php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #37820 Missing algorithm type in openssl_verify().
Submitted: 2006-06-15 18:30 UTC Modified: 2006-07-29 21:57 UTC
Votes:2
Avg. Score:4.5 ± 0.5
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:0 (0.0%)
From: php at lehis dot ru Assigned: pajoye (profile)
Status: Closed Package: OpenSSL related
PHP Version: 5.1.4 OS: FreeBSD 6.1
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: php at lehis dot ru
New email:
PHP Version: OS:

 

 [2006-06-15 18:30 UTC] php at lehis dot ru 
Description:
------------
Can't change algorythm type in  openssl_verify(). So, if data signs by MD5, openssl_verify() always returns FALSE.

It is caused by openssl_verify() always using the SHA1 algorythm, so I think it can be improved by adding the 4th parameter (algorythm to use) to this function, for example, like this: openssl_verify($data, $signature, $pubkeyid, [, int signature_alg]);

Reproduce code:
---------------
openssl_sign($data, $signature, $priv_key_id, OPENSSL_ALGO_MD5);
$ok = openssl_verify($data, $signature, $pub_key_id);
if ($ok == 1) {
   echo "good";
} elseif ($ok == 0) {
   echo "bad";
}

This returns always "bad".

Expected result:
----------------
"ok", but it's impossible :(

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-07-29 21:57 UTC] pajoye@php.net 
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

fixed in 5.2+
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Wed Apr 16 14:01:26 2025 UTC