1

I'm looking for an asynchronous crypt algorithm to digitally sign a string with php and verify the signature by using a mobile app (mostly ios or android).

What could be the most simple and effective way to do so? Can I trust RSA or it is slow and difficoult to implement in both sides (mobile and php server side)? In case RSA is good enough, can you suggest me a good implementation?

Luciano Mammino
  • 798
  • 8
  • 23

1 Answers1

1

phpseclib, a pure PHP RSA implementation is the best PHP RSA implementation I've come across. It supports PKCS#1 signatures and PSS signatures - the two most widely used padding schemes for RSA. ie. it, unlike most other PHP RSA implementations, is interoperable with OpenSSL, OpenSSH, .NET, etc. And from your post it sounds like interoperability is going to be quite important.

rhinestone
  • 54
  • 1
  • I discovered this wonderful library just yesterday. It is really easy to use and works like a charm. Now I just need to discover a library for iOS with the same features and, if possible, a way to reduce the size of the generated signature. Is it possible to reduce the size of the RSA signature? Maybe if I can reduce the size of the private key... – Luciano Mammino Apr 24 '11 at 09:51
  • 1
    Try $rsa->createKey(512) to create smaller keys. That'll create a smaller signature as well. – rhinestone Apr 26 '11 at 03:49
  • Tnx... It worked, but it seems I cannot use key with a less than 512 (e.g. 256) bytes. It generates the keys but when I encrypt or sign a string it returns `false`. – Luciano Mammino Apr 26 '11 at 16:05
  • Smaller keys mean you have less room to work with. OAEP encrypted strings require the RSA modulo be larger than the outputs of two hash functions (sha1 by default) concatenated together. PKCS1 encrypted strings have less stringent requirements on the modulo but there is still a lower bound even on that. I guess it really depends on what you're doing. If you're doing textbook RSA it doesn't really matter but textbook isn't safe or interoperable. – nevershown Apr 27 '11 at 23:27