What version of OpenSSL is required for signing with sha256WithRSAEncryption

Question

What version of OpenSSL is required for signing with sha256WithRSAEncryption

Using PHP 5.2.4 and the OpenSSL 0.9.8g module, I am trying to create a signed digest

openssl_sign($stuff, $signeddigest, $key, 'sha256WithRSAEncryption');

Alas, $ signeddigest returns empty and I get no errors.

If you do not specify the 'sha256WithRSAEncryption' algorithm, the signed digest is returned using the default algorithm.

The same code works fine on PHP 5.3.10 and OpenSSL 1.0.0g. Is the 'sha256WithRSAEncryption' algorithm supported in OpenSSL 0.9.8g?

+1

php cryptography openssl

Niels castle May 09 '12 at 21:16

source share

1 answer

Niels castle · Accepted Answer · 2012-06-20T10:12:33+0000

A good friend came up with a workaround for using sha256WithRSAEncryption on the old PHP 5.2.4 module and OpenSSL 0.9.8g.

Using the information available at http://www.di-mgt.com.au/rsa_alg.html , he wrote me the following snippet:

 function my_openssl_sign($data, &$signature, $priv_key_id, $signature_alg = 'sha256WithRSAEncryption') { $pinfo = openssl_pkey_get_details($priv_key_id); $hash = hash('sha256', $data); $t = '3031300d060960864801650304020105000420'; # sha256 $t .= $hash; $pslen = $pinfo['bits']/8 - (strlen($t)/2 + 3); $eb = '0001' . str_repeat('FF', $pslen) . '00' . $t; $eb = pack('H*', $eb); return openssl_private_encrypt($eb, $signature, $priv_key_id, OPENSSL_NO_PADDING); }

Thank you, Mads, you are made of awesomeness!

What version of OpenSSL is required for signing with sha256WithRSAEncryption

More articles: