Warning: openssl_sign() expects parameter 4 to be long

Question

I'm trying to generate a JWT for using apple mapkit js. I found a open source code that generates the token which works fine on my local machine. However, I'm getting the following error when I uploaded to my server.

Warning: openssl_sign() expects parameter 4 to be long

The line that's causing the problem is

 if (!openssl_sign($payload, $result, $key, OPENSSL_ALGO_SHA256));

        <?php
    /**
     * Copyright 2018 Includable
     * Created by Thomas Schoffelen
     */
    namespace Mapkit;
    /**
     * Class JWT
     *
     * @package Mapkit
     */
    class JWT
    {
        /**
         * Generates a JWT token that can be used for MapKit JS or MusicKit authorization.
         *
         * @param string $private_key Contents of, or path to, private key file
         * @param string $key_id Key ID provided by Apple
         * @param string $team_id Apple Developer Team Identifier
         * @param string $origin Optionally limit header origin
         * @param integer $expiry The expiry timeout in seconds (defaults to 3600)
         * @return string|false
         */
        public static function getToken($private_key, $key_id, $team_id, $origin = null, $expiry = 3600)
        {
            $header = [
                'alg' => 'ES256',
                'typ' => 'JWT',
                'kid' => $key_id
            ];
            $body = [
                'iss' => $team_id,
                'iat' => time(),
                'exp' => time() + $expiry
            ];
            if ($origin) {
                $body['origin'] = $origin;
            }
            $payload = self::encode(json_encode($header)) . '.' . self::encode(json_encode($body));
            if (!$key = openssl_pkey_get_private($private_key)) {
                return false;
            }
            if (!openssl_sign($payload, $result, $key, OPENSSL_ALGO_SHA256)) {  //this is the line that's cause a problem
                return false;
            }
            return $payload . '.' . self::encode($result);
        }
        /**
         * URL-safe base64 encoding.
         *
         * @param string $data
         * @return string
         */
        private static function encode($data)
        {
            $encoded = strtr(base64_encode($data), '+/', '-_');
            return rtrim($encoded, '=');
        }
    }

I'm running 5.2.14, but I tried 5.3, 7.1, 7.3 and none of them work. I have the same version that I run locally. — Julia, Aug 25 '19 at 15:36
Seems `openssl` extension is not enabled on server. Refer this https://stackoverflow.com/questions/18064612/how-to-enable-phps-openssl-extension-to-install-composer — Samir Selia, Aug 25 '19 at 15:39
I un comment the extension=php_openssl.dll from the php.info, but it still getting the same error. — Julia, Aug 25 '19 at 15:43
In the phpinfo, I see OpenSSL support enabled OpenSSL Version OpenSSL 0.9.8o 01 Jun 2010 — Julia, Aug 25 '19 at 15:45
Now, check on server with PHP version >= 5.4.8 since `OPENSSL_ALGO_SHA256 ` is not supported in lower versions https://www.php.net/manual/en/openssl.signature-algos.php — Samir Selia, Aug 25 '19 at 15:47
do you know how to get php version 5.4.8 windows binaries? I checked https://windows.php.net/download/, it only has 7.1-7.3 — Julia, Aug 25 '19 at 16:03
I tried 7.37, then everything breaks. Simple code like if ($_REQUEST['data'] != 'a') { echo "good"; } is getting 500 - Internal server error on my windows server. — Julia, Aug 25 '19 at 16:13
Hi, now I got a version 5.5, but getting an Call to undefined function openssl_pkey_get_private() error. I have uncomment the extension=php_openssl.dll from the php.ini file. — Julia, Aug 25 '19 at 17:19
Whatever the reason for this error, the token will always be invalid. The problem is that for EC openssl will produce an ASN.1 sequence as signature when the RFC requires only the r and s parameters of that signature. — Spomky-Labs, Aug 25 '19 at 21:23

Warning: openssl_sign() expects parameter 4 to be long

0 Answers0