需要使用sha256WithRSAEncryption签名需要什么版本的OpenSSL [英] What version of OpenSSL is needed to sign with sha256WithRSAEncryption
问题描述
使用PHP 5.2.4和OpenSSL 0.9.8g模块我试图创建一个签名的摘要
openssl_sign stuff,$ signeddigest,$ key,'sha256WithRSAEncryption');
Alas $ signeddigest返回为空,没有错误。
如果不指定sha256WithRSAEncryption算法,则使用默认算法返回签名的摘要。
相同的代码在PHP 5.3.10和OpenSSL 1.0.0g上运行良好。
一个好朋友提出了使用sha256WithRSAEncryption的解决方法在旧的PHP 5.2.4和OpenSSL 0.9.8g模块上。
使用 http://www.di-mgt.com.au/rsa_alg.html 他给我写了以下片段:
function my_openssl_sign($ data,& $ signature,$ priv_key_id,$ signature_alg ='sha256WithRSAEncryption'){
$ pinfo = openssl_pkey_get_details($ priv_key_id);
$ hash = hash('sha256',$ data);
$ t ='3031300d060960864801650304020105000420'; #sha256
$ t。= $ hash;
$ pslen = $ pinfo ['bits'] / 8 - (strlen($ t)/ 2 + 3);
$ eb ='0001'。 str_repeat('FF',$ pslen)。 '00'。 $ t;
$ eb = pack('H *',$ eb);
return openssl_private_encrypt($ eb,$ signature,$ priv_key_id,OPENSSL_NO_PADDING);
}
谢谢Mads,
Using PHP 5.2.4 and the OpenSSL 0.9.8g module I am trying to create a signed digest
openssl_sign($stuff, $signeddigest, $key, 'sha256WithRSAEncryption');
Alas $signeddigest is returned empty and I get no errors.
If don't specify the 'sha256WithRSAEncryption' algorithm a signed digest is returned by using the default algorithm.
The same code is running fine on PHP 5.3.10 and OpenSSL 1.0.0g. Is the 'sha256WithRSAEncryption' algorithm not supported in OpenSSL 0.9.8g?
A good friend came up with a workaround for using sha256WithRSAEncryption on an old PHP 5.2.4 and OpenSSL 0.9.8g module.
Using the information available at http://www.di-mgt.com.au/rsa_alg.html he wrote me the following snippet:
function my_openssl_sign($data, &$signature, $priv_key_id, $signature_alg = 'sha256WithRSAEncryption') {
$pinfo = openssl_pkey_get_details($priv_key_id);
$hash = hash('sha256', $data);
$t = '3031300d060960864801650304020105000420'; # sha256
$t .= $hash;
$pslen = $pinfo['bits']/8 - (strlen($t)/2 + 3);
$eb = '0001' . str_repeat('FF', $pslen) . '00' . $t;
$eb = pack('H*', $eb);
return openssl_private_encrypt($eb, $signature, $priv_key_id, OPENSSL_NO_PADDING);
}
Thank you, Mads, you're made of awesomeness!
这篇关于需要使用sha256WithRSAEncryption签名需要什么版本的OpenSSL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!