PHPerKaigi 2024

Signature Algorithms

OPENSSL_ALGO_DSS1 (int)
OPENSSL_ALGO_SHA1 (int)
Used as default algorithm by openssl_sign() and openssl_verify().
OPENSSL_ALGO_SHA224 (int)
OPENSSL_ALGO_SHA256 (int)
OPENSSL_ALGO_SHA384 (int)
OPENSSL_ALGO_SHA512 (int)
OPENSSL_ALGO_RMD160 (int)
OPENSSL_ALGO_MD5 (int)
OPENSSL_ALGO_MD4 (int)
OPENSSL_ALGO_MD2 (int)
This constant is only available if PHP is compiled with MD2 support. This requires passing in the -DHAVE_OPENSSL_MD2_H CFLAG when compiling PHP, and enable-md2 when compiling OpenSSL 1.0.0+.
add a note

User Contributed Notes 1 note

up
1
tim at remitone dot com
7 months ago
It should be noted that the default signature algorithm used by openssl_sign() and openssl_verify (OPENSSL_ALGO_SHA1) is no longer supported by default in OpenSSL Version 3 series.

With an up to date OpenSSL library, one has to run
"update-crypto-policies --set LEGACY"
on the server where the library resides in order to allow these functions to work without the optional alternative algorithm argument.
To Top