On Wed, May 23, 2012 at 9:12 PM, Jason Gerfen <jason.ger...@utah.edu> wrote: > On 05/23/2012 01:05 PM, Matijn Woudt wrote: >> >> On Wed, May 23, 2012 at 8:29 PM, jas<jason.ger...@utah.edu> wrote: >>> >>> I have run into a problem that I am altogether unfamiliar with. >>> >>> A scenario. I retrieve a users private key from a database. >>> >>> I then use the openssl_pkey_get_private() function to load it as a >>> resource >>> object and proceed to call the openssl_sign() function to obtain a >>> digital >>> signature of a string. >>> >>> No problem, I get a valid signature which I then base64 encode and store >>> in >>> a database. >>> >>> Now lets say a couple of days from now I load up the public key which >>> corresponds to the private key which was used to originally sign the data >>> to >>> verify it and it does not work. >>> >>> The kicker is if I perform the very same routine without saving the >>> signature and attempting to verify it it works without problems. >>> >> Have you checked what $signed looks like after running the script? >> Compare it to $signature. Most likely you corrupted your date >> elsewhere, maybe when inserting it into the database. >> >> - Matijn > > The example that accompanies the post shows two examples, one works & one > does not. Neither however use any type of database, as both simply assign or > use the valid signature stored within either the $signature or $signed > variables. > > I wish I could say that is the problem, I took care to properly > encode/decode when saving or retrieving the information and as well in the > original post I removed this as a possible cause by simply defining the > $signature variable and assigning a valid signature to it for testing. >
First of all, it seems $signature is in base64 format, so I think you should base64_decode that one first. Then it appears to me that $signature is not the same as $signed, on my system. If I base64_encode $signed, save it by copying it from my browser, and then enter it as $signature, and then use base64_decode on $signature it works fine. - Matijn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
