I have to maintain an application in php 4 that must send signed data via openssl_sign. The issue is that for different data of the same size, the signature is always the same. Eg. this code:
$signature = null;
$message1 = 'foobar';
$privkey1 = openssl_pkey_get_private('file://path/to/private/key/privkey1.pem');
while ($msg = openssl_error_string()) {
echo $msg . "<br />\n";
}
openssl_sign($message1, $signature, $privkey1);
while ($msg = openssl_error_string()) {
echo $msg . "<br />\n";
}
openssl_free_key($privkey1);
while ($msg = openssl_error_string()) {
echo $msg . "<br />\n";
}
$signature2 = null;
$message2 = 'foobaz';
$privkey2 = openssl_pkey_get_private('file://path/to/private/key/privkey1.pem');
while ($msg = openssl_error_string()) {
echo $msg . "<br />\n";
}
openssl_sign($message2, $signature2, $privkey2);
while ($msg = openssl_error_string()) {
echo $msg . "<br />\n";
}
openssl_free_key($privkey2);
while ($msg = openssl_error_string()) {
echo $msg . "<br />\n";
}
echo base64_encode($signature) . '<br/>';
echo base64_encode($signature2) . '<br/>';
Outputs this:
uANYD6qKuvlcyK2svarB0ESPO7qLa75cEIhCmjkTF23cwveSE+Mxuhsl7JKjOEOPf7v8mCoTLmdlm/2RDD0Nabdpi+5Ez8Di8dFNpXtMVRByJvewOOGxTgYt/1XPIqe+dvLunkqtl8dHkRhtzuBHay1suco53Ybs7r41YKdqnkk=
uANYD6qKuvlcyK2svarB0ESPO7qLa75cEIhCmjkTF23cwveSE+Mxuhsl7JKjOEOPf7v8mCoTLmdlm/2RDD0Nabdpi+5Ez8Di8dFNpXtMVRByJvewOOGxTgYt/1XPIqe+dvLunkqtl8dHkRhtzuBHay1suco53Ybs7r41YKdqnkk=
Does anyone know what the reason of this problem?