Aug 27, 2012; 16:27
James Harvard
SHA1 signature using OpenSSL private key
I've not been on Lasso Talk for a while, so apologies for just using the list for help without having contributed anything recently - not a very good Lasso citizen!
I need to sign some data to pass to a remote server using a public/private key pair (generated using OpenSSL). I guess I need to be using ecrypt_hmac, but how do I supply the password? The private key .pem file seems to contain Base64 encoded data, but decoding that and feeding it to encrypt_hmac as the password generates a different (much shorter) signature than my simplified version of the reference PHP implementation (see end of e-mail).
encrypt_hmac( decode_base64($base64_private_key_from_pem_file), 'Hello world', -digest='sha1', -base64 );
Any thoughts appreciated! I'm using Lasso 8.6.
Thanks in advance,
James Harvard
<?php
$fp = fopen("/path/to/myrsakey.pem", "r");
$priv_key = fread($fp, 8192);
fclose($fp);
$pkeyid = openssl_get_privatekey($priv_key);
$data = 'Hello world' ;
$data = mb_convert_encoding($data, "UTF-16LE");
openssl_sign($data, $signature, $pkeyid, OPENSSL_ALGO_SHA1);
echo base64_encode($signature) ;
?>
#############################################################
This message is sent to you because you are subscribed to
the mailing list Lasso
Lasso@lists.lassosoft.com
To unsubscribe, E-mail to: <Lasso-unsubscribe@lists.lassosoft.com>
Send administrative queries to <Lasso-request@lists.lassosoft.com>
Aug 27, 2012; 15:57
kimrvan
Re: SHA1 signature using OpenSSL private key
Aug 28, 2012; 18:47
James Harvard
Re: SHA1 signature using OpenSSL private key