我正在尝试使用openssl_sign签名文件。
我的代码:
$pkeyid = openssl_get_privatekey($priv_key);
// compute signature
openssl_sign($data, $signature, $pkeyid, OPENSSL_ALGO_SHA1);
Echo $signature;
// free the key from memory
openssl_free_key($pkeyid);
问题在于它输出了奇怪的字符而不是sha1哈希。我究竟做错了什么? (我的PHP文件以UTF8编码)
输出:
šòŠμcÔÝ”KÿLÍvÎ* Q‡M-Xz¬ëNðñÆÒÐLÉ6Š²cTO¯à“ØæØSª?TSU T /ß<‡,¤Sý³f¥Jª¥§š¯ŠqL¾ð> <å-éuÇ-Öºþ|ùn}“Ë?=〜JTÃj”ŒÉ~׆±ÍçÏZ5]þNÉÌOhÔMllCJY`k-W²IHrätv¨ôñIμBÛÕBô€ŸIwèFd8 êÿ2äåçAØèÙtªÈÚ‡œ£šO.èiÿonE[ÑœZºZ@TpÉO•Ý~~ëq
期待的是:
Ol2rr4oaPHxfQL4ER8Ck15OEr8D8Cn9iGcsjZ8ves2IG7WOFFm0WUyQDAN30trNvO7vRQF25Uosw / Aflx3bRB1ezQNSn6mPvTzU6CPuSC + BBddytOyRvoLPhJ4F910yE8mrKeIuz1un8Dobm3PnZrlwCJecQbSilE4uIJ2rikl4 =
PS:$ data包含我要签名的文字。私钥已正确加载,我手动将其放在我的文件中。 (它是pem格式化的)
答案 0 :(得分:0)
仅将字符串转换为
$signature = base64_encode($signtaure);
echo"The sring hash is;".$signature;
在保存ani flie或变量之前
SHA1加密不是问题。
如果要验证标志
$privateKeyPem = file_get_contents($folder.'private_key.pem');
$publicKeyPem = file_get_contents($folder.'public_key.pem');
$signature = file_get_contents($folder.'signature.dat');
$signature = base64_decode($signature);
//echo "the signature is: ".$signature; for verify your string
if (openssl_verify($stringtosign, $signature, $publicKeyPem, 'sha256WithRSAEncryption') === 1) {
echo 'the sign is a valid sign ';
echo'<br> the generated hash is: '.$signature;
} else {
echo 'the sign is invalid';
}