openssl_verify
openssl_verify
(PHP 4 >= 4.0.4, PHP 5, PHP 7)
openssl_verify - 验证签名
描述
int openssl_verify ( string $data , string $signature , mixed $pub_key_id [, mixed $signature_alg = OPENSSL_ALGO_SHA1 ] )
openssl_verify()使用与pub_key_id关联的公钥验证signature是否符合特定的data。这必须是与用于签名的私钥相对应的公钥。
参数
data
用于先前生成签名的数据字符串
signature
由openssl_sign()或类似方法生成的原始二进制字符串
pub_key_id
资源 - 由openssl_get_publickey()返回的密钥
字符串 - PEM格式化密钥,例如“----- BEGIN PUBLIC KEY ----- MIIBCgK ...”
signature_alg
int - 这些签名算法之一。
字符串 - 由openssl_get_md_methods()示例,“sha1WithRSAEncryption”或“sha512”返回的有效字符串。
返回值
如果签名正确则返回1,如果不正确则返回0,错误时返回-1。
Changelog
| 版本 | 描述 |
|---|---|
| 5.2.0 | signature_alg参数已添加。 |
示例
Example #1 openssl_verify() example
<?php
// $data and $signature are assumed to contain the data and the signature
// fetch public key from certificate and ready it
$pubkeyid = openssl_pkey_get_public("file://src/openssl-0.9.6/demos/sign/cert.pem"
// state whether signature is okay or not
$ok = openssl_verify($data, $signature, $pubkeyid
if ($ok == 1) {
echo "good";
} elseif ($ok == 0) {
echo "bad";
} else {
echo "ugly, error checking signature";
}
// free the key from memory
openssl_free_key($pubkeyid
?>
Example #2 openssl_verify() example
<?php
//data you want to sign
$data = 'my data';
//create new private and public key
$private_key_res = openssl_pkey_new(array(
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
)
$details = openssl_pkey_get_details($private_key_res
$public_key_res = openssl_pkey_get_public($details['key']
//create signature
openssl_sign($data, $signature, $private_key_res, "sha1WithRSAEncryption"
//verify signature
$ok = openssl_verify($data, $signature, $public_key_res, OPENSSL_ALGO_SHA1
if ($ok == 1) {
echo "valid";
} elseif ($ok == 0) {
echo "invalid";
} else {
echo "error: ".openssl_error_string(
}
?>
另请参阅
- openssl_sign() - 生成签名
← openssl_spki_verify
openssl_x509_check_private_key →
