分享程序员开发的那些事...
更新时间:2022-04-17 01:16:12
我的***猜测:您的私钥与公钥不匹配.
my best guess: your private key doesn't match your public key.
当我运行此特定代码时:
when i run this specific code:
$private_key = <<<'EOD'
-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6zxqlVzz0wy2j4kQVUC4Z
RZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQJAL151ZeMKHEU2c1qdRKS9
sTxCcc2pVwoAGVzRccNX16tfmCf8FjxuM3WmLdsPxYoHrwb1LFNxiNk1MXrxjH3R
6QIhAPB7edmcjH4bhMaJBztcbNE1VRCEi/bisAwiPPMq9/2nAiEA3lyc5+f6DEIJ
h1y6BWkdVULDSM+jpi1XiV/DevxuijMCIQCAEPGqHsF+4v7Jj+3HAgh9PU6otj2n
Y79nJtCYmvhoHwIgNDePaS4inApN7omp7WdXyhPZhBmulnGDYvEoGJN66d0CIHra
I2SvDkQ5CmrzkW5qPaE2oO7BSqAhRZxiYpZFb5CI
-----END RSA PRIVATE KEY-----
EOD;
$public_key = <<<'EOD'
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6
zxqlVzz0wy2j4kQVUC4ZRZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQ==
-----END PUBLIC KEY-----
EOD;
$data="test";
$privateKeyId = openssl_pkey_get_private($private_key);
// sign date with your private key
openssl_sign($data, $signature, $privateKeyId, 'RSA-SHA256');
// encode into base64
$sign = base64_encode($signature);
// you may free up memory after, but I wouldn't recommend, since you are going to make many requests and sign each of them.
// importing key from file each time isn't brightest idea
openssl_free_key($privateKeyId);
// importing public key
$pub_key = openssl_pkey_get_public($public_key);
// verifying signature for $data and imported public key
// note that signature firstly was decoded from base64
$valid = openssl_verify($data, base64_decode($sign), $pub_key, 'RSA-SHA256');
if ($valid == 1){
echo "signature is valid \n";
} else {
echo "signature is NOT valid \n";
}
// same thing about freeing of key
openssl_free_key($pub_key);
它输出signature is valid,所以问题可能出在您的钥匙对上. (PS createPrivateAndPublicKey是一个不创建任何东西的函数的愚蠢名称.)
it outputs signature is valid so the problem is probably your key pair. (PS createPrivateAndPublicKey is a stupid name for a function that doesn't create anything..)
您的curl代码也非常混乱,因为createPrivateAndPublicKey是一个void函数,它不返回任何内容,所以当您这样做
also your curl code is very confused, as createPrivateAndPublicKey is a void function, it doesn't return anything, so when you do
$sign = createPrivateAndPublicKey($data_string);
$header[] = "Signature: $sign";
您将$sign分配给NULL,并且当您将NULL添加到字符串时,什么也没有发生,因此您设置的标头只是Signature: (blank)
you're assigning $sign to NULL and when you to add NULL to a string, nothing happens, so the header you set is just Signature: (blank)