RSA-SHA1 signing method is not working

Question

RSA-SHA1 signing method is not working

Wirone opened this issue 10 years ago · comments

Problem is with these lines in GuzzleHttp\Subscriber\Oauth\Oauth1::sign_RSA_SHA1():

$privateKey = openssl_pkey_get_private(
    file_get_contents($this->config['consumer_secret']),
    $this->config['consumer_secret']
);

We have to use $this->config['consumer_secret'] for private key's path, but then $this->config['consumer_secret'] is also used as passphrase and it's not working.

I have two ideas:

there should be one additional private_key attribute in constructor's $config so sign_RSA_SHA1() could use $this->config['private_key']. Maybe $this->config['private_key_passphrase'] also? In my opinion it would be most readable.
sign_RSA_SHA1() could use $this->config['consumer_key'] for private key's path and $this->config['consumer_secret'] for optional passphrase. But it could be misleading.

Greg Korba · Answer 1 · Fri Mar 20 2015 17:55:21 GMT+0800 (China Standard Time)

Great! When new release will be available for Composer?

Christian Loock · Answer 2 · Wed Sep 02 2015 16:27:37 GMT+0800 (China Standard Time)

Will there be a version of this fix for guzzle 5?

Adamo Crespi · Answer 3 · Thu Feb 18 2016 20:43:19 GMT+0800 (China Standard Time)

I think this can be closed...