I'd like to improve the openssl_csr_new function to add any X509
"Requested Extensions" [1] to a CSR.
My motivation to improve this functionality is to avoid workarounds like
altering a openssl.cnf file and pass some ENV variable to it [2].
I already implemented the following new functionality:
O
On 15/06/16 03:51, Scott Arciszewski wrote:
> While we're at it, can we also add a function to generate (ephemeral)
> Elliptic Curve Diffie-Hellman keys, and then use openssl_dh_compute_key()
> with ECDH keys? Because that would be a lot saner than having to
> shell_exec() to the OpenSSL binary in
irs but not being able to generate a new key pair
is the main motivation of this PR.
--
Reference to other languages
The following languages have support for a ECC key pair generation:
Ruby [6]
Python via cryptography [7]
Golang [8]
Java via Bouncycastel [9]
---
