Niels Castle
Reputation: 8069
What version of OpenSSL is needed to sign with sha256WithRSAEncryption
Using PHP 5.2.4 and the OpenSSL 0.9.8g module I am trying to create a signed digest
openssl_sign($stuff, $signeddigest, $key, 'sha256WithRSAEncryption');
Alas $signeddigest is returned empty and I get no errors.
If don't specify the 'sha256WithRSAEncryption' algorithm a signed digest is returned by using the default algorithm.
The same code is running fine on PHP 5.3.10 and OpenSSL 1.0.0g. Is the 'sha256WithRSAEncryption' algorithm not supported in OpenSSL 0.9.8g?
Upvotes: 2
Views: 5051
Answers (1)
Niels Castle
Reputation: 8069
A good friend came up with a workaround for using sha256WithRSAEncryption on an old PHP 5.2.4 and OpenSSL 0.9.8g module.
Using the information available at http://www.di-mgt.com.au/rsa_alg.html he wrote me the following snippet:
function my_openssl_sign($data, &$signature, $priv_key_id, $signature_alg = 'sha256WithRSAEncryption') {
$pinfo = openssl_pkey_get_details($priv_key_id);
$hash = hash('sha256', $data);
$t = '3031300d060960864801650304020105000420'; # sha256
$t .= $hash;
$pslen = $pinfo['bits']/8 - (strlen($t)/2 + 3);
$eb = '0001' . str_repeat('FF', $pslen) . '00' . $t;
$eb = pack('H*', $eb);
return openssl_private_encrypt($eb, $signature, $priv_key_id, OPENSSL_NO_PADDING);
}
Thank you, Mads, you're made of awesomeness!
Upvotes: 10
Related Questions
- What is the equivelent of "openssl dgst -sha1 -sign"?
- Which OpenSSL version supports SHA256?
- How to create signature using SHA256WithRSA and PKCS#8 in PHP
- Openssl and PHP
- PHP implementation of openssl dgst -sha256 -sign
- Which version of openssl should I use?
- PHP openssl_sign with SHA512
- Issues with OpenSSL on PHP - different behaviour for different versions
- Create certificate for openssl_pkcs7_sign in php
- Using openssl in PHP 5.3