在ObjectiveC中签名字符串并在PHP中进行验证-不起作用 [英] Signing string in ObjectiveC and Verifying in PHP - Not working
问题描述
我正在ObjectiveC中签名一个字符串,并在PHP中验证生成的签名.
I am signing a string in ObjectiveC and verifying the generated signature in PHP.
让我说我在ObjectiveC中使用带有RSA_sign方法(OpenSSL Lib)的privateKey在字符串"b1be1970fa802f43cdfa382bb3f3a524590b2170"上签名.我得到了生成的签名
lets say I sign a string "b1be1970fa802f43cdfa382bb3f3a524590b2170" using my privateKey with RSA_sign method (OpenSSL Lib) in ObjectiveC. And I get generated signature
我使用带有opensl_verify方法的PublicKey在PHP中验证签名.
I verify the signature in PHP using PublicKey with openssl_verify method.
验证失败
任何想法可能有什么问题.
Any idea what might be wrong..
iOS代码:
NSString *handshakeChallengeStr = [NSString stringWithFormat:@"YjFiZTE5NzBmYTgwMmY0M2NkZmEzODJiYjNmM2E1MjQ1OTBiMjE3MA=="];
NSData *hcData = [NSData dataFromBase64String:handshakeChallengeStr];
const unsigned char *message = (const unsigned char *)[hcData bytes];
unsigned int message_length =strlen((const void *)message); //56
unsigned char *sig = NULL;
unsigned int sig_len = 0;
//Retriving PrivateKey
RSA *privKey = NULL;
EVP_PKEY *PrivateKey;
FILE *priv_key_file;
NSArray *paths = NSSearchPathForDirectoriesInDomains( NSDocumentDirectory, NSUserDomainMask, YES);
NSString *keyFilePath = [[paths objectAtIndex:0]stringByAppendingPathComponent:@"privateKey.pem"];
priv_key_file = fopen([keyFilePath UTF8String], "r");
PrivateKey = PEM_read_PrivateKey(priv_key_file, NULL, NULL, NULL);
privKey = EVP_PKEY_get1_RSA(PrivateKey);
sig = malloc(RSA_size(privKey));
int success = RSA_sign(NID_sha1, message, message_length, sig, &sig_len, privKey);
if(success == 1){
NSLog(@"Signature Generated!!");
}
PHP代码:
$private = '-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDZz+ztvFV3qYu8
4NHErDVfVzfVhAVoCqQiCFBWpuNJk0xPgGIkwDkehhyIxCT1CD/GNYQSjpoFlfId
….
-----END PRIVATE KEY-----';
$public='-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2c/s7bxVd6mLvODRxKw1
X1c31YQFaAqkIghQVqbjSZNMT4BiJMA5HoYciMQk9Qg/xjWEEo6aBZXyHekc7w1d
……
-----END PUBLIC KEY-----';
$HandshakeStr = base64_decode('YjFiZTE5NzBmYTgwMmY0M2NkZmEzODJiYjNmM2E1MjQ1OTBiMjE3MA==');;
openssl_sign($HandshakeStr, $sig, $private);
推荐答案
PHP openssl_sign
通过使用SHA1进行哈希处理( PHP:openssl_sign ).
OpenSSL RSA_sign 对消息摘要签名 m,大小为m_len(OpenSSL:RSA_sign(3))
OpenSSL RSA_sign signs the message digest m of size m_len (OpenSSL: RSA_sign(3))
使用原始的OpenSSL函数时,您必须自己进行哈希处理:
When you use the raw OpenSSL functions you have to do the hashing yourself:
unsigned char message_digest[SHA_DIGEST_LENGTH];
SHA1(message, message_length, message_digest);
int success = RSA_sign(NID_sha1, message_digest, SHA_DIGEST_LENGTH, sig, &sig_len, privKey);
顺便说一句,使用RSA验证-并非每个签名方案都是确定性的.
By the way, use RSA verify - not every signature scheme is deterministic.
这篇关于在ObjectiveC中签名字符串并在PHP中进行验证-不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!