提供的密钥参数无法通过Google API强制转换为私钥 [英] Supplied key param cannot be coerced into a private key with Google APIs
问题描述
I'm trying to test this example that I found here so that I can do a direct upload on the client side without having the user login using Google Cloud Storage.
所有表示的常量都具有正确的值,并且路径正确且内容不为空.
All of the constants expressed have their correct values, and the path is correct and does not have an empty contents.
我得到的错误:
openssl_sign(): supplied key param cannot be coerced into a private key
我实现的功能是:
public static function storageURL( $id, $method = 'GET', $duration = 10 ) {
$key = file_get_contents(self::KEY_FILE);
$pkey = openssl_get_privatekey($key, 'notasecret');
$expires = time( ) + $duration;
$content_type = ($method == 'PUT') ? 'application/x-www-form-urlencoded' : '';
$to_sign = ($method . "\n" .
/* Content-MD5 */ "\n" .
$content_type . "\n" .
$expires . "\n" .
'/'.self::BUCKET_NAME.'/' . $id);
$signature = '*Signature will go here*';
if (!openssl_sign( $to_sign, $signature, $pkey, 'sha256' ))
{
error_log( 'openssl_sign failed!' );
$signature = '<failed>';
} else {
$signature = urlencode( base64_encode( $signature ) );
}
return ('https://'.self::BUCKET_NAME.'.commondatastorage.googleapis.com/' .
$id .
'?GoogleAccessId=' . self::SERVICE_ACCOUNT_NAME .
'&Expires=' . $expires . '&Signature=' . $signature);
}
推荐答案
首先,您需要使用openssl_pkcs12_read而不是file_get_contents来读取密钥文件.其次,我相信您想将第二个参数留给openssl_get_privatekey.
First, you need to use openssl_pkcs12_read to read the key file, not file_get_contents. Second, I believe you want to leave off the second parameter to openssl_get_privatekey.
我强烈建议您使用 google-api-php-client 为此,它具有 Google_P12Signer.php
I highly recommend you use google-api-php-client for this, which has Google_P12Signer.php
这篇关于提供的密钥参数无法通过Google API强制转换为私钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
