Detailed explanation of php generating signature and verifying signature

This article mainly introduces the relevant information about php generating signatures and verifying signatures in detail. Friends who need it can refer to

php generating signatures and verifying signatures

<?php
 　/**
   * 根据原文生成签名内容
   *
   * @param string $data 原文内容
   *
   * @return string
   * @author confu
   */
  function sign($data)
  {
    $filePath = &#39;test.p12&#39;;
    if(!file_exists($filePath)) {
      return false;
    }
 
    $pkcs12 = file_get_contents($filePath);
    if (openssl_pkcs12_read($pkcs12, $certs, &#39;读取证书所需要的密码&#39;)) {
      $privateKey = $certs[&#39;pkey&#39;]; //根据实际情况键值可能不同
      $publicKey = $certs[&#39;cert&#39;];　//根据实际情况键值可能不同
      $binary_signature = "";
      if (openssl_sign($data, $binarySignature, $privateKey, OPENSSL_ALGO_SHA1)) {
        return $binarySignature;
      } else {
        return &#39;&#39;;
      }
    } else {
      return &#39;&#39;;
    }
  }
 
  /**
   * 验证签名自己生成的是否正确
   *
   * @param string $data 签名的原文
   * @param string $signature 签名
   *
   * @return bool
   * @author confu
   */
  function verifySign($data, $signature)
  {
    $filePath = &#39;test.p12&#39;;
    if(!file_exists($filePath)) {
      return false;
    }
 
    $pkcs12 = file_get_contents($filePath);
    if (openssl_pkcs12_read($pkcs12, $certs, &#39;读取证书所需要的密码&#39;)) {
      $publicKey = $certs[&#39;cert&#39;];
      $ok = openssl_verify($data, $signature, $publicKey);
      if ($ok == 1) {
        return true;
      }
    }
    return false;
  }
 
  /**
   * 验证返回的签名是否正确
   *
   * @param string $data　要验证的签名原文
   * @param string $signature 签名内容
   *
   * @return bool
   * @author confu
   */
  function verifyRespondSign($data, $signature)
  {
    $filePath = &#39;allinpay-pds.pem&#39;;
    if(!file_exists($filePath)) {
      return false;
    }
 
    $fp = fopen($filePath, "r");
    $cert = fread($fp, 8192);
    fclose($fp);
    $pubkeyid = openssl_get_publickey($cert);
 
    if(!is_resource($pubkeyid)) {
      return false;
    }
 
    $ok = openssl_verify($data, $signature, $pubkeyid);
    if ($ok == 1) {
      openssl_free_key($pubkeyid);
      return true;
    }
    return false;
  }
?>

openssl_sign The default signature_alg parameter is OPENSSL_ALGO_SHA1

If you use DSA encryption, you need to use the OPENSSL_ALGO_DSS1 parameter

　signature_alg Other parameters

　OPENSSL_ALGO_DSS1 (integer)

　OPENSSL_ALGO_SHA1 (integer)

　OPENSSL_ALGO_SHA224 (integer)

　OPENSSL_ALGO_SHA256 (integer)

OPENSSL_ALGO_SHA384 (integer)

OPENSSL_ALGO_SHA512 (integer)

OPENSSL_ALGO_RMD160 (integer)

OPENSSL_ALGO_MD5 (integer)

OPENSSL_ALGO_MD4 (integer)

　OPENSSL_ALGO_MD2 (integer)

The above is the entire content of this article, I hope it will be helpful to everyone's study.

Related recommendations:

Detailed explanation of how PHP collects emails based on IMAP

PHP implements file lock and process lock

Detailed explanation of how to change hosts file in PHP

The above is the detailed content of Detailed explanation of php generating signature and verifying signature. For more information, please follow other related articles on the PHP Chinese website!