checkout,phpize,configure,make,install appears to go 
cleanly, but php gives this error on loading:

PHP Startup: Unable to load dynamic library 
'/usr/local/php5/lib/php/extensions/no-debug-non-zts-
20060613/oauth.so' - (null) in Unknown on line 0

We are trying to replace 0.99.9 release with svn trunk 
version to test this. Noticed that trunk version does not 
seem to have a dependency on curl, unlike the release one, 
Trunk vers otool output:

otool -L /usr/lib/php/extensions/no-debug-non-zts-
20060613/oauth.so
/usr/lib/php/extensions/no-debug-non-zts-20060613/oauth.so:
	/usr/lib/libgcc_s.1.dylib (compatibility version 
1.0.0, current version 1.0.0)
	/usr/lib/libSystem.B.dylib (compatibility version 
1.0.0, current version 111.1.4)


Release vers output:
otool -L oauth.so 
oauth.so:
	/usr/lib/libcurl.4.dylib (compatibility version 
5.0.0, current version 5.0.0)
	/usr/lib/libgcc_s.1.dylib (compatibility version 
1.0.0, current version 1.0.0)
	/usr/lib/libSystem.B.dylib (compatibility version 
1.0.0, current version 111.1.4)


libraries do seem to exist.

Not sure where to go from here! Advice appreciated. Note 
this is on a 10.5.8 server, our dev machine. Ultimate 
deployment target is 10.6 server.

Thanks.

I wasn't able to replicate this on Snow Leopard.

Here are my results with trunk:

$ /usr/local/bin/phpize && ./configure && sudo make install
$ /usr/local/bin/php -m
...
OAuth
...
$ cd examples/twitter
$ php updateStatus.php 
I think I got a valid request token, navigate your www 
client to:

https://twitter.com/oauth/authorize?oauth_token=----

Once you finish authorizing, hit ENTER or INTERRUPT to exit

^C
$ otool -L /usr/local/lib/php/extensions/debug-non-zts-
20090626/oauth.so 
/usr/local/lib/php/extensions/debug-non-zts-
20090626/oauth.so:
	/usr/lib/libSystem.B.dylib (compatibility version 
1.0.0, current version 125.0.1)

Ok, so we got the module installed and working, but now Apache is getting a 
segmentation fault when I run the fetch method after using the 
setRSACertificate method.

Here's the entries from Apache's log:
[Tue Apr 27 14:08:21 2010] [notice] child pid 29046 exit signal Segmentation 
fault (11)
[Tue Apr 27 14:08:21 2010] [notice] child pid 29045 exit signal Segmentation 
fault (11)
[Tue Apr 27 14:08:21 2010] [notice] child pid 28947 exit signal Segmentation 
fault (11)

And here is the exact code that will cause this:

// Create the object.
$oauth = new OAuth( XERO_DEV_KEY, XERO_DEV_KEY, OAUTH_SIG_METHOD_RSASHA1 );

// Add the key.
$oauth->setRSACertificate( file_get_contents( XERO_RSASHA1_PRIVATE ) );

// Fetch the details.
$oauth->fetch( API_XERO.'Organisation', null, OAUTH_HTTP_METHOD_GET );

The actual code I've written checks for the errors thrown by setRSACertificate, 
and as far as I can tell my certificate is valid (nothing is thrown when I set 
it, so I assume its working).

Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.

Cannot reproduce on Apache 2.2.15 / PHP 5.2.13

Will require a backtrace of the whole Apache/PHP/Oauth stack

You can run apache in the foreground using -X and then attach gdb

Looks like this was caused by a bad php config. All sorted now 
- thanks.