php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #60936 openssl_verify does not work ok.
Submitted: 2012-01-31 00:12 UTC Modified: 2012-01-31 07:56 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: baylina at uniclau dot com Assigned:
Status: Not a bug Package: OpenSSL related
PHP Version: 5.3.9 OS: Any
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: baylina at uniclau dot com
New email:
PHP Version: OS:

 

 [2012-01-31 00:12 UTC] baylina at uniclau dot com
Description:
------------
Some times, openssl_verify does not recognize a valid signature. The same input 
in the openssl command line works ok.

See the case.

You can verify with command line ssh that both signatures are ok:

$ echo "-----BEGIN PUBLIC KEY-----
MIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgGLgfmIN4O+aqfPGN1BkWW1hzCdj
XqozEKyFnOTWCyp+H301nILC6JFV1WAEQnCZE/B8VTArlSYnOySU+MjU11jRSYTz 
nHokHLhCVkH/o/4ZqL1s0rtoJ62f6Loc3mZHRX7l2PJGTXNQJGTNRTh1kdJthA3S
LMwa4ReOEyjIG7e7AgMBAAE= 
-----END PUBLIC KEY-----" > test.pub
	
$ echo -n "1327943790" > test_err.txt
$ openssl dgst -sha1 -binary -out test_err.sha1 test_err.txt
	
$ echo "SEjTquEPcqY0V90KYvDi7ofGiKlc53T4XzHwHtIgcN5wuOg4JxffK
trLN9Tq+8c/045m15JXULJUMkN7fdDUqtxFyIBSEt4nqhvZgLDVQBIBXJRF8
c32CBaLsG837hZra8/nD5b4T+sCyEXRUMmcfflhJiMIr7l72sOxgRmzTw==" > test_err.sig.64
$ base64 -D -i test_err.sig.64 -o test_err.sig
	
$ openssl rsautl -verify -inkey test.pub -pkcs -pubin -in test_err.sig -out 
test_err.sha1.calc
	
$ hexdump test_err.sha1
0000000 d8 44 89 0c 34 cb 0d 64 23 28 56 56 85 25 c8 46
0000010 f4 e8 f8 3d                                    
0000014
	
$ hexdump test_err.sha1.calc
0000000 30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 d8
0000010 44 89 0c 34 cb 0d 64 23 28 56 56 85 25 c8 46 f4
0000020 e8 f8 3d                                       
0000023
	
// You can see that the last bytes (the dgst) are the same.
	
$ echo -n "1327943823" > test_ok.txt
$ openssl dgst -sha1 -binary -out test_ok.sha1 test_ok.txt
	
$ echo "GURbsl4CFPCG83RCZxsEpoRleXicXQhH1OC4Fk77b7EMj2g8aHUhD/L+sm
oGSVpuEwup1fmkZBADXwBel8UKsmxgTLRX+vlGgyTr1XPqqHFNjtL33fd5
7NuKBqaJjwSp7D5xVMeVdQtQQbsKuKx5AvOPPyZfdtdyoJw/all1tl4=" > test_ok.sig.64
$ base64 -D -i test_ok.sig.64 -o test_ok.sig
	
$ openssl rsautl -verify -inkey test.pub -pkcs -pubin -in test_ok.sig -out 
test_ok.sha1.calc
	
$ hexdump test_ok.sha1
0000000 08 a8 55 9c d4 43 f9 cb ec 9f 04 f4 f2 dc aa 1f
0000010 7f e9 e1 11                                    
0000014
	
$ hexdump test_ok.sha1.calc
0000000 30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 08
0000010 a8 55 9c d4 43 f9 cb ec 9f 04 f4 f2 dc aa 1f 7f
0000020 e9 e1 11                                       
0000023



Test script:
---------------
<?php
$PublicKey="-----BEGIN PUBLIC KEY-----
MIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgGLgfmIN4O+aqfPGN1BkWW1hzCdj
XqozEKyFnOTWCyp+H301nILC6JFV1WAEQnCZE/B8VTArlSYnOySU+MjU11jRSYTz 
nHokHLhCVkH/o/4ZqL1s0rtoJ62f6Loc3mZHRX7l2PJGTXNQJGTNRTh1kdJthA3S
LMwa4ReOEyjIG7e7AgMBAAE= 
-----END PUBLIC KEY-----";

$Data_err="1327943790";

$Signature_err_b64="SEjTquEPcqY0V90KYvDi7ofGiKlc53T4XzHwHtIgcN5wuOg4JxffKtrLN
9Tq+8c/045m15JXULJUMkN7fdDUqtxFyIBSEt4nqhvZgLDVQBIBXJRF8c32CBaLsG837hZra8/nD5
b4T+sCyEXRUMmcfflhJiMIr7l72sOxgRmzTw==";

$Signature_err=base64_decode($Signature_err_b64);

echo openssl_verify($Data_err, $Signature_err, $PublicKey);  //It should return 1
echo "\n";

$Data_ok="1327943823";

$Signature_ok_b64="GURbsl4CFPCG83RCZxsEpoRleXicXQhH1OC4Fk77b7EMj2g8aHUhD/L+smo
GSVpuEwup1fmkZBADXwBel8UKsmxgTLRX+vlGgyTr1XPqqHFNjtL33fd57NuKBqaJjwSp7D5xVMeVd
QtQQbsKuKx5AvOPPyZfdtdyoJw/all1tl4=";

$Signature_ok=base64_decode($Signature_ok_b64);

echo openssl_verify($Data_ok, $Signature_ok, $PublicKey);       

?>

Expected result:
----------------
1
1

Actual result:
--------------
0
1

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-01-31 07:35 UTC] baylina at uniclau dot com
I have investigated a litle more, and if you do 

$ openssl dgst -sha1 -verify test.pub -signature test_ok.sig test_ok.txt
Verified OK

$openssl dgst -sha1 -verify test.pub -signature test_err.sig test_err.txt
Verification Failure

So it seems that it is an openSSL problem.
 [2012-01-31 07:56 UTC] pajoye@php.net
-Status: Open +Status: Not a bug
 [2012-01-31 07:56 UTC] pajoye@php.net
Openssl issue (if any), not php.
 [2012-10-24 03:08 UTC] terrafrost@php.net
It's not an OpenSSL issue either.  Both PHP and OpenSSL are behaving as
they should.

"openssl rsautl -verify" is decrypting test_err.sig and checks to see
if the hash contained within the ciphertextmatches test_err.sha1.
That's not what "openssl dgst" or openssl_verify() do.  They just
verify the hash.  Hash verification is it's own operation in the PKCS#1
standards distinct from decryption.

That the second example yields a match is just dumb luck.
 
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Mon Dec 05 18:03:43 2022 UTC