如何通过私钥进行签名并在php中通过公钥进行检查
[英]how make signature by private key and check it by public key in php
问题描述
I have a RSA private key and a RSA public key. 
我有一个RSA私钥和一个RSA公钥。
both rsa keys are in xml version ( <RSAKeyValue><Modulus>.... ); 两个rsa密钥均为xml版本( <RSAKeyValue><Modulus>.... );
I need to make a PKCS8 signature from private key and test it by publik key in php 我需要从私钥进行PKCS8签名,并通过php中的publik密钥对其进行测试
I used this snippet for making signature: 我使用以下代码片段进行签名:
$content = "test string";
include('Crypt/RSA.php');
$rsa = new Crypt_RSA();
$rsa->loadKey(file_get_contents("private.txt"));
$pem_format = $rsa->getPrivateKey();
$pvk_res = openssl_get_privatekey($pem_format);
$sig = '';
openssl_sign($content , $sig, $pvk_res, OPENSSL_ALGO_SHA1);
$signature = base64_encode($sig);
is this right way for making signature ?? 这是签名的正确方法吗?
now how use public key to test accuracy of signature ?? 现在如何使用公钥测试签名的准确性?
1 个解决方案
解决方案1
1 已采纳 2014-01-15 19:10:03
PKCS8 concerns key formats - not signatures. PKCS8与密钥格式有关,与签名无关。
Also, I see you're using phpseclib to convert the key to pem and then using openssl. 另外,我看到您正在使用phpseclib将密钥转换为pem,然后使用openssl。 Why not just use phpseclib for everything? 为什么不只使用phpseclib来完成所有工作? At that point you could use this example: 此时,您可以使用以下示例:
http://phpseclib.sourceforge.net/rsa/examples.html#sign,sign2 http://phpseclib.sourceforge.net/rsa/examples.html#sign,sign2
<?php
include('Crypt/RSA.php');
$rsa = new Crypt_RSA();
//$rsa->setPassword('password');
$rsa->loadKey('...'); // private key
$plaintext = '...';
$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
$signature = $rsa->sign($plaintext);
$rsa->loadKey('...'); // public key
echo $rsa->verify($plaintext, $signature) ? 'verified' : 'unverified';
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.