[PHP-BUG] Bug #60936 [NEW]: openssl_verify does not work ok.

Mon, 30 Jan 2012 16:12:48 -0800 

From:             
Operating system: Any
PHP version:      5.3.9
Package:          OpenSSL related
Bug Type:         Bug
Bug description:openssl_verify does not work ok.

Description:
------------
Some times, openssl_verify does not recognize a valid signature. The same
input 
in the openssl command line works ok.

See the case.

You can verify with command line ssh that both signatures are ok:

$ echo "-----BEGIN PUBLIC KEY-----
MIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgGLgfmIN4O+aqfPGN1BkWW1hzCdj
XqozEKyFnOTWCyp+H301nILC6JFV1WAEQnCZE/B8VTArlSYnOySU+MjU11jRSYTz 
nHokHLhCVkH/o/4ZqL1s0rtoJ62f6Loc3mZHRX7l2PJGTXNQJGTNRTh1kdJthA3S
LMwa4ReOEyjIG7e7AgMBAAE= 
-----END PUBLIC KEY-----" > test.pub
        
$ echo -n "1327943790" > test_err.txt
$ openssl dgst -sha1 -binary -out test_err.sha1 test_err.txt
        
$ echo "SEjTquEPcqY0V90KYvDi7ofGiKlc53T4XzHwHtIgcN5wuOg4JxffK
trLN9Tq+8c/045m15JXULJUMkN7fdDUqtxFyIBSEt4nqhvZgLDVQBIBXJRF8
c32CBaLsG837hZra8/nD5b4T+sCyEXRUMmcfflhJiMIr7l72sOxgRmzTw==" >
test_err.sig.64
$ base64 -D -i test_err.sig.64 -o test_err.sig
        
$ openssl rsautl -verify -inkey test.pub -pkcs -pubin -in test_err.sig -out

test_err.sha1.calc
        
$ hexdump test_err.sha1
0000000 d8 44 89 0c 34 cb 0d 64 23 28 56 56 85 25 c8 46
0000010 f4 e8 f8 3d                                    
0000014
        
$ hexdump test_err.sha1.calc
0000000 30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 d8
0000010 44 89 0c 34 cb 0d 64 23 28 56 56 85 25 c8 46 f4
0000020 e8 f8 3d                                       
0000023
        
// You can see that the last bytes (the dgst) are the same.
        
$ echo -n "1327943823" > test_ok.txt
$ openssl dgst -sha1 -binary -out test_ok.sha1 test_ok.txt
        
$ echo "GURbsl4CFPCG83RCZxsEpoRleXicXQhH1OC4Fk77b7EMj2g8aHUhD/L+sm
oGSVpuEwup1fmkZBADXwBel8UKsmxgTLRX+vlGgyTr1XPqqHFNjtL33fd5
7NuKBqaJjwSp7D5xVMeVdQtQQbsKuKx5AvOPPyZfdtdyoJw/all1tl4=" > test_ok.sig.64
$ base64 -D -i test_ok.sig.64 -o test_ok.sig
        
$ openssl rsautl -verify -inkey test.pub -pkcs -pubin -in test_ok.sig -out

test_ok.sha1.calc
        
$ hexdump test_ok.sha1
0000000 08 a8 55 9c d4 43 f9 cb ec 9f 04 f4 f2 dc aa 1f
0000010 7f e9 e1 11                                    
0000014
        
$ hexdump test_ok.sha1.calc
0000000 30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 08
0000010 a8 55 9c d4 43 f9 cb ec 9f 04 f4 f2 dc aa 1f 7f
0000020 e9 e1 11                                       
0000023



Test script:
---------------
<?php
$PublicKey="-----BEGIN PUBLIC KEY-----
MIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgGLgfmIN4O+aqfPGN1BkWW1hzCdj
XqozEKyFnOTWCyp+H301nILC6JFV1WAEQnCZE/B8VTArlSYnOySU+MjU11jRSYTz 
nHokHLhCVkH/o/4ZqL1s0rtoJ62f6Loc3mZHRX7l2PJGTXNQJGTNRTh1kdJthA3S
LMwa4ReOEyjIG7e7AgMBAAE= 
-----END PUBLIC KEY-----";

$Data_err="1327943790";

$Signature_err_b64="SEjTquEPcqY0V90KYvDi7ofGiKlc53T4XzHwHtIgcN5wuOg4JxffKtrLN
9Tq+8c/045m15JXULJUMkN7fdDUqtxFyIBSEt4nqhvZgLDVQBIBXJRF8c32CBaLsG837hZra8/nD5
b4T+sCyEXRUMmcfflhJiMIr7l72sOxgRmzTw==";

$Signature_err=base64_decode($Signature_err_b64);

echo openssl_verify($Data_err, $Signature_err, $PublicKey);  //It should
return 1
echo "\n";

$Data_ok="1327943823";

$Signature_ok_b64="GURbsl4CFPCG83RCZxsEpoRleXicXQhH1OC4Fk77b7EMj2g8aHUhD/L+smo
GSVpuEwup1fmkZBADXwBel8UKsmxgTLRX+vlGgyTr1XPqqHFNjtL33fd57NuKBqaJjwSp7D5xVMeVd
QtQQbsKuKx5AvOPPyZfdtdyoJw/all1tl4=";

$Signature_ok=base64_decode($Signature_ok_b64);

echo openssl_verify($Data_ok, $Signature_ok, $PublicKey);       

?>

Expected result:
----------------
1
1

Actual result:
--------------
0
1

-- 
Edit bug report at https://bugs.php.net/bug.php?id=60936&edit=1
-- 
Try a snapshot (PHP 5.4):            
https://bugs.php.net/fix.php?id=60936&r=trysnapshot54
Try a snapshot (PHP 5.3):            
https://bugs.php.net/fix.php?id=60936&r=trysnapshot53
Try a snapshot (trunk):              
https://bugs.php.net/fix.php?id=60936&r=trysnapshottrunk
Fixed in SVN:                        
https://bugs.php.net/fix.php?id=60936&r=fixed
Fixed in SVN and need be documented: 
https://bugs.php.net/fix.php?id=60936&r=needdocs
Fixed in release:                    
https://bugs.php.net/fix.php?id=60936&r=alreadyfixed
Need backtrace:                      
https://bugs.php.net/fix.php?id=60936&r=needtrace
Need Reproduce Script:               
https://bugs.php.net/fix.php?id=60936&r=needscript
Try newer version:                   
https://bugs.php.net/fix.php?id=60936&r=oldversion
Not developer issue:                 
https://bugs.php.net/fix.php?id=60936&r=support
Expected behavior:                   
https://bugs.php.net/fix.php?id=60936&r=notwrong
Not enough info:                     
https://bugs.php.net/fix.php?id=60936&r=notenoughinfo
Submitted twice:                     
https://bugs.php.net/fix.php?id=60936&r=submittedtwice
register_globals:                    
https://bugs.php.net/fix.php?id=60936&r=globals
PHP 4 support discontinued:          
https://bugs.php.net/fix.php?id=60936&r=php4
Daylight Savings:                    https://bugs.php.net/fix.php?id=60936&r=dst
IIS Stability:                       
https://bugs.php.net/fix.php?id=60936&r=isapi
Install GNU Sed:                     
https://bugs.php.net/fix.php?id=60936&r=gnused
Floating point limitations:          
https://bugs.php.net/fix.php?id=60936&r=float
No Zend Extensions:                  
https://bugs.php.net/fix.php?id=60936&r=nozend
MySQL Configuration Error:           
https://bugs.php.net/fix.php?id=60936&r=mysqlcfg

Reply via email to