Hi,
I'm working on a project making large use of OpenSSL to individually
encrypt items inside a database, but I've hit a stumbling block.
There appears to be absolutely no native PHP way (eg without a shell
call to openssl) to get the PEM encoded form of a public key, given
the private key and applicable passphrase.
The closest that can be gotten is a resource key, via:
$tmp = ... // PEM encoded certificate
$pubkey = openssl_pkey_ge t_public($tmp);
From this point however, there is still no way to get PHP to give me
the public key in a PEM encoding, for storage in the database. I've
tried all of the export functions, with various warnings returned from
them.
Getting to the above point from scratch requires generating a
certificate request from the private key, and then a self-signed
certificate from that CSR. While this is doable, leaving out the
self-signed certificate step would produce a large increase in
performance as well.
The openssl command I wish to emulate is:
openssl rsa -pubout <privkey.pem
Surely there must be a way to achieve this simple action?
I'm working on a project making large use of OpenSSL to individually
encrypt items inside a database, but I've hit a stumbling block.
There appears to be absolutely no native PHP way (eg without a shell
call to openssl) to get the PEM encoded form of a public key, given
the private key and applicable passphrase.
The closest that can be gotten is a resource key, via:
$tmp = ... // PEM encoded certificate
$pubkey = openssl_pkey_ge t_public($tmp);
From this point however, there is still no way to get PHP to give me
the public key in a PEM encoding, for storage in the database. I've
tried all of the export functions, with various warnings returned from
them.
Getting to the above point from scratch requires generating a
certificate request from the private key, and then a self-signed
certificate from that CSR. While this is doable, leaving out the
self-signed certificate step would produce a large increase in
performance as well.
The openssl command I wish to emulate is:
openssl rsa -pubout <privkey.pem
Surely there must be a way to achieve this simple action?
Comment