-function rsa_verify($data,$sig,$key) {
-
- if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
- $verify = openssl_verify($data,$sig,$key,'sha256');
- }
- else {
- if(strlen($key) <= 300 || extension_loaded('gmp')) {
- require_once('library/phpsec/Crypt/RSA.php');
- $rsa = new CRYPT_RSA();
- $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1;
- $rsa->setHash('sha256');
- $rsa->loadKey($key);
- $verify = $rsa->verify($data,$sig);
- }
- else {
- // fallback sha256 verify for PHP < 5.3 and large key lengths
- $rawsig = '';
- openssl_public_decrypt($sig,$rawsig,$key);
- $verify = (($rawsig && substr($rawsig,-32) === hash('sha256',$data,true)) ? true : false);
- }
- }
- return $verify;
+function rsa_verify($data, $sig, $key, $alg = 'sha256') {
+ return openssl_verify($data, $sig, $key, (($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : $alg));