(PHP 4 >= 4.0.4, PHP 5, PHP 7)
openssl_verify — Verify signature
$data
, string $signature
, mixed $pub_key_id
[, mixed $signature_alg = OPENSSL_ALGO_SHA1
] )
openssl_verify() verifies that the
signature is correct for the specified
data using the public key associated with
pub_key_id. This must be the public key
corresponding to the private key used for signing.
dataThe string of data used to generate the signature previously
signatureA raw binary string, generated by openssl_sign() or similar means
pub_key_idresource - a key, returned by openssl_get_publickey()
string - a PEM formatted key, example, "-----BEGIN PUBLIC KEY----- MIIBCgK..."
signature_algint - one of these Signature Algorithms.
string - a valid string returned by openssl_get_md_methods() example, "sha1WithRSAEncryption" or "sha512".
Returns 1 if the signature is correct, 0 if it is incorrect, and -1 on error.
| 版本 | 说明 |
|---|---|
| 5.2.0 |
The signature_alg parameter was added.
|
Example #1 openssl_verify() example
<?php
// $data and $signature are assumed to contain the data and the signature
// fetch public key from certificate and ready it
$pubkeyid = openssl_pkey_get_public("file://src/openssl-0.9.6/demos/sign/cert.pem");
// state whether signature is okay or not
$ok = openssl_verify($data, $signature, $pubkeyid);
if ($ok == 1) {
echo "good";
} elseif ($ok == 0) {
echo "bad";
} else {
echo "ugly, error checking signature";
}
// free the key from memory
openssl_free_key($pubkeyid);
?>
Example #2 openssl_verify() example
<?php
//data you want to sign
$data = 'my data';
//create new private and public key
$private_key_res = openssl_pkey_new(array(
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
));
$details = openssl_pkey_get_details($private_key_res);
$public_key_res = openssl_pkey_get_public($details['key']);
//create signature
openssl_sign($data, $signature, $private_key_res, "sha1WithRSAEncryption");
//verify signature
$ok = openssl_verify($data, $signature, $public_key_res, OPENSSL_ALGO_SHA1);
if ($ok == 1) {
echo "valid";
} elseif ($ok == 0) {
echo "invalid";
} else {
echo "error: ".openssl_error_string();
}
?>