mirror of
https://github.com/fofolee/uTools-Manuals.git
synced 2025-06-18 05:26:57 +08:00
171 lines
12 KiB
HTML
171 lines
12 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
|
|
<title>验证签名</title>
|
|
</head>
|
|
<body class="docs"><div id="layout">
|
|
<div id="layout-content"><div id="function.openssl-verify" class="refentry">
|
|
<div class="refnamediv">
|
|
<h1 class="refname">openssl_verify</h1>
|
|
<p class="verinfo">(PHP 4 >= 4.0.4, PHP 5, PHP 7)</p><p class="refpurpose"><span class="refname">openssl_verify</span> — <span class="dc-title">验证签名</span></p>
|
|
|
|
</div>
|
|
|
|
<div class="refsect1 description" id="refsect1-function.openssl-verify-description">
|
|
<h3 class="title">说明</h3>
|
|
<div class="methodsynopsis dc-description">
|
|
<span class="methodname"><strong>openssl_verify</strong></span>
|
|
( <span class="methodparam"><span class="type">string</span> <code class="parameter">$data</code></span>
|
|
, <span class="methodparam"><span class="type">string</span> <code class="parameter">$signature</code></span>
|
|
, <span class="methodparam"><span class="type"><a href="language.pseudo-types.html#language.types.mixed" class="type mixed">mixed</a></span> <code class="parameter">$pub_key_id</code></span>
|
|
[, <span class="methodparam"><span class="type"><a href="language.pseudo-types.html#language.types.mixed" class="type mixed">mixed</a></span> <code class="parameter">$signature_alg</code><span class="initializer"> = OPENSSL_ALGO_SHA1</span></span>
|
|
] ) : <span class="type">int</span></div>
|
|
|
|
<p class="para rdfs-comment">
|
|
<span class="function"><strong>openssl_verify()</strong></span> 使用与<code class="parameter">pub_key_id</code>关联的公钥验证指定数据<code class="parameter">data</code>的签名<code class="parameter">signature</code>是否正确。这必须是与用于签名的私钥相对应的公钥。
|
|
</p>
|
|
</div>
|
|
|
|
|
|
<div class="refsect1 parameters" id="refsect1-function.openssl-verify-parameters">
|
|
<h3 class="title">参数</h3>
|
|
<p class="para">
|
|
<dl>
|
|
|
|
|
|
<dt>
|
|
<code class="parameter">data</code></dt>
|
|
|
|
<dd>
|
|
|
|
<p class="para">
|
|
以前用来生成签名的数据字符串。
|
|
</p>
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>
|
|
<code class="parameter">signature</code></dt>
|
|
|
|
<dd>
|
|
|
|
<p class="para">
|
|
原始二进制字符串,通过<span class="function"><a href="openssl_sign.html" class="function">openssl_sign()</a></span>或类似的函数生成。
|
|
</p>
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>
|
|
<code class="parameter">pub_key_id</code></dt>
|
|
|
|
<dd>
|
|
|
|
<p class="para">
|
|
<span class="type"><a href="language.types.resource.html" class="type resource">resource</a></span> _ 一个密钥, 通过 <span class="function"><a href="openssl_get_publickey.html" class="function">openssl_get_publickey()</a></span> 函数返回。
|
|
</p>
|
|
<p class="para">
|
|
<span class="type"><a href="language.types.string.html" class="type string">string</a></span> - 一个 PEM 格式的密钥, 比如, "-----BEGIN PUBLIC KEY-----
|
|
MIIBCgK..."
|
|
</p>
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>
|
|
<code class="parameter">signature_alg</code></dt>
|
|
|
|
<dd>
|
|
|
|
<p class="para">
|
|
<span class="type"><a href="language.types.integer.html" class="type int">int</a></span> _ 以下签名算法之一<a href="openssl.signature_algos.html" class="link">Signature Algorithms</a>.
|
|
</p>
|
|
<p class="para">
|
|
<span class="type"><a href="language.types.string.html" class="type string">string</a></span> _ 由<span class="function"><a href="openssl_get_md_methods.html" class="function">openssl_get_md_methods()</a></span>函数返回的可用字符串,比如, "sha1WithRSAEncryption" 或者 "sha512".
|
|
</p>
|
|
</dd>
|
|
|
|
|
|
</dl>
|
|
|
|
</p>
|
|
</div>
|
|
|
|
|
|
<div class="refsect1 returnvalues" id="refsect1-function.openssl-verify-returnvalues">
|
|
<h3 class="title">返回值</h3>
|
|
<p class="para">
|
|
如果签名正确返回 1, 签名错误返回 0, 内部发生错误则返回-1.
