openssl_sign(): supplied key param cannot be coerced into a private key

PHP RSA 报错
openssl_sign(): supplied key param cannot be coerced into a private key
原因:
本地测试正常,服务器报错
使用测试数据和测试秘钥,本地和服务器都正常
这种情况说明与PHP和OPENSSL版本无关(已经重新编译过PHP和OPENSSL,浪费好多时间)
解决方式:
http://www.itguai.com/php/a5246028.html
看了这篇文章,终于找到解决方式了,
RSA 的秘钥一般都有固定换行格式,是不是这种情况导致的呢
按照此格式试试,问题竟然顺利解决

私钥

$str='你的私钥(改成一行)';
$str        = chunk_split($str, 64, "\n");
        $key = "-----BEGIN RSA PRIVATE KEY-----\n$str-----END RSA PRIVATE KEY-----\n";
        $signature = '';
        if (openssl_sign($data, $signature, $key, OPENSSL_ALGO_MD5)) {
            echo base64_encode($signature);
        }

公钥

$data='内容';
$str='你的公钥(改成一行)';
$str               = chunk_split($str, 64, "\n");
        $key = "-----BEGIN PUBLIC KEY-----\n$str-----END PUBLIC KEY-----\n";
        $signature = "";
        if (openssl_verify(base64_decode($data), $signature, $key, OPENSSL_ALGO_MD5) == 1) {
            echo $signature;
        }

案例:
http://php.net/manual/en/function.openssl-sign.php 官方案例 改造了一下
官方的公钥私钥格式太标准,所以要改造一下。
因为我们拿到的公钥私钥有可能就是一行的

$data = "Beeeeer is really good.. hic...";
$private_key = <<<EOD
-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6zxqlVzz0wy2j4kQVUC4Z
RZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQJAL151ZeMKHEU2c1qdRKS9
sTxCcc2pVwoAGVzRccNX16tfmCf8FjxuM3WmLdsPxYoHrwb1LFNxiNk1MXrxjH3R
6QIhAPB7edmcjH4bhMaJBztcbNE1VRCEi/bisAwiPPMq9/2nAiEA3lyc5+f6DEIJ
h1y6BWkdVULDSM+jpi1XiV/DevxuijMCIQCAEPGqHsF+4v7Jj+3HAgh9PU6otj2n
Y79nJtCYmvhoHwIgNDePaS4inApN7omp7WdXyhPZhBmulnGDYvEoGJN66d0CIHra
I2SvDkQ5CmrzkW5qPaE2oO7BSqAhRZxiYpZFb5CI
-----END RSA PRIVATE KEY-----
EOD;
$public_key = <<<EOD
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6
zxqlVzz0wy2j4kQVUC4ZRZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQ==
-----END PUBLIC KEY-----
EOD;
////////////////////////////////
/////////////////////////////////
//上面是官方的  改造一下
///
//例如我们拿到的公钥私钥是一行的
//私钥
$str='MIIBOgIBAAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6zxqlVzz0wy2j4kQVUC4ZRZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQJAL151ZeMKHEU2c1qdRKS9sTxCcc2pVwoAGVzRccNX16tfmCf8FjxuM3WmLdsPxYoHrwb1LFNxiNk1MXrxjH3R6QIhAPB7edmcjH4bhMaJBztcbNE1VRCEi/bisAwiPPMq9/2nAiEA3lyc5+f6DEIJh1y6BWkdVULDSM+jpi1XiV/DevxuijMCIQCAEPGqHsF+4v7Jj+3HAgh9PU6otj2nY79nJtCYmvhoHwIgNDePaS4inApN7omp7WdXyhPZhBmulnGDYvEoGJN66d0CIHraI2SvDkQ5CmrzkW5qPaE2oO7BSqAhRZxiYpZFb5CI';
$str        = chunk_split($str, 64, "\n");
$private_key = "-----BEGIN RSA PRIVATE KEY-----\n$str-----END RSA PRIVATE KEY-----\n";

//公钥
$str='MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6zxqlVzz0wy2j4kQVUC4ZRZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQ==';
$str               = chunk_split($str, 64, "\n");
        $public_key = "-----BEGIN PUBLIC KEY-----\n$str-----END PUBLIC KEY-----\n";

