|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #59134 Can we get RSA-SHA1 support?
Submitted: 2010-03-29 00:42 UTC Modified: 2010-05-04 23:13 UTC
From: sam at digitalfusion dot co dot nz Assigned: datibbaw (profile)
Status: Closed Package: oauth (PECL)
PHP Version: 5.3.0 OS: OS X Server 10.6
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
From: sam at digitalfusion dot co dot nz
New email:
PHP Version: OS:


 [2010-03-29 00:42 UTC] sam at digitalfusion dot co dot nz
Xero (web based accounting package) have just made their 
implementation of Oauth 2 legged authentication, which 
requires RSA-SHA1 signing.

Would be great if this implementation could be achieved with 
this library.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2010-03-29 11:42 UTC]
From my perspective, pecl/oauth would need to support a 
setRSACertificate() method (or something similar) which 
would take a single argument and pass the value along to openssl_get_privatekey(). From there, it's a matter of 
simply signing with openssl_sign() in place of hash_hmac.

We should look into adding this for pecl/oauth-1.0.

Thanks for the feedback!

- JJ
 [2010-03-29 23:02 UTC]
Fixed in SVN, but not tested ;-)
 [2010-03-30 16:57 UTC] sam at digitalfusion dot co dot nz
Fantastic, I'll give it a whirl this afternoon.
 [2010-04-12 19:18 UTC] james at digitalfusion dot co dot nz
Build using process of 
checkout,phpize,configure,make,install appears to go 
cleanly, but php gives this error on loading:

PHP Startup: Unable to load dynamic library 
20060613/' - (null) in Unknown on line 0

We are trying to replace 0.99.9 release with svn trunk 
version to test this. Noticed that trunk version does not 
seem to have a dependency on curl, unlike the release one, 
Trunk vers otool output:

otool -L /usr/lib/php/extensions/no-debug-non-zts-
	/usr/lib/libgcc_s.1.dylib (compatibility version 
1.0.0, current version 1.0.0)
	/usr/lib/libSystem.B.dylib (compatibility version 
1.0.0, current version 111.1.4)

Release vers output:
otool -L
	/usr/lib/libcurl.4.dylib (compatibility version 
5.0.0, current version 5.0.0)
	/usr/lib/libgcc_s.1.dylib (compatibility version 
1.0.0, current version 1.0.0)
	/usr/lib/libSystem.B.dylib (compatibility version 
1.0.0, current version 111.1.4)

libraries do seem to exist.

Not sure where to go from here! Advice appreciated. Note 
this is on a 10.5.8 server, our dev machine. Ultimate 
deployment target is 10.6 server.

 [2010-04-12 21:02 UTC]
I wasn't able to replicate this on Snow Leopard.

Here are my results with trunk:

$ /usr/local/bin/phpize && ./configure && sudo make install
$ /usr/local/bin/php -m
$ cd examples/twitter
$ php updateStatus.php 
I think I got a valid request token, navigate your www 
client to:

Once you finish authorizing, hit ENTER or INTERRUPT to exit

$ otool -L /usr/local/lib/php/extensions/debug-non-zts-
	/usr/lib/libSystem.B.dylib (compatibility version 
1.0.0, current version 125.0.1)
 [2010-04-27 06:08 UTC] sam at digitalfusion dot co dot nz
Ok, so we got the module installed and working, but now Apache is getting a 
segmentation fault when I run the fetch method after using the 
setRSACertificate method.

Here's the entries from Apache's log:
[Tue Apr 27 14:08:21 2010] [notice] child pid 29046 exit signal Segmentation 
fault (11)
[Tue Apr 27 14:08:21 2010] [notice] child pid 29045 exit signal Segmentation 
fault (11)
[Tue Apr 27 14:08:21 2010] [notice] child pid 28947 exit signal Segmentation 
fault (11)

And here is the exact code that will cause this:

// Create the object.

// Add the key.
$oauth->setRSACertificate( file_get_contents( XERO_RSASHA1_PRIVATE ) );

// Fetch the details.
$oauth->fetch( API_XERO.'Organisation', null, OAUTH_HTTP_METHOD_GET );

The actual code I've written checks for the errors thrown by setRSACertificate, 
and as far as I can tell my certificate is valid (nothing is thrown when I set 
it, so I assume its working).
 [2010-04-27 08:32 UTC]
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read for *NIX and for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.

Cannot reproduce on Apache 2.2.15 / PHP 5.2.13

Will require a backtrace of the whole Apache/PHP/Oauth stack

You can run apache in the foreground using -X and then attach gdb
 [2010-05-04 20:34 UTC] sam at digitalfusion dot co dot nz
Looks like this was caused by a bad php config. All sorted now 
- thanks.
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Tue Sep 26 03:01:25 2023 UTC