How to add digital signature (RSA, Certificate, etc) to any of file, using PHP?

Question

I need to know if any kind of file can be signed digitally, using RSA, a certificate, and that stuff, or if only certain kind of files can be signed. All this, using PHP.

Answer 1

Why do you want to digitally sign these different files?

There is no standard for actually altering text files or images so that the files themselves contain some sort of digital signature.

If you want to assure users that files have not been tampered with you can give them an MD5 hash of the file. They can use free tools to check the MD5 hash of a file they downloaded and compare it to the one you've given to make sure their file was not altered. This would typically be used for software/binary packages that a third party could insert malicious code into.

Another possibility is that you want users to be able to verify the authenticity of certain files. In this case a user might want to be certain that a text file or image came from YOU specifically. This functions almost like getting an MD5 hash of a file with a private key known only to you so that the end user can compare the file signature to your public key to ensure the file has not been tampered with and is coming from a specific source. PGP (pretty good privacy) provides a framework for this.

I suggest you check out the PGP intro documents for more information on this. http://www.pgpi.org/doc/pgpintro/