Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/javascript/406.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/php/297.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Javascript 在php上验证数字签名_Javascript_Php_Cryptography_Digital Signature - Fatal编程技术网
Fatal编程技术网
  • javascript/
  • Javascript 在php上验证数字签名

Javascript 在php上验证数字签名

javascript php cryptography

Javascript 在php上验证数字签名,javascript,php,cryptography,digital-signature,Javascript,Php,Cryptography,Digital Signature,我在javascript上对一条消息进行签名,然后尝试在php上进行验证,但它返回的总是坏消息 我用这个作为我的javascript的例子 我的javascript是 function doSign() { var rsa = new RSAKey(); rsa.readPrivateKeyFromPEMString(document.form1.prvkey1.value); var hashAlg = document.form1.hashalg.value; var str1

我在javascript上对一条消息进行签名,然后尝试在php上进行验证,但它返回的总是坏消息

我用这个作为我的javascript的例子

我的javascript是

function doSign() {
 var rsa = new RSAKey();
  rsa.readPrivateKeyFromPEMString(document.form1.prvkey1.value);
  var hashAlg = document.form1.hashalg.value;
  var str1 = document.form1.msgsigned.value;
  var str2 = document.form1.msgsigned1.value;
  var res = str1.concat(str2);
  var hSig = rsa.signString(res, hashAlg);
  document.form1.siggenerated.value = linebrk(hSig, 64);
}

function doVerify() {
  var sMsg = document.form1.msgverified.value;
  var hSig = document.form1.sigverified.value;

  var x509 = new X509();
  x509.readCertPEM(document.form1.cert.value);
  var result = x509.subjectPublicKeyRSA.verifyString(sMsg, hSig);

  // display verification result
  if (result) {
    _displayStatus("valid");
  } else {
    _displayStatus("invalid");
  }
}

function copyMsgAndSig() {
  _displayStatus("reset");
  document.form1.msgverified.value = document.form1.msgsigned.value;
  document.form1.msgverified1.value = document.form1.msgsigned1.value;   
  document.form1.sigverified.value = document.form1.siggenerated.value; 
}

function _displayStatus(sStatus) {
  var div1 = document.getElementById("verifyresult");
  if (sStatus == "valid") {
    div1.style.backgroundColor = "skyblue";
    div1.innerHTML = "This signature is *VALID*.";
  } else if (sStatus == "invalid") {
    div1.style.backgroundColor = "deeppink";
    div1.innerHTML = "This signature is *NOT VALID*.";
  } else {
    div1.style.backgroundColor = "yellow";
    div1.innerHTML = "Please fill values below and push [Verify this sigunature] button.";
  }
}
这是我的php

<?php
        $msgAssinada=$_POST['msgsigned'];
        $msgAssinada1=$_POST['msgsigned1'];
        $assinatura=$_POST['siggenerated'];
        echo "<p>".$_POST['msgsigned']."</p>";
        echo "<p>".$_POST['msgsigned1']."</p>";
        echo "<p>".$_POST['siggenerated']."</p>";

        $fp = fopen("publicCert.pem", "r");
        $cert = fread($fp, 8192);
        fclose($fp);
        $pubkeyid = openssl_pkey_get_public($cert);
        $result = $msgAssinada . $msgAssinada1;
        echo $result;

        $ok = openssl_verify($result, $assinatura, $pubkeyid);

        if ($ok == 1) {
            echo "good";
        } elseif ($ok == 0) {
            echo "<p>bad</p>";
        } else {
            echo "ugly, error checking signature";
        }

        openssl_free_key($pubkeyid);
    ?>
公钥

-----BEGIN CERTIFICATE-----
MIIFfzCCA2egAwIBAgIDDguBMA0GCSqGSIb3DQEBBQUAMHkxEDAOBgNVBAoTB1Jv
(...)
Etj7VCXe3h2xHgQUfkUvnRw8vw==
-----END CERTIFICATE-----
“回报总是不好”?什么错误?@JensonMJohn我假设这一行:
echo“bad
被执行。是的,没有错误,只是返回BAD,似乎签名不正确!

-----BEGIN CERTIFICATE-----
MIIFfzCCA2egAwIBAgIDDguBMA0GCSqGSIb3DQEBBQUAMHkxEDAOBgNVBAoTB1Jv
(...)
Etj7VCXe3h2xHgQUfkUvnRw8vw==
-----END CERTIFICATE-----