1. 技术文章
  2. unable to verify openssl signature in php compare to nodejs

unable to verify openssl signature in php compare to nodejs

拜拜、爱过 提交于 2020-06-29 03:45:11

问题


I am able to verify the signature by using Nodejs crypto.createVerify whereas PHP: openssl_verify always return false.

Nodejs: Getting correct result

const encryptKey = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
const crypto = require('crypto');

var data = Buffer.from(JSON.stringify(vd), "utf-8");
var password = Buffer.from(encryptKey, "utf-8");
var hashPassword = crypto.createHash('sha256').update(password).digest();

var data ='oubWLpvUHAX5Z/9fmiCx8PGTqDl0+2sCShXnTdW640q7O1MDybxmDCF0R9SvvgFygFJfGVybK0qndePkJz690Lu96TiAi648PEPfrPjmtOSBLovVjNiIvdI1i16ryJ5BdtT/lp4rWe1LTyXeiRZ8KdVoqKeg76GCQi0jfXG9wUDJgt8tc1qf+ey3jvqa5J04v/fEXhQVoKC6pFwLgvN7HLyXwpRx2UnmP6Szm37QffiVO7uo1IiY3PB0Wh/AXNMIRSKz3Qn6v2iTTDt8k/r2qADNS4c6FaxFrQlNljr7z6t9k3QCTD0gqHy9YlZAFLB1Fi7kspBmnoQpAlweMIf97MfZvE5aXQDRyP7XVlY1upFyfkItyJwVsCLG1D2+jiJfw/VUZ4m2E7GwewsvcZ86Wf4Q0yeI8Ot/im3lw4SA/EXASuj0C6PkxjCjucktyjazpY5Eq0mSHWjhlw/LPVIPIjT6SCtYJId9vxeed95wcgyRjF4IIIwr8KFT4gqHi5BMW0z2r/EPGgNP4eMpMcxCNIz63f6j4/vFmr0ddxqZsDwaUVzGflRu3NO/kkWZdALw63Y1ABV9tl7hSSQdxYegzgZQPiK2oa/RT+0QvosmjjSEvdVCzA+0upt9PM7aHpv7xSdfa8RzaswwFuI9hlj9ZS5rxWf2czNISuqxXfvvKLDlSVlg9m3uRiVVslaoxLzktArW0SBej+7Ly934A5MXQXyhxJG47AEREeduGMw+kAVcEp/OUckmQbrg76IevxydMloa+jwI48ewzgC9J+ZXngg+GNQUh8p8rU2p9JEpUPQ/D/I68quncnuyxWNuEGIh';

var signature = 'xKS+T/p56Yt417SWDpGEMSbdlSrpnudVH6F8ajMw5DorGdh/oTodNq+4rvdWYfQYC4xUTIqwDohAqVqG0smT3dcIda2NiG+sWEJC7iJu4PhDorvcF7P2iwLf942JFaGgyC4dvtmGubV/bs7Eu7bjV7i11YDQJm4kRscWAXF1JskUX89VW2IGya+YdU//aM/eBzNJx1UofGOKLK0SPAkL2E8Ua9o/dk4RZWO/cgjGCQe/KSjpoAsErk+XJLV8DNNzbsLH/3aNANVEkS4jlBLT0TWKHDTZ9ht90ISYt8xFvjcxnrhVsnlWp6di2GNazxi3hIKraCAnIcu1oA0ofp9CjQ==';

const salt = new Buffer.from([1, 2, 3, 4, 5, 6, 7, 8], "utf-8");

var nodeCrypto = crypto.pbkdf2Sync(hashPassword, salt, 1000, 48, 'sha1');

var key = nodeCrypto.slice(0, 32);
var iv  = nodeCrypto.slice(32, 48);

var ciperDec =  crypto.createDecipheriv('aes-256-cbc', key, iv);
var dataDec = ciperDec2.update(data,"base64","utf8");
dataDec+= ciperDec2.final("utf8");

var verifier = crypto.createVerify('RSA-SHA256');
var data = Buffer.from(dataDec2, "utf-8");
verifier.update(data);

var merchantPublicKey = '';//something

var verify = verifier.verify(merchantPublicKey, signature,'base64');
console.log("verify", verify); //return true

