|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2021-12-19 22:03 UTC] cmb@php.net
-Status: Open
+Status: Closed
-Type: Security
+Type: Feature/Change Request
-Assigned To:
+Assigned To: cmb
[2021-12-19 22:03 UTC] cmb@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Fri Dec 27 00:01:30 2024 UTC |
Description: ------------ It is dangerous to store certificates and privateKeys (without a password) on the disk. Unfortunately, this is needed to load the * .p12 file into stream_context_create. Please, add the option to set certificates and privateKeys from string content or at least from Data URLs, instead the file path only. Test script: --------------- // Using string content // -------------------- openssl_pkcs12_read(file_get_contents('cert.p12'),$certificates,'pass'); $stream_context = stream_context_create( [ 'ssl' => [ 'local_cert' => $certificates['cert'], 'local_pk' => $certificates['pkey'] ] ]); // Using Data URLs // --------------- openssl_pkcs12_read(file_get_contents('cert.p12'),$certificates,'pass'); $stream_context = stream_context_create( [ 'ssl' => [ 'local_cert' => 'data:,'.$certificates['cert'], 'local_pk' => 'data:,'.$certificates['pkey'] ] ]); // Hack: temp files // ---------------- openssl_pkcs12_read(file_get_contents('cert.p12'),$certificates,'pass'); file_put_contents('cert.temp',$certificates['cert']); file_put_contents('pkey.temp',$certificates['pkey']); $stream_context = stream_context_create( [ 'ssl' => [ 'local_cert' => 'cert.temp', 'local_pk' => 'pkey.temp' ] ]); Expected result: ---------------- Reading certificates and privateKeys without temp files. Actual result: -------------- Reading certificates and privateKeys only with temp files.