Req #61421 [Asn]: OpenSSL signature verification missing RMD160, SHA224, SHA256, SHA384, SHA512

Tue, 26 Jun 2012 23:22:25 -0700 

Edit report at https://bugs.php.net/bug.php?id=61421&edit=1

 ID:                 61421
 Updated by:         paj...@php.net
 Reported by:        mark at zedwood dot com
 Summary:            OpenSSL signature verification missing RMD160,
                     SHA224, SHA256, SHA384, SHA512
 Status:             Assigned
 Type:               Feature/Change Request
 Package:            OpenSSL related
 Operating System:   Ubuntu Linux
 PHP Version:        5.4.4
 Assigned To:        pajoye
 Block user comment: N
 Private report:     N

 New Comment:

Patch compiles fine, I asked the RMs if it is fine to merge into 5.3/4.

Will commit all at once once I got an answer.

Thanks for your work and patience!


Previous Comments:
------------------------------------------------------------------------
[2012-06-21 20:14:04] mark at zedwood dot com

This issue is an important feature to add to PHP, considering
"SHA-1 has recently been demonstrated to provide less than 80 bits of security 
for digital signatures; at the publication of this Recommendation, the security 
strength against collisions is assessed at 69 bits. The use of SHA-1 is not 
recommended for the generation of digital signatures in new systems; new 
systems should use one of the larger hash functions. (SHA-224, SHA-256, SHA-384 
and SHA-512)"
https://wiki.mozilla.org/CA:MD5and1024

------------------------------------------------------------------------
[2012-06-19 13:43:53] mark at zedwood dot com

Those new examples are also all be in the openssl-add-sig-algs.txt patch file I 
uploaded yesterday.  So we should be good to go.

------------------------------------------------------------------------
[2012-06-19 07:55:30] paj...@php.net

hi!

that looks good now! Thanks!

Could you add the latest examples as extra tests as well please?

I will commit it to master this week.

------------------------------------------------------------------------
[2012-06-18 20:48:28] mark at zedwood dot com

I just added a patch, updated to php 5.4.4.  Hopefully this can make it into 
php 5.4.5.

------------------------------------------------------------------------
[2012-06-18 20:12:52] mark at zedwood dot com

Modified pastebin example to show simpler test case:
http://pastebin.com/qdCyC0Pe

older pastebin example now available at:
http://pastebin.com/4LQDqMD5

------------------------------------------------------------------------


The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at

    https://bugs.php.net/bug.php?id=61421


-- 
Edit this bug report at https://bugs.php.net/bug.php?id=61421&edit=1

Reply via email to