PHP: Returning false

$data ='oubWLpvUHAX5Z/9fmiCx8PGTqDl0+2sCShXnTdW640q7O1MDybxmDCF0R9SvvgFygFJfGVybK0qndePkJz690Lu96TiAi648PEPfrPjmtOSBLovVjNiIvdI1i16ryJ5BdtT/lp4rWe1LTyXeiRZ8KdVoqKeg76GCQi0jfXG9wUDJgt8tc1qf+ey3jvqa5J04v/fEXhQVoKC6pFwLgvN7HLyXwpRx2UnmP6Szm37QffiVO7uo1IiY3PB0Wh/AXNMIRSKz3Qn6v2iTTDt8k/r2qADNS4c6FaxFrQlNljr7z6t9k3QCTD0gqHy9YlZAFLB1Fi7kspBmnoQpAlweMIf97MfZvE5aXQDRyP7XVlY1upFyfkItyJwVsCLG1D2+jiJfw/VUZ4m2E7GwewsvcZ86Wf4Q0yeI8Ot/im3lw4SA/EXASuj0C6PkxjCjucktyjazpY5Eq0mSHWjhlw/LPVIPIjT6SCtYJId9vxeed95wcgyRjF4IIIwr8KFT4gqHi5BMW0z2r/EPGgNP4eMpMcxCNIz63f6j4/vFmr0ddxqZsDwaUVzGflRu3NO/kkWZdALw63Y1ABV9tl7hSSQdxYegzgZQPiK2oa/RT+0QvosmjjSEvdVCzA+0upt9PM7aHpv7xSdfa8RzaswwFuI9hlj9ZS5rxWf2czNISuqxXfvvKLDlSVlg9m3uRiVVslaoxLzktArW0SBej+7Ly934A5MXQXyhxJG47AEREeduGMw+kAVcEp/OUckmQbrg76IevxydMloa+jwI48ewzgC9J+ZXngg+GNQUh8p8rU2p9JEpUPQ/D/I68quncnuyxWNuEGIh';

$sign = 'xKS+T/p56Yt417SWDpGEMSbdlSrpnudVH6F8ajMw5DorGdh/oTodNq+4rvdWYfQYC4xUTIqwDohAqVqG0smT3dcIda2NiG+sWEJC7iJu4PhDorvcF7P2iwLf942JFaGgyC4dvtmGubV/bs7Eu7bjV7i11YDQJm4kRscWAXF1JskUX89VW2IGya+YdU//aM/eBzNJx1UofGOKLK0SPAkL2E8Ua9o/dk4RZWO/cgjGCQe/KSjpoAsErk+XJLV8DNNzbsLH/3aNANVEkS4jlBLT0TWKHDTZ9ht90ISYt8xFvjcxnrhVsnlWp6di2GNazxi3hIKraCAnIcu1oA0ofp9CjQ==';

$pass = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";

$hashPass   = hash("sha256",mb_convert_encoding($pass,"UTF-8"),true);
$salt       = implode('', array_map('chr', [ 1, 2, 3, 4, 5, 6, 7, 8 ]));
$pbkdf2     = hash_pbkdf2("SHA1", $hashPass, $salt, 1000, 48,true);
$key        = substr($pbkdf2, 0, 32);
$iv         = substr($pbkdf2, 32, 48);
$hash       = openssl_decrypt($data, 'aes-256-cbc', $key, OPENSSL_ZERO_PADDING, $iv);

$pubkeyid = openssl_get_publickey($publicKey);
$verified = openssl_verify($hash, $sign, $pubkeyid, OPENSSL_ALGO_SHA256);
echo $verified; //returning false
// Free the key.
openssl_free_key($pubkeyid);

来源:https://stackoverflow.com/questions/62561720/unable-to-verify-openssl-signature-in-php-compare-to-nodejs

标签
php
node.js
encryption
signature
php-openssl
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!