I'm writing a web front end to a PKI system for our users. The web front end will generate a private key and certificate signing request(CSR) that will be uploaded to a Certificate Authority for signing. I'm using the PHP shell_exec command:
$output = shell_exec("openssl req -nodes -newkey rsa:2048 -nodes -subj \"/C=US/ST=SomeState/L=SomeCITY/O=SomeCompany/OU=SomeOU/CN=test.domain\" -keyout /dev/stdout");
The variable $output contains both the private key and the CSR. Before I'm going any further, I have a question: Because I'm getting my data from standard output, is it possible for another program to write something else to stdout while openssl execute? What happen if two users visit the PHP page at the same time? I know the possibility is very remote, but I just want to make sure that nothing can mess up the private key and CSR before it is entered into a database. Thanks in advance!
P.S. In case you're wondering, the private key will be encrypted with the sha1sum of a user supplied password using MySQL encrypt function.
$output = shell_exec("openssl req -nodes -newkey rsa:2048 -nodes -subj \"/C=US/ST=SomeState/L=SomeCITY/O=SomeCompany/OU=SomeOU/CN=test.domain\" -keyout /dev/stdout");
The variable $output contains both the private key and the CSR. Before I'm going any further, I have a question: Because I'm getting my data from standard output, is it possible for another program to write something else to stdout while openssl execute? What happen if two users visit the PHP page at the same time? I know the possibility is very remote, but I just want to make sure that nothing can mess up the private key and CSR before it is entered into a database. Thanks in advance!
P.S. In case you're wondering, the private key will be encrypted with the sha1sum of a user supplied password using MySQL encrypt function.
Facebook
Twitter