PHP RSA 报错
openssl_sign(): supplied key param cannot be coerced into a private key
原因:
本地测试正常,服务器报错
使用测试数据和测试秘钥,本地和服务器都正常
这种情况说明与PHP和OPENSSL版本无关(已经重新编译过PHP和OPENSSL,浪费好多时间)
解决方式:
http://www.itguai.com/php/a5246028.html
看了这篇文章,终于找到解决方式了,
RSA 的秘钥一般都有固定换行格式,是不是这种情况导致的呢
按照此格式试试,问题竟然顺利解决
私钥
$str='你的私钥(改成一行)';
$str = chunk_split($str, 64, "\n");
$key = "-----BEGIN RSA PRIVATE KEY-----\n$str-----END RSA PRIVATE KEY-----\n";
$signature = '';
if (openssl_sign($data, $signature, $key, OPENSSL_ALGO_MD5)) {
echo base64_encode($signature);
}
公钥
$data='内容';
$str='你的公钥(改成一行)';
$str = chunk_split($str, 64, "\n");
$key = "-----BEGIN PUBLIC KEY-----\n$str-----END PUBLIC KEY-----\n";
$signature = "";
if (openssl_verify(base64_decode($data), $signature, $key, OPENSSL_ALGO_MD5) == 1) {
echo $signature;
}
案例:
http://php.net/manual/en/function.openssl-sign.php 官方案例 改造了一下
官方的公钥私钥格式太标准,所以要改造一下。
因为我们拿到的公钥私钥有可能就是一行的
$data = "Beeeeer is really good.. hic...";
$private_key = <<<EOD
-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6zxqlVzz0wy2j4kQVUC4Z
RZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQJAL151ZeMKHEU2c1qdRKS9
sTxCcc2pVwoAGVzRccNX16tfmCf8FjxuM3WmLdsPxYoHrwb1LFNxiNk1MXrxjH3R
6QIhAPB7edmcjH4bhMaJBztcbNE1VRCEi/bisAwiPPMq9/2nAiEA3lyc5+f6DEIJ
h1y6BWkdVULDSM+jpi1XiV/DevxuijMCIQCAEPGqHsF+4v7Jj+3HAgh9PU6otj2n
Y79nJtCYmvhoHwIgNDePaS4inApN7omp7WdXyhPZhBmulnGDYvEoGJN66d0CIHra
I2SvDkQ5CmrzkW5qPaE2oO7BSqAhRZxiYpZFb5CI
-----END RSA PRIVATE KEY-----
EOD;
$public_key = <<<EOD
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6
zxqlVzz0wy2j4kQVUC4ZRZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQ==
-----END PUBLIC KEY-----
EOD;
////////////////////////////////
/////////////////////////////////
//上面是官方的 改造一下
///
//例如我们拿到的公钥私钥是一行的
//私钥
$str='MIIBOgIBAAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6zxqlVzz0wy2j4kQVUC4ZRZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQJAL151ZeMKHEU2c1qdRKS9sTxCcc2pVwoAGVzRccNX16tfmCf8FjxuM3WmLdsPxYoHrwb1LFNxiNk1MXrxjH3R6QIhAPB7edmcjH4bhMaJBztcbNE1VRCEi/bisAwiPPMq9/2nAiEA3lyc5+f6DEIJh1y6BWkdVULDSM+jpi1XiV/DevxuijMCIQCAEPGqHsF+4v7Jj+3HAgh9PU6otj2nY79nJtCYmvhoHwIgNDePaS4inApN7omp7WdXyhPZhBmulnGDYvEoGJN66d0CIHraI2SvDkQ5CmrzkW5qPaE2oO7BSqAhRZxiYpZFb5CI';
$str = chunk_split($str, 64, "\n");
$private_key = "-----BEGIN RSA PRIVATE KEY-----\n$str-----END RSA PRIVATE KEY-----\n";
//公钥
$str='MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6zxqlVzz0wy2j4kQVUC4ZRZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQ==';
$str = chunk_split($str, 64, "\n");
$public_key = "-----BEGIN PUBLIC KEY-----\n$str-----END PUBLIC KEY-----\n";
$binary_signature = "";
openssl_sign($data, $binary_signature, $private_key, OPENSSL_ALGO_SHA1);
// Check signature
$ok = openssl_verify($data, $binary_signature, $public_key, OPENSSL_ALGO_SHA1);
echo "check #1: ";
if ($ok == 1) {
echo "signature ok (as it should be)\n";
} elseif ($ok == 0) {
echo "bad (there's something wrong)\n";
} else {
echo "ugly, error checking signature\n";
}
$ok = openssl_verify('tampered'.$data, $binary_signature, $public_key, OPENSSL_ALGO_SHA1);
echo "check #2: ";
if ($ok == 1) {
echo "ERROR: Data has been tampered, but signature is still valid! Argh!\n";
} elseif ($ok == 0) {
echo "bad signature (as it should be, since data has beent tampered)\n";
} else {
echo "ugly, error checking signature\n";
}