1. 首頁
  2. 問答
  3. 使用php驗證數字簽名

使用php驗證數字簽名

2014-09-11 153 views
1

我有一封經過數字簽名的電子郵件。使用php驗證數字簽名

電子郵件:

-----BEGIN PGP SIGNED MESSAGE----- 
Hash: SHA1 

The below email has been digitally signed for test purposes. We will 
now go on and save this signed email in our dms system. 
-----BEGIN PGP SIGNATURE----- 
Version: GnuPG v2.0.22 (MingW32) 
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ 

iQEcBAEBAgAGBQJTnwd9AAoJEEWjhuB1kNr9dQcH/2YeZlHEfK/KOPg8XhpOY+4l 
3camfFVya8JIzLHsOzhhdSqIItDr7VlGDrjrMgPPiD1abyy9zhcqZ18Kh8sUuFJV 
/TA434rrnMJC0xmSzXl4uo+UagyNyCjzwR4TFCGP4Ob6SzPl/jxfrcfO5yXEdF1I 
X6wgQUmnb3ZLczdPVXsKpwpVIGqX7diwe1CAZKxCmjZo9rr/MmDLLl7AjYq/WQDT 
uOYqXs2IasOIiTGpYrqexBpDn1qRUNiKVgFSRUTfTjYGXYij9P635WTfeE1bQrn1 
HpT9hKhipYPkFcELAor7asqAcnE0lc4Oy9NV2bUryss8ic/pkhiXvlohA3MpCDA= 
=+IbK 
-----END PGP SIGNATURE-----

公鑰:

-----BEGIN PGP PUBLIC KEY BLOCK----- 
Version: GnuPG v2.0.22 (MingW32) 

mQENBFOfBmkBCAC6gH9rR185hiCADttaQeUp9Jc+4Zzx60E+ogWd33Tb1dNvK/IK 
wqpnRpYI1CHVpqX0xWy8Ylcw3rLpPJ6BUzO3hWFLRMXAIXiemV/+VKrKysgm1Xdg 
1PSAVfqmgkXLEEGGSj2OHNA0VVnl1G8AI8/SMpLqhS3PMz3X1nmBv4hLohugLla9 
AVdYp6Me5OAWfjHswkUxCvc/fSh2ufFSnFxgjUibIyn+GP5qG8Wc+GjrBzTLzjA7 
LvP198fWIHQ5w342F3WE8/9ec+1ir/a4japcFodRibXBEqltF+BXgk9pVcEXTd8O 
FCxygrnSkWioj9Qf5uyjuKfV1F7Wq/Nu5uPZABEBAAG0JkFiaGluYXYgQWdnYXJ3 
YWwgPGFiaGluYXZAdHJ1dGVjaC5vcmc+iQE/BBMBAgApBQJTnwZpAhsjBQkJZgGA 
BwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQRaOG4HWQ2v2F9Af/RAKCz0uo 
xqrVe1MXqCe9ZCPSwlHGH4X4NtQbo7FTYy7K2fo9ucoKI4c2lHZA+Ef1K6BhZG34 
IlXPSwy8nhTWJl7pi/xo7gEDlnHJMJCGvQcdtm4lkp39V2cy/Y0lS9V/EYmiesIX 
tmPwwyYxo85jNsdmbjQKDTv5mcir9AebllCk2NlrxpyTO8oAnp1peHaHHq+U92e3 
ZipHEiuAvE0U6WU/fA7tHoWoUor9AUm1hE5mSsyi+do4o/YJqGEgAss62v0npcBx 
oyHoHum5XUgZ1kjvq40Mzkxo9N6vU7P7ULyt9FZylM+pk9XEqiz8IGTPW6JGiJS2 
WmhJli2Szl1xgLkBDQRTnwZpAQgA27UvNu/m61pZwTBSQAVjLNJnJTlU4yh/DxKU 
B3opw7JvvgXYB3VS9AyqSYaIJTcziCBZRewMH+WVpZwRk9SFMyeyNhuk9SGeGU9s 
vyE5dGPa/U5zpvhaqn//CMdRr+wf6XeBKjzc9eKgWMrPLhzlHZ6kzLsbRsalOd4x 
0M3aeO4SV00HFFfXVfJplNB8/zsHNNqtF5ACz9DX69p1GWJD6AAlu/s04xkkUScr 
M2B5lHm6iU6NmfP1GeTD+rOyigcOrSlAL4QGIzGDfoDJOy9UYtk+YOv8UBa3IpG0 
7sARkd+MZGUOgPWIDYQLiSi+9opFHtn4EzrvuUP3Zj1kN4ZUTwARAQABiQElBBgB 
AgAPBQJTnwZpAhsMBQkJZgGAAAoJEEWjhuB1kNr9kHoIAKnjEAiH53ZrWYuummPR 
PRztZL1K7LkxEAxQ00V+PMrg4wNlp1WW5Vl3X0jB5FqUTUmI/65MhoWa+Ucqg31c 
pUOpw5OHK/cyrsscj+gL3nknhswWcvqBNQuiB8UO7Kt89yFYysA754sADKE+nDBM 
D+kmlH4u3vvKep0hZ+gzvH3AOZDhijKJYN9zMMf/gtwZhlEm/N+yBpkP1sxcFsJ+ 
V5hduu4sqJnAcCWg3V/JXonAOZGPS/GE+wXt4Om1D/6RcBBtrBGwh/ezBFS/gSio 
vGRcFzZYRhM1rMEu82raZ3ji3X/5fOjxvhSXdrajG3LX8s2gCk+a0nGDi3MYs5l0 
p14= 
=cn4r 
-----END PGP PUBLIC KEY BLOCK-----

我想用PHP編寫一個程序,它會驗證數字簽名。我有發件人的公鑰。我嘗試從this site下載GnuPG庫,但沒有下載。

有沒有其他辦法?我應該怎麼做?任何幫助將不勝感激。

來源

2014-09-11 Tushar Wagh

+0

嗯,我還沒有嘗試過這個,看看http://php.net/manual/en/function.openssl-verify.php這可能會幫助你 – 2014-09-11 04:42:34

+1

只需從PHP調用命令行'gpg' 。 – mario 2014-09-11 04:44:53

+0

@mario我從命令行調用gpg。當我使用'gpg --version'命令使用exec()函數時,它會返回數組,但是當我嘗試導入或驗證時,它會返回空數組。有任何想法嗎? – 2014-09-11 07:14:01

回答

1

PHP已經帶來了module for interfacing GnuPG,這相當容易使用。

GnuPG必須已經安裝,通常在Linux服務器上,在Windows機器上我聽說讓PHP與GnuPG一起運行相當困難。

對於驗證簽名,使用gnupg_verify(...),例如從PHP連接文檔:

<?php 
$plaintext = ""; 
$gpg = new gnupg(); 
// clearsigned 
$info = $gpg -> verify($signed_text,false,$plaintext); 
print_r($info); 
// detached signature 
$info = $gpg -> verify($signed_text,$signature); 
print_r($info); 
?>

你將不得不import the signer's public key驗證之前,如果沒有完成。

來源

2014-09-11 08:16:52

相關問題

 相關問題