openssl_sign(): supplied key param cannot be coerced into a private key

简介: PHP RSA 报错 openssl_sign(): supplied key param cannot be coerced into a private key 原因: 本地测试正常,服务器报错 使用测试数据和测试秘钥,本地和服务器都正常 这种情况说明与PHP和OPENSSL版本无关(已经重新编译过PHP和OPENSSL,浪费好多时间) 解决方式: http:

PHP RSA 报错
openssl_sign(): supplied key param cannot be coerced into a private key
原因:
本地测试正常,服务器报错
使用测试数据和测试秘钥,本地和服务器都正常
这种情况说明与PHP和OPENSSL版本无关(已经重新编译过PHP和OPENSSL,浪费好多时间)
解决方式:
http://www.itguai.com/php/a5246028.html
看了这篇文章,终于找到解决方式了,
RSA 的秘钥一般都有固定换行格式,是不是这种情况导致的呢
按照此格式试试,问题竟然顺利解决

私钥

$str='你的私钥(改成一行)';
$str        = chunk_split($str, 64, "\n");
        $key = "-----BEGIN RSA PRIVATE KEY-----\n$str-----END RSA PRIVATE KEY-----\n";
        $signature = '';
        if (openssl_sign($data, $signature, $key, OPENSSL_ALGO_MD5)) {
            echo base64_encode($signature);
        }

公钥

$data='内容';
$str='你的公钥(改成一行)';
$str               = chunk_split($str, 64, "\n");
        $key = "-----BEGIN PUBLIC KEY-----\n$str-----END PUBLIC KEY-----\n";
        $signature = "";
        if (openssl_verify(base64_decode($data), $signature, $key, OPENSSL_ALGO_MD5) == 1) {
            echo $signature;
        }

案例:
http://php.net/manual/en/function.openssl-sign.php 官方案例 改造了一下
官方的公钥私钥格式太标准,所以要改造一下。
因为我们拿到的公钥私钥有可能就是一行的

$data = "Beeeeer is really good.. hic...";
$private_key = <<<EOD
-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6zxqlVzz0wy2j4kQVUC4Z
RZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQJAL151ZeMKHEU2c1qdRKS9
sTxCcc2pVwoAGVzRccNX16tfmCf8FjxuM3WmLdsPxYoHrwb1LFNxiNk1MXrxjH3R
6QIhAPB7edmcjH4bhMaJBztcbNE1VRCEi/bisAwiPPMq9/2nAiEA3lyc5+f6DEIJ
h1y6BWkdVULDSM+jpi1XiV/DevxuijMCIQCAEPGqHsF+4v7Jj+3HAgh9PU6otj2n
Y79nJtCYmvhoHwIgNDePaS4inApN7omp7WdXyhPZhBmulnGDYvEoGJN66d0CIHra
I2SvDkQ5CmrzkW5qPaE2oO7BSqAhRZxiYpZFb5CI
-----END RSA PRIVATE KEY-----
EOD;
$public_key = <<<EOD
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6
zxqlVzz0wy2j4kQVUC4ZRZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQ==
-----END PUBLIC KEY-----
EOD;
////////////////////////////////
/////////////////////////////////
//上面是官方的  改造一下
///
//例如我们拿到的公钥私钥是一行的
//私钥
$str='MIIBOgIBAAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6zxqlVzz0wy2j4kQVUC4ZRZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQJAL151ZeMKHEU2c1qdRKS9sTxCcc2pVwoAGVzRccNX16tfmCf8FjxuM3WmLdsPxYoHrwb1LFNxiNk1MXrxjH3R6QIhAPB7edmcjH4bhMaJBztcbNE1VRCEi/bisAwiPPMq9/2nAiEA3lyc5+f6DEIJh1y6BWkdVULDSM+jpi1XiV/DevxuijMCIQCAEPGqHsF+4v7Jj+3HAgh9PU6otj2nY79nJtCYmvhoHwIgNDePaS4inApN7omp7WdXyhPZhBmulnGDYvEoGJN66d0CIHraI2SvDkQ5CmrzkW5qPaE2oO7BSqAhRZxiYpZFb5CI';
$str        = chunk_split($str, 64, "\n");
$private_key = "-----BEGIN RSA PRIVATE KEY-----\n$str-----END RSA PRIVATE KEY-----\n";

//公钥
$str='MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6zxqlVzz0wy2j4kQVUC4ZRZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQ==';
$str               = chunk_split($str, 64, "\n");
        $public_key = "-----BEGIN PUBLIC KEY-----\n$str-----END PUBLIC KEY-----\n";

$binary_signature = "";

openssl_sign($data, $binary_signature, $private_key, OPENSSL_ALGO_SHA1);

// Check signature
$ok = openssl_verify($data, $binary_signature, $public_key, OPENSSL_ALGO_SHA1);
echo "check #1: ";
if ($ok == 1) {
    echo "signature ok (as it should be)\n";
} elseif ($ok == 0) {
    echo "bad (there's something wrong)\n";
} else {
    echo "ugly, error checking signature\n";
}

$ok = openssl_verify('tampered'.$data, $binary_signature, $public_key, OPENSSL_ALGO_SHA1);
echo "check #2: ";
if ($ok == 1) {
    echo "ERROR: Data has been tampered, but signature is still valid! Argh!\n";
} elseif ($ok == 0) {
    echo "bad signature (as it should be, since data has beent tampered)\n";
} else {
    echo "ugly, error checking signature\n";
}
目录
相关文章
|
5月前
|
JavaScript 索引
v-for中key左右
v-for中key左右
29 1
|
算法 JavaScript 前端开发
/usr/include/openssl/des.h:91:9: error: unknown type name ‘DES_LONG’ DES_LONG deslong[2];
/usr/include/openssl/des.h:91:9: error: unknown type name ‘DES_LONG’ DES_LONG deslong[2];
128 0
|
数据库
查看key
查看key
126 0
|
开发工具
openssl_sign(): supplied key param cannot be coerced into a private key
一、php如果不使用支付宝sdk使用原生签名方法如上错误报错 需要对私钥进行处理具体请参考这个贴: php原生签名:https://openclub.alipay.com/read.php?tid=1203&fid=2  二、如果是使用的支付宝的SDK出现这个错误一般是传入的秘钥格式有问题导致,建...
1186 0