Geek asks and answers

Use the PHP openssl_verify () function to verify the Signature and data generated by the Android Client APP application

I read the post about openssl_verify()

I would like to ask a few questions related to openssl_verify().

Since my PHP code cannot verify the signature created with Java ...

For the server, here is my PHP code

<?php
$data =$_POST['data'];
$signature=$_POST['sig'];
$pub_key=$_POST['pubkey'];

function print_input()
{
    global $data;
    global $signature;
    global $pub_key;
////////////////////////////////////////////////////////////////
// I output the public key to file, and check it to make sure they
// are in correct pem format.
///////////////////////////////////////////////////////////////
$f=fopen("./Personnel_Pubkey/pubkey.pem", "w");
fwrite($f,"$pub_key");
fclose($f);
$key = openssl_pkey_get_public ("./Personnel_Pubkey/pubkey.pem");

// doesn't work if you use PEM format public key, only works with X.509 format
// certificate, and cert and private key in PEM format.
$result=openssl_public_decrypt ( $signature, $data, $key);

////////////////////////////////////////////////////////////////
$sig=base64_decode($signature);

// for some reason, the value of $ok is always 0
$ok = openssl_verify($data, $sig, $key);

if ($ok == 1) {
    echo "good";
} 
elseif ($ok == 0) {
    echo "bad";} 
else {
    echo "ugly, error checking signature";
    }
}

print_input();

?>

For the Android APP client application, the relevant part of the code is given here:

// create public key and private key pair
keyGen = KeyPairGenerator.getInstance("DSA");
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
keyGen.initialize(1024, random);

// Generate the Pair of Keys The final step is to generate the key pair 
// and to store the keys in PrivateKey  and PublicKey objects.
pair = keyGen.generateKeyPair();
priv = pair.getPrivate();
pub = pair.getPublic();

// Change to PEM format from original openssl format    
stringWriter = new StringWriter();
PEMWriter pemWriter = new PEMWriter(stringWriter);  
pemWriter.writeObject( pair.getPublic());
pemWriter.close();

// initialize  the signature
sig = Signature.getInstance("SHA1withDSA"); 
sig.initSign(priv);

// this is the original data     
String msg = "original msg";


OriginalMsgByteArray = msg.getBytes();

// put original data to signature
sig.update(OriginalMsgByteArray);

// sign the data, and get the byte array of signature 
byte[] realSig = sig.sign();

// change the binary to base64 format
signatureB = new String(Base64.encode(realSig));

In principle, I load msg, signatureBand stringWriter.toString()these 3 parameters in PHP server, but it looks like it does not work ... here is my content PEM file:

-----BEGIN PUBLIC KEY-----
MIIBtzCCASsGByqGSM44BAEwggEeAoGBAJ6ZIDqo1sh4pVzK8kUUA8SPxWva3sVH
hrK0D86q+xpD11qhzlw28vLnZNLSq7MaPyUNKRLZL2D3x/e4fkILf7IBh6BdfOlo
dI3CtAQ5Xqfw0aU8UZ35H8HlkrvrTu3qw/Ilb9wcc8Ag9C73TzuG6URK65fgvPK2
oN9MdDlVJztNAhUAkI2VBs/8eHWoG7RBCyTqyVyCwXMCgYBFj9BXduZIhDBGkoub
bLwGWI6zkmC8Xel1jsRFFaRtPVS08li+SQ/XSzekidY6NP3lmYwj/kC9biG9x3mW
c5hELzOVGvLM94y1KksGC+v89M99Tlrx4zVqpajRCFDyPzJQWB/HO493q6J4HwmP
1/ihdtk5THRGmPkx2uSgLKWlJAOBhQACgYEAirx5dLO2EG71ZFnUQ7FtU8FCVOYW
VgZRP9SLqH8Ig5nnwmg5XFSpngzNvQ8FcWRKZkKFxYoo2j7lmQN9gl5O5cKPtuqj
KecFAJA4/0y3jPzM/+1dTizM6n3WLReH2xlS6OOY5EZQmpWB//qepgTT9GUGPyOL
ampB86OjNSicv0Y=
-----END PUBLIC KEY-----
+4
source share
2 answers

I see several potential problems in the code above.

-, PHP, openssl_get_publickey X509 . .

-, fread , openssl_get_publickey. . :

$fp = fopen("./cert.pem", "r");
$cert = fread($fp, 8192);
fclose($fp);
$key = openssl_get_publickey($cert);

-, $bsig -.

+1

, , . , , fooobar.com/questions/1098498/.... RSA algo, APP php. , - , .

0

More articles:


All Articles