|
|
|
|
Bookmark this on Delicious
Share on Facebook
 Slashdot It!
Digg  openssl_sign
Generate signature
(PHP 4 >= 4.0.4, PHP 5)
Example 1677. openssl_sign() example<?phpCode Examples / Notes » openssl_signedmarw
This may help if you just want a real-simple private/public key pair: <?php $data = "Beeeeer is really good.. hic..."; // You can get a simple private/public key pair using: // openssl genrsa 512 >private_key.txt // openssl rsa -pubout <private_key.txt >public_key.txt // IMPORTANT: The key pair below is provided for testing only. // For security reasons you must get a new key pair // for production use, obviously. $private_key = <<<EOD -----BEGIN RSA PRIVATE KEY----- MIIBOgIBAAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6zxqlVzz0wy2j4kQVUC4Z RZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQJAL151ZeMKHEU2c1qdRKS9 sTxCcc2pVwoAGVzRccNX16tfmCf8FjxuM3WmLdsPxYoHrwb1LFNxiNk1MXrxjH3R 6QIhAPB7edmcjH4bhMaJBztcbNE1VRCEi/bisAwiPPMq9/2nAiEA3lyc5+f6DEIJ h1y6BWkdVULDSM+jpi1XiV/DevxuijMCIQCAEPGqHsF+4v7Jj+3HAgh9PU6otj2n Y79nJtCYmvhoHwIgNDePaS4inApN7omp7WdXyhPZhBmulnGDYvEoGJN66d0CIHra I2SvDkQ5CmrzkW5qPaE2oO7BSqAhRZxiYpZFb5CI -----END RSA PRIVATE KEY----- EOD; $public_key = <<<EOD -----BEGIN PUBLIC KEY----- MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6 zxqlVzz0wy2j4kQVUC4ZRZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQ== -----END PUBLIC KEY----- EOD; $binary_signature = ""; // At least with PHP 5.2.2 / OpenSSL 0.9.8b (Fedora 7) // there seems to be no need to call openssl_get_privatekey or similar. // Just pass the key as defined above openssl_sign($data, $binary_signature, $private_key, OPENSSL_ALGO_SHA1); // Check signature $ok = openssl_verify($data, $binary_signature, $public_key, OPENSSL_ALGO_SHA1); echo "check #1: "; if ($ok == 1) { echo "signature ok (as it should be)\n"; } elseif ($ok == 0) { echo "bad (there's something wrong)\n"; } else { echo "ugly, error checking signature\n"; } $ok = openssl_verify('tampered'.$data, $binary_signature, $public_key, OPENSSL_ALGO_SHA1); echo "check #2: "; if ($ok == 1) { echo "ERROR: Data has been tampered, but signature is still valid! Argh!\n"; } elseif ($ok == 0) { echo "bad signature (as it should be, since data has beent tampered)\n"; } else { echo "ugly, error checking signature\n"; } ?> adam dot mansfeld
Hello, the fourth parameter 'signature_alg' to choose the signature algorithm can be one of: OPENSSL_ALGO_SHA1 OPENSSL_ALGO_MD5 OPENSSL_ALGO_MD4 OPENSSL_ALGO_MD2 Just for the case that somebody needs this. Regards |
Change Language
openssl_csr_export_to_file openssl_csr_export openssl_csr_get_public_key openssl_csr_get_subject openssl_csr_new openssl_csr_sign openssl_error_string openssl_free_key openssl_get_privatekey openssl_get_publickey openssl_open openssl_pkcs12_export_to_file openssl_pkcs12_export openssl_pkcs12_read openssl_pkcs7_decrypt openssl_pkcs7_encrypt openssl_pkcs7_sign openssl_pkcs7_verify openssl_pkey_export_to_file openssl_pkey_export openssl_pkey_free openssl_pkey_get_details openssl_pkey_get_private openssl_pkey_get_public openssl_pkey_new openssl_private_decrypt openssl_private_encrypt openssl_public_decrypt openssl_public_encrypt openssl_seal openssl_sign openssl_verify openssl_x509_check_private_key openssl_x509_checkpurpose openssl_x509_export_to_file openssl_x509_export openssl_x509_free openssl_x509_parse openssl_x509_read |
