mostafamemariani / php-for-android

Automatically exported from code.google.com/p/php-for-android
0 stars 0 forks source link

Add OpenSSL support #5

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
It would be great if we had openssl support compiled in PHP for Android - then 
we could e.g. verify that the code downloaded over-the-wire is in fact ours and 
not attacker's. 

I'm preparing the project that allows for remote downloading signed code 
distibuted in Phar archives and verifies the signature using locally contained 
public key. I think this could be a great model for securely distributing the 
code for an application components (apart from APK, application itself could 
download updated code from remote location and be sure that the code has not 
been tampered with).

The only missing pieces are phar and openssl support in PHP for Android. 

Original issue reported on code.google.com by kkotowicz on 29 Jul 2010 at 8:50

GoogleCodeExporter commented 8 years ago
I'm working on a personal application to help manage my virtual private 
servers. My service providers have SolusVM, which has an API that I can 
interface with to boot, reboot, and shutdown my virtual servers at any time. 
The problem is that I must access the api via https, which is currently not 
supported. Openssl is definitely a must have.

Original comment by josh.ric...@gmail.com on 13 Oct 2010 at 6:07

GoogleCodeExporter commented 8 years ago
I've been working in adding openssl support.
SL4A_r3 is rolling a PFA 0.3 prerelease which includes the latest binary (still 
alpha).
This new binary has openssl support. Unfortunately RSA certificates support is 
disabled by now.

This new binary is about 0.2 MB bigger but I think that its [partial] openssl 
support can be interesting. Testing and suggestions are welcome.

The following test code sould work :

<?php

$fp = fsockopen("ssl://www.eff.org", 443, $errno,
$errstr, 30);
if (!$fp) {
    echo "ERROR";
} else {
    $out = "GET / HTTP/1.1\r\n";
    $out .= "Host: www.eff.org\r\n";
    $out .= "Connection: Close\r\n\r\n";
    fwrite($fp, $out);
    while(!feof($fp)) {
        echo fgets($fp, 128);
    }
    fclose($fp);
}

In the future, once We get succeed with phpize crosscompilation We might remove 
openssl support again in the binary.

Original comment by ktulur on 14 Oct 2010 at 10:35

GoogleCodeExporter commented 8 years ago

Original comment by ktulur on 29 Nov 2012 at 9:32