$binary_signature = "";

openssl_sign($data, $binary_signature, $private_key, OPENSSL_ALGO_SHA1);

// Check signature
$ok = openssl_verify($data, $binary_signature, $public_key, OPENSSL_ALGO_SHA1);
echo "check #1: ";
if ($ok == 1) {
    echo "signature ok (as it should be)\n";
} elseif ($ok == 0) {
    echo "bad (there's something wrong)\n";
} else {
    echo "ugly, error checking signature\n";
}

$ok = openssl_verify('tampered'.$data, $binary_signature, $public_key, OPENSSL_ALGO_SHA1);
echo "check #2: ";
if ($ok == 1) {
    echo "ERROR: Data has been tampered, but signature is still valid! Argh!\n";
} elseif ($ok == 0) {
    echo "bad signature (as it should be, since data has beent tampered)\n";
} else {
    echo "ugly, error checking signature\n";
}
时间: 2024-08-04 14:42:34

openssl_sign(): supplied key param cannot be coerced into a private key的相关文章

关于secuCRT使用EC2的private key的解决办法(英文)

Unfortunately, there's not an easy way to import one of these keys for use with SecureCRT at the moment. I'll add a feature request for the capability of easily importing such keys for use with SecureCRT, but in the meantime, you might be interested

ios 可变字典存放数组的时候,会把所有的key的value都替换成目前的key所对应的值

问题描述 ios 可变字典存放数组的时候,会把所有的key的value都替换成目前的key所对应的值 请问是什么原因? 我打个比方 可变数组 mDiC,它里面为key1=1,key2=2. 当我setobject for key---> key3=3: 他就把可变字典mDic里面的values全部替换成3. 也就是 mDic里面:key1=3,key2=3,key3=3 解决方案 所有的value是不是同一个变量 解决方案二: 感觉是底层指向同一个地址的数据,然后修改了所指向的地址的数据导致的?

如何让OpenSSL得到JKS格式的keystore中的public and private key

国内私募机构九鼎控股打造APP,来就送 20元现金领取地址:http://jdb.jiudingcapital.com/phone.html内部邀请码:C8E245J (不写邀请码,没有现金送)国内私募机构九鼎控股打造,九鼎投资是在全国股份转让系统挂牌的公众公司,股票代码为430719,为"中国PE第一股",市值超1000亿元.  -------------------------------------------------------- 从一个JKS的keystore中导出pub

java 比较Map里每个key的value,獲取相同value的key

问题描述 例如有一條HashMap = {a=1,b=2,c=1}我想獲取相同value的key,也就是a和c有啥辦法?麻煩大家~ 问题补充:OpenMind 写道 解决方案 你看一下这个import java.util.ArrayList;import java.util.HashMap;import java.util.Iterator;import java.util.List;import java.util.Map;public class MapTest {public static

9.2. Private key generation

原文出处:Netkiller 系列 手札 本文作者:陈景峯 转载请与作者联系,同时请务必标明文章原始出处和作者信息及本声明.

Java Secure Socket Extension (JSSE) Reference Guide

Skip to Content Oracle Technology Network Software Downloads Documentation Search Java Secure Socket Extension (JSSE) Reference Guide This guide covers the following topics: Skip Navigation Links Introduction Features and Benefits JSSE Standard API S

采用Cipher DES针对文件加密、解密

由于经常用一些加密或者解密文件的,所以写了一个简单的采用Cipher DES针对文件加密.解密的工具类,记录一下,防止以后忘记了! import java.io.BufferedReader; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.InputStream; import java.io.InputStreamReader; import java.io.OutputStrea

常用的读写ini文件的类

using System;using System.IO;using System.Runtime.InteropServices;using System.Text;using Microsoft.Win32; namespace Wjb.ReadOrWriteIniAndReg{ /// <summary> /// RWIni 的摘要说明. /// 读写ini文件类 /// 类库开发:吴剑冰 /// 时间:2003年10月20日 /// 功能:读写INI文件 /// </summar

使用openssl实现rsa非对称加密算法示例

 这篇文章主要介绍了使用openssl实现rsa非对称加密算法的示例,大家参考使用吧  代码如下: <?php /**  * 使用openssl实现非对称加密  * @since 2010-07-08  */ class Rsa {     /**      * private key      */         private $_privKey;           /**          * public key          */         private $_pubKe