Windows验证来自Open SSL php的签名
[英]Windows to verify signature from Open SSL php
问题描述
I use PHP to sign a string with openssl_sign. 
我使用PHP使用openssl_sign对字符串进行签名。 So far all ok. 到目前为止一切正常。
The problem is that I want to verify the signature from Windows. 问题是我想从Windows验证签名。 For that I pass the certificate, the message, and it's signature to the windows app. 为此,我将证书,消息及其签名传递给Windows应用程序。 How do I use CryptVerifyDetachedMessageSignature to force using the certificate that the PHP code used? 如何使用CryptVerifyDetachedMessageSignature强制使用PHP代码使用的证书?
I tried it, but it returns "asn1 bad tag value met" on the signature created by PHP ... 我尝试了一下,但是它在PHP创建的签名上返回了“满足asn1错误标签值”。
Thanks... 谢谢...
2 个解决方案
解决方案1
2 2014-06-24 19:17:19
It's hard to say since you haven't posted your code or a sample signature / plaintext / key. 由于尚未发布代码或示例签名/明文/密钥,因此很难说。 But, in lieu of that, here's how I'd do it (with phpseclib): 但是,代替这一点,这是我的方法(使用phpseclib):
<?php
include('Crypt/RSA.php');
$rsa = new Crypt_RSA();
//$rsa->setPassword('password');
$rsa->loadKey('...'); // private key
$plaintext = '...';
$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
$signature = $rsa->sign($plaintext);
$rsa->loadKey('...'); // public key
echo $rsa->verify($plaintext, $signature) ? 'verified' : 'unverified';
?>
If the signature mode is PSS just do $rsa->setSignatureMode() (without any parameters) instead. 如果签名模式为PSS,则只需执行$rsa->setSignatureMode() (不带任何参数)即可。
If the signature and plaintext are both in the same blob you'll need to separate it per whatever file format you're using. 如果签名和纯文本都在同一个Blob中,则需要使用任何文件格式将其分开。
解决方案2
0 已采纳 2014-06-22 09:50:04
No luck. 没运气。 I finally resorted to openssl_pkcs7_sign which outputs a S/MIME compatible message, which I can handle in Windows. 最后,我求助于openssl_pkcs7_sign,它输出一个S / MIME兼容消息,我可以在Windows中处理该消息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.