Sign XML with OpenSSL in PHP (Solved)?

O

OnlyFirster2016-09-29 17:59:33

PHP

OnlyFirster, 2016-09-29 17:59:33

Good afternoon!
There is XML, I need to sign it in PKCS#7 format, I use openssl on php.
My code

if (openssl_pkcs7_sign($fileName.'.xml', $fileName.'_signed.xml', "cert.pem",
        array("private.key", "passphrase"),
        array("To" => "[email protected]", // keyed syntax
            "From: [email protected]")
    )) {
       echo 111;
    }

Unity does not display, I do not understand why.
Through the terminal I use this

openssl smime -sign -in file.xml -signer cert.pem -inkey private.key -out file_signed.xml -outform PEM

and after asking for input pass phrase private key errors occur

139919525967512:error:0609E09C:digital envelope routines:PKEY_SET_TYPE:unsupported algorithm:p_lib.c:231:
139919525967512:error:0B07706F:x509 certificate routines:X509_PUBKEY_get:unsupported algorithm:x_pubkey.c:148:
139919525967512:error:0B080075:x509 certificate routines:X509_check_private_key:unknown key type:x509_cmp.c:346:
139919525967512:error:2108907F:PKCS7 routines:PKCS7_sign_add_signer:private key does not match certificate:pk7_smime.c:163:

Googled errors. I didn’t find anything sensible, I didn’t substitute any parameters, I can’t sign it.
Please help, where to dig at least, or if there is a ready-made example.
Thank you!
=====================
I solved the first two errors.
There are two more left.

139694728468120:error:0B080073:x509 certificate routines:X509_check_private_key:key type mismatch:x509_cmp.c:343:
139694728468120:error:2108907F:PKCS7 routines:PKCS7_sign_add_signer:private key does not match certificate:pk7_smime.c:163:

========
It turned out that the service sent the wrong certificate.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

R

romy4, 2016-09-29
@romy4

maybe add a flag -t rsa