堆栈内存溢出
  简体   繁体   English

这个公钥==私钥如何

[英]How is this public key == private key

 原文  2015-08-20 16:26:41       php/ wordpress/ key/ licensing/ license-key

问题描述

This is a part of a test with this wordpress plugin which is basically a license manager. 这是使用此wordpress插件 (基本上是一个许可证管理器)进行的测试的一部分。 I am trying to understand the internals of the system. 我正在尝试了解系统的内部。 Here is how it works. 下面是它的工作原理。

Once the plugin is activated, it generates a private key 55d0ec3f9db414.02268045 using a simple function 'lic_verification_private_secret' => uniqid('', true) . 激活插件后,它将使用简单函数'lic_verification_private_secret' => uniqid('', true)生成私钥55d0ec3f9db414.02268045 Now, when someone makes a purchase of an item eg. 现在,当某人购买某物品时,例如 a wordpress plugin , a public license key 55d5d22ab70d2 is generated (using uniqid() ). 一个wordpress插件 ,生成一个公共许可证密钥55d5d22ab70d2 (使用uniqid() )。 The public key is then sent to the customer's email id. 然后将公钥发送到客户的电子邮件ID。 The customer inputs that key into his site and sends a request to the license server. 客户将密钥输入到他的站点中,然后向许可证服务器发送请求。 Below is a function about how the license manager plugin @server matches the private key with public key. 以下是有关许可证管理器插件@server如何将私钥与公钥匹配的功能。 

static function verify_secret_key() {
     $slm_options = get_option('slm_plugin_options');
     $private_secret_key = $slm_options['lic_verification_private_secret'];
     $public_key = strip_tags($_REQUEST['secret_key']); //this is sent in the query string
     if ($public_key == $private_secret_key) {
     // send a message back to client saying the key is verified.
}

All this works, so basically where I am stumped is how the below equation is valid ? 所有这些都有效,所以基本上让我感到困扰的是下面的方程式如何有效? What part of the picture am I missing ? 我缺少图片的哪一部分? 

55d5d22ab70d2 == 55d0ec3f9db414.02268045

Update - I have performed this test and it echoes false which i guess is obvious. 更新-我已经执行了此测试,它回显了我认为很明显的false。 

echo '55d0ec3f9db414.02268045' === '55d5d22ab70d2' ? 'true' : 'false';

1 个解决方案

解决方案1
 1 已采纳  2015-08-20 16:57:32

Shared secret key: 共享密钥: 

function generate_signature($message, $secret) {
     $serialized_message = serialize($message);
     return md5($serialized_message . $secret);
}

$secret = "i like pie";
$content = array(
    "i like" => "pie",
    "pancakes" => "are also nice"
);
$message = serialize(array(
    "signature" => generate_signature($content , $secret),
    "content" => $content
));

// send the message

$message = unserialize($_POST["message"]);
$signature = generate_signature($message["content"], $secret);
if ($signature === $message["signature"]) {
    echo "ok";
} else {
    echo "you don't like pie?";
}

The secret key can be the license btw, since that's what you want to keep secret. 密钥可以是许可证btw,因为这就是您要保密的内容。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何验证公钥属于私钥? - How to verify that a public key belongs to private key? 如何为API生成公钥和私钥 - How to generate public and private key for API 如何通过私钥进行签名并在php中通过公钥进行检查 - how make signature by private key and check it by public key in php 基于公钥/私钥的许可 - Public/Private Key Based Licensing PHP Captcha:什么是“私钥”和“公钥”? - PHP Captcha: What is a “private key” and “public key”? 从比特币私钥中搜索公钥 - Retrive Public key from a Bitcoin Private Key 如何使用公钥/私钥 RSA 密钥签署一些数据? - How to sign some data using public/private RSA key? 如何使用公钥和私钥保护小型php API - How to secure a small php api with public and private key 公私钥加密-PHP和C# - Public Private Key Crypto - PHP & C# 创建贝宝私钥和公共证书 - Create Paypal Private Key and Public Certificate
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM