Digital Signatures
Also Known As
code signing
digital signature
Ed25519
RSA signing
TL;DR
Cryptographic proof that data was created by the holder of a private key and has not been altered — providing authentication, integrity, and non-repudiation.
Explanation
Signing: hash the data, encrypt the hash with the private key. Verification: decrypt the signature with the public key, hash the data independently, compare. If they match, the data is authentic and unmodified. Ed25519 is the modern recommended algorithm — faster and more secure than RSA signing. Used in: TLS certificates, JWT signing, Git signed commits, code signing, and API request authentication. Non-repudiation means the signer cannot deny having signed.
Diagram
sequenceDiagram
participant SIGNER as Signer
participant MSG as Message
participant VERIFIER as Verifier
SIGNER->>MSG: hash the message
SIGNER->>SIGNER: encrypt hash with private key
SIGNER->>VERIFIER: send message + signature
VERIFIER->>VERIFIER: hash received message
VERIFIER->>VERIFIER: decrypt signature with public key
VERIFIER->>VERIFIER: compare hashes
Note over VERIFIER: Hashes match = authentic + untampered
Note over VERIFIER: Hashes differ = tampered or wrong key
Common Misconception
✗ Digital signatures encrypt data for confidentiality — they prove integrity and authenticity but do not encrypt; the signed data remains readable.
Why It Matters
JWTs, signed webhooks, and code signing all rely on digital signatures — understanding the mechanism explains why the private key must never be shared and why public keys can be distributed freely.
Common Mistakes
- Using weak hash algorithms (MD5, SHA1) for signing — collision attacks allow forged signatures.
- Signing the wrong data — sign the canonical form of the data, not a developer-friendly representation.
- Not verifying the certificate chain when verifying a signature — the public key must be trusted.
- Confusing HMAC (symmetric shared secret) with digital signatures (asymmetric) — HMAC requires both parties to have the secret.
Code Examples
✗ Vulnerable
// Weak signing — SHA1 hash, vulnerable to collisions:
$signature = openssl_sign($data, $sig, $privateKey, OPENSSL_ALGO_SHA1);
// JWT signature verification skipped:
$payload = json_decode(base64_decode(explode('.', $jwt)[1]));
// Using payload without verifying signature — unsigned claims trusted
✓ Fixed
// Ed25519 signature with PHP:
openssl_sign($data, $signature, $privateKey, OPENSSL_ALGO_SHA256);
// Verify:
$valid = openssl_verify($data, $signature, $publicKey, OPENSSL_ALGO_SHA256) === 1;
if (!$valid) throw new SecurityException('Invalid signature');
// HMAC for webhook verification (symmetric):
$expected = hash_hmac('sha256', $payload, $secret);
if (!hash_equals($expected, $receivedSig)) throw new SecurityException('Bad signature');Tags
🤝 Adopt this term
£79/year · your link shown here
Added
15 Mar 2026
Edited
22 Mar 2026
Views
22
🤖 AI Guestbook educational data only
|
|
Last 30 days
Agents 0
No pings yet today
No pings yesterday
Perplexity 7
Amazonbot 6
Google 2
Ahrefs 2
Also referenced
How they use it
crawler 16
crawler_json 1
Related categories
⚡
DEV INTEL
Tools & Severity
🟡 Medium
⚙ Fix effort: Medium
⚡ Quick Fix
Use openssl_sign() with OPENSSL_ALGO_SHA256 to sign data and openssl_verify() to verify — digital signatures prove both authenticity and integrity with non-repudiation
📦 Applies To
PHP 5.0+
web
cli
🔗 Prerequisites
🔍 Detection Hints
HMAC used where non-repudiation is required (legal documents, audit trails); unsigned API webhooks from critical financial sources
Auto-detectable:
✗ No
semgrep
⚠ Related Problems
🤖 AI Agent
Confidence: Medium
False Positives: Medium
✗ Manual fix
Fix: High
Context: Function
Tests: Update
CWE-347