|
|
</p>
|
|
</div>
|
|
|
|
|
|
<div class="refsect1 changelog" id="refsect1-function.openssl-verify-changelog">
|
|
<h3 class="title">更新日志</h3>
|
|
<p class="para">
|
|
<table class="doctable informaltable">
|
|
|
|
<thead>
|
|
<tr>
|
|
<th>版本</th>
|
|
<th>说明</th>
|
|
</tr>
|
|
|
|
</thead>
|
|
|
|
<tbody class="tbody">
|
|
<tr>
|
|
<td>5.2.0</td>
|
|
<td>
|
|
添加了 <code class="parameter">signature_alg</code> 参数。
|
|
</td>
|
|
</tr>
|
|
|
|
</tbody>
|
|
|
|
</table>
|
|
|
|
</p>
|
|
</div>
|
|
|
|
|
|
<div class="refsect1 examples" id="refsect1-function.openssl-verify-examples">
|
|
<h3 class="title">范例</h3>
|
|
<p class="para">
|
|
<div class="example" id="example-954">
|
|
<p><strong>Example #1 <span class="function"><strong>openssl_verify()</strong></span> 范例:</strong></p>
|
|
<div class="example-contents">
|
|
<div class="phpcode"><pre><span style="color: #000000">
|
|
<span style="color: #0000BB"><?php<br /></span><span style="color: #FF8000">// $data and $signature are assumed to contain the data and the signature<br /><br />// fetch public key from certificate and ready it<br /></span><span style="color: #0000BB">$pubkeyid </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_pkey_get_public</span><span style="color: #007700">(</span><span style="color: #DD0000">"file://src/openssl-0.9.6/demos/sign/cert.pem"</span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">// state whether signature is okay or not<br /></span><span style="color: #0000BB">$ok </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_verify</span><span style="color: #007700">(</span><span style="color: #0000BB">$data</span><span style="color: #007700">, </span><span style="color: #0000BB">$signature</span><span style="color: #007700">, </span><span style="color: #0000BB">$pubkeyid</span><span style="color: #007700">);<br />if (</span><span style="color: #0000BB">$ok </span><span style="color: #007700">== </span><span style="color: #0000BB">1</span><span style="color: #007700">) {<br /> echo </span><span style="color: #DD0000">"good"</span><span style="color: #007700">;<br />} elseif (</span><span style="color: #0000BB">$ok </span><span style="color: #007700">== </span><span style="color: #0000BB">0</span><span style="color: #007700">) {<br /> echo </span><span style="color: #DD0000">"bad"</span><span style="color: #007700">;<br />} else {<br /> echo </span><span style="color: #DD0000">"ugly, error checking signature"</span><span style="color: #007700">;<br />}<br /></span><span style="color: #FF8000">// free the key from memory<br /></span><span style="color: #0000BB">openssl_free_key</span><span style="color: #007700">(</span><span style="color: #0000BB">$pubkeyid</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">?></span>
|
|
</span>
|
|
</pre></div>
|
|
</div>
|
|
|
|
</div>
|
|
<div class="example" id="example-955">
|
|
<p><strong>Example #2 <span class="function"><strong>openssl_verify()</strong></span> 范例:</strong></p>
|
|
<div class="example-contents">
|
|
<div class="phpcode"><pre><span style="color: #000000">
|
|
<span style="color: #0000BB"><?php<br /></span><span style="color: #FF8000">//data you want to sign<br /></span><span style="color: #0000BB">$data </span><span style="color: #007700">= </span><span style="color: #DD0000">'my data'</span><span style="color: #007700">;<br /><br /></span><span style="color: #FF8000">//create new private and public key<br /></span><span style="color: #0000BB">$private_key_res </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_pkey_new</span><span style="color: #007700">(array(<br /> </span><span style="color: #DD0000">"private_key_bits" </span><span style="color: #007700">=> </span><span style="color: #0000BB">2048</span><span style="color: #007700">,<br /> </span><span style="color: #DD0000">"private_key_type" </span><span style="color: #007700">=> </span><span style="color: #0000BB">OPENSSL_KEYTYPE_RSA</span><span style="color: #007700">,<br />));<br /></span><span style="color: #0000BB">$details </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_pkey_get_details</span><span style="color: #007700">(</span><span style="color: #0000BB">$private_key_res</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$public_key_res </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_pkey_get_public</span><span style="color: #007700">(</span><span style="color: #0000BB">$details</span><span style="color: #007700">[</span><span style="color: #DD0000">'key'</span><span style="color: #007700">]);<br /><br /></span><span style="color: #FF8000">//create signature<br /></span><span style="color: #0000BB">openssl_sign</span><span style="color: #007700">(</span><span style="color: #0000BB">$data</span><span style="color: #007700">, </span><span style="color: #0000BB">$signature</span><span style="color: #007700">, </span><span style="color: #0000BB">$private_key_res</span><span style="color: #007700">, </span><span style="color: #DD0000">"sha1WithRSAEncryption"</span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">//verify signature<br /></span><span style="color: #0000BB">$ok </span><span style="color: #007700">= </span><span style="color: #0000BB">openssl_verify</span><span style="color: #007700">(</span><span style="color: #0000BB">$data</span><span style="color: #007700">, </span><span style="color: #0000BB">$signature</span><span style="color: #007700">, </span><span style="color: #0000BB">$public_key_res</span><span style="color: #007700">, </span><span style="color: #0000BB">OPENSSL_ALGO_SHA1</span><span style="color: #007700">);<br />if (</span><span style="color: #0000BB">$ok </span><span style="color: #007700">== </span><span style="color: #0000BB">1</span><span style="color: #007700">) {<br /> echo </span><span style="color: #DD0000">"valid"</span><span style="color: #007700">;<br />} elseif (</span><span style="color: #0000BB">$ok </span><span style="color: #007700">== </span><span style="color: #0000BB">0</span><span style="color: #007700">) {<br /> echo </span><span style="color: #DD0000">"invalid"</span><span style="color: #007700">;<br />} else {<br /> echo </span><span style="color: #DD0000">"error: "</span><span style="color: #007700">.</span><span style="color: #0000BB">openssl_error_string</span><span style="color: #007700">();<br />}<br /></span><span style="color: #0000BB">?></span>
|
|
</span>
|
|
</pre></div>
|
|
</div>
|
|
|
|
</div>
|
|
</p>
|
|
</div>
|
|
|
|
|
|
<div class="refsect1 seealso" id="refsect1-function.openssl-verify-seealso">
|
|
<h3 class="title">参见</h3>
|
|
<p class="para">
|
|
<ul class="simplelist">
|
|
<li class="member"><span class="function"><a href="openssl_sign.html" class="function" rel="rdfs-seeAlso">openssl_sign()</a> - Generate signature</span></li>
|
|
</ul>
|
|
</p>
|
|
</div>
|
|
|
|
|
|
</div></div></div></body></html> |