stackoom
  简体   繁体   中英

openssl_pkey_get_private returning false

 原文  2018-10-01 14:48:03       php/ openssl

Question

Im trying to verify some private keys but the php method openssl_pkey_get_private() always return false . And the openssl_error_string() is returning:

error:0906D06C:PEM routines:PEM_read_bio:no start line 

    $return = openssl_pkey_get_private($path.'_priKEY.pem');
    if ($return === false) {
        var_dump(openssl_error_string());
    }

Tried this with private key extracted from .pfx file, other from .p12 file, and even an self generated key (with openssl). Already tried with "RSA PRIVATE KEY", "ENCRYPTED PRIVATE KEY" and "PRIVATE KEY". Nothing changes.

Private key content: 

-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0B
[......................]
Wxdadnf7MB7DicckIZTKVy1L
-----END PRIVATE KEY-----

2 answers

solution1
 2 ACCPTED  2018-10-01 21:59:06

It looks like you did not provide the right format for the path to the file. Make sure it starts with file:// , followed by and absolute or relative path. Yes, if you choose an absolute path, then the path to the filename will be something like file:///absolute/path/to/keyfile.pem , starting with three slashes. For relative paths, it will be file://relative/path/to/keyfile.pem .

According to the documentation for openssl_pkey_get_private() , you can provide the key either as a path to a file, or as a string containing the actual key. Only if the value starts with file:// , it is interpreted as the path (URI) to a file. Otherwise, the value is interpreted as a string containing the PEM-encoded key. In the latter case, it expects a start line that it recognizes as PEM, like -----BEGIN PRIVATE KEY----- . That is why you get that error message, your argument neither starts with file:// nor with a PEM start line.

If you do not like the file:// path format, you could always read the contents of the file yourself before providing it to openssl_pkey_get_private() , something like: 

$return = openssl_pkey_get_private(file_get_contents($path.'_priKEY.pem'));

solution2
 0  2019-09-05 23:20:31

Please refer to next URL.

https://www.php.net/manual/en/function.openssl-pkey-get-private.php

To narrow down your issue, please use same directory for your php file and key file and try this working code.

Working code 

$keyfile="file://".__DIR__.DIRECTORY_SEPARATOR."key.pem"; //absolute path
$key = openssl_pkey_get_private($keyfile);

if ($key === false) {
    var_dump(openssl_error_string());
}else{
    var_dump($key);
}

Also please refer to Openssl and PHP

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question openssl_pkey_get_private returning false for one key PHP Openssl_pkey_get_private() result depends on openssl Retrieving raw private key from openssl_pkey_get_private() ASP.Net equivalent of openssl_private_decrypt and openssl_pkey_get_private Calling openssl_pkey_get_private() on just created private key via Copy and Paste Attempted to call function “openssl_pkey_get_private” from namespace “WAYF” openssl_pkey_get_public returning false, but key does exist Private Key with PHP and “openssl_pkey_get_details() expects parameter 1 to be resource” `openssl_pkey_get_details` only returning `bits`, `key` and `type` values (can't access [rsa]) openssl_pkey_get_public return 0
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM