File: reference.xml

package info (click to toggle)
php-doc 20061001-1
  • links: PTS
  • area: non-free
  • in suites: etch, etch-m68k
  • size: 45,764 kB
  • ctags: 1,611
  • sloc: xml: 502,485; php: 7,645; cpp: 500; makefile: 297; perl: 161; sh: 141; awk: 28
file content (164 lines) | stat: -rw-r--r-- 4,959 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
 
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.11 $ -->
<!-- Purpose: mathcrypto.crypto -->
<!-- Membership: bundled, external -->

 <reference id="ref.openssl">
  <title>OpenSSL Functions</title>
  <titleabbrev>OpenSSL</titleabbrev>
  <partintro>
   <section id="openssl.intro">
   &reftitle.intro;
    <para>
     This module uses the functions of <ulink
     url="&url.openssl;">OpenSSL</ulink> for generation and verification
     of signatures and for sealing (encrypting) and opening (decrypting)
     data. OpenSSL offers many features that this module currently doesn't
     support. Some of these may be added in the future.
    </para>
   </section>

   <section id="openssl.requirements">
    &reftitle.required;
    <para>
     In order to use the OpenSSL functions you need to install the <ulink
     url="&url.openssl;">OpenSSL</ulink> package.
     PHP between versions 4.0.5 and 4.3.1 will work with OpenSSL &gt;= 0.9.5.
     Other versions (PHP &lt;=4.0.4pl1 and &gt;= 4.3.2) require OpenSSL &gt;=
     0.9.6.
    </para>
    <warning>
     <para>
      You are strongly encouraged to use the most recent OpenSSL version,
      otherwise your web server could be vulnerable to attack.
     </para>
    </warning>
   </section>

   &reference.openssl.configure;

   <section id="openssl.configuration">
    &reftitle.runtime;
    &no.config;
   </section>

   <section id="openssl.resources">
    &reftitle.resources;
    <para>
    </para>
   </section>

   <section id="openssl.certparams">
    <title>Key/Certificate parameters</title>
    <para>
     Quite a few of the openssl functions require a key or a certificate
     parameter. PHP 4.0.5 and earlier have to use a key or certificate
     <type>resource</type> returned by one of the openssl_get_xxx functions.
     Later versions may use one of the following methods:
     <itemizedlist>
      <listitem>
       <para>
        Certificates
        <orderedlist>
         <listitem>
          <simpara>
           An X.509 resource returned from
           <function>openssl_x509_read</function>
          </simpara>
         </listitem>
         <listitem>
          <simpara>A string having the format
           <filename>file://path/to/cert.pem</filename>; the named file must
           contain a PEM encoded certificate
          </simpara>
         </listitem>
         <listitem>
          <simpara>
           A string containing the content of a certificate, PEM encoded
          </simpara>
         </listitem>
        </orderedlist>
       </para>
      </listitem>
      
      <listitem>
       <para>
        Public/Private Keys
        <orderedlist>
         <listitem>
          <simpara>A key resource returned from
           <function>openssl_get_publickey</function> or
           <function>openssl_get_privatekey</function>
          </simpara>
         </listitem>
         <listitem>
          <simpara>For public keys only: an X.509 resource</simpara>
         </listitem>
         <listitem>
          <simpara>A string having the format
           <filename>file://path/to/file.pem</filename> - the named file must
           contain a PEM encoded certificate/private key (it may contain both)
          </simpara>
         </listitem>
         <listitem>
          <simpara>
           A string containing the content of a certificate/key, PEM encoded
          </simpara>
         </listitem>
         <listitem>
          <simpara>
           For private keys, you may also use the syntax
           <emphasis>array($key, $passphrase)</emphasis> where $key represents a
           key specified using the file:// or textual content notation above, and
           $passphrase represents a string containing the passphrase for that
           private key
          </simpara>
         </listitem>
        </orderedlist>
       </para> 
      </listitem>
     </itemizedlist>
    </para>
   </section>


   <section id="openssl.cert.verification">
   <title>Certificate Verification</title>
    <para>
     When calling a function that will verify a signature/certificate, the
     <emphasis>cainfo</emphasis> parameter is an array containing file and
     directory names that specify the locations of trusted CA files. If a
     directory is specified, then it must be a correctly formed hashed
     directory as the <command>openssl</command> command would use.
    </para>
   </section> 

   &reference.openssl.constants;


  </partintro>

&reference.openssl.functions;

</reference>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"../../../manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
vim600: syn=xml fen fdm=syntax fdl=2 si
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->