OpenSSL Functions
PHP Manual

openssl_sign

Generate signature

Description

bool openssl_sign ( string $data , string &$signature , mixed $priv_key_id [, mixed $signature_alg = OPENSSL_ALGO_SHA1 ] )

openssl_sign computes a signature for the specified data by generating a cryptographic digital signature using the private key associated with priv_key_id. Note that the data itself is not encrypted.

Parameters

data

The string of data you wish to sign

signature

If the call was successful the signature is returned in signature.

priv_key_id

resource - a key, returned by openssl_get_privatekey

string - a PEM formatted key

signature_alg

int - one of these Signature Algorithms.

string - a valid string returned by openssl_get_md_methods example, "sha256WithRSAEncryption" or "sha384".

Return Values

Returns TRUE on success or FALSE on failure.

Changelog

Version Description
5.0.0 The signature_alg parameter was added.

Examples

Example #1 openssl_sign example

<?php
// $data is assumed to contain the data to be signed

// fetch private key from file and ready it
$pkeyid openssl_pkey_get_private("file://src/openssl-0.9.6/demos/sign/key.pem");

// compute signature
openssl_sign($data$signature$pkeyid);

// free the key from memory
openssl_free_key($pkeyid);
?>

Example #2 openssl_sign example

<?php
//data you want to sign
$data 'my data';

//create new private and public key
$new_key_pair openssl_pkey_new(array(
    "private_key_bits" => 2048,
    "private_key_type" => OPENSSL_KEYTYPE_RSA,
));
openssl_pkey_export($new_key_pair$private_key_pem);

$details openssl_pkey_get_details($new_key_pair);
$public_key_pem $details['key'];

//create signature
openssl_sign($data$signature$private_key_pemOPENSSL_ALGO_SHA256);

//save for later
file_put_contents('private_key.pem'$private_key_pem);
file_put_contents('public_key.pem'$public_key_pem);
file_put_contents('signature.dat'$signature);

//verify signature
$r openssl_verify($data$signature$public_key_pem"sha256WithRSAEncryption");
var_dump($r);
?>

See Also

  • openssl_verify