openssl_spki_verify()
(PHP 5 >= 5.6.0, PHP 7)
验证签名公钥和挑战。
说明
openssl_spki_verify(string &$spkac): string
验证所提供的签名公钥和挑战。
参数
- $spkac
期望一个有效的签名公钥和挑战。
返回值
成功,返回true,失败返回false.
错误/异常
如果$spkac参数不是一个可用的参数,将会抛出一个E_WARNING
等级的错误。
范例
openssl_spki_verify()范例:
验证现有签名公钥和挑战
<?php $pkey = openssl_pkey_new('secret password'); $spkac = openssl_spki_new($pkey, 'challenge string'); if (openssl_spki_verify(preg_replace('/SPKAC=/', '', $spkac))) { echo $spkac; } else { echo "SPKAC validation failed"; } ?>
openssl_spki_verify() example from <keygen>
通过<keygen>元素验证现有签名公钥和挑战
<?php if (openssl_spki_verify(preg_replace('/SPKAC=/', '', $_POST['spkac']))) { echo $spkac; } else { echo "SPKAC validation failed"; } ?> <keygen name="spkac" challenge="challenge string" keytype="RSA">
参见
openssl_spki_new()
生成一个新的签名公钥和挑战openssl_spki_export_challenge()
导出与签名公钥和挑战相关的挑战字符串openssl_spki_export()
通过签名公钥和挑战导出一个可用的PEM格式的公钥- openssl_md_method()
openssl_csr_new()
生成一个 CSRopenssl_csr_sign()
用另一个证书签署 CSR(或者本身)并且生成一个证书
This openssl_spki_* funcs are very usefull to use with <keygen/> tag in html5. Example: <?php session_start(); // form submitted... (?) if(isset($_POST['security'])) { // If true, the send from <keygen/> is valid and you can // test the challenge too if(openssl_spki_verify($_POST['security'])) { // Gets challenge string $challenge = openssl_spki_export_challenge($_POST['security']); // If true... you are not trying to trick it. // If user open 2 windows to prevent data lost from a "mistake" or him just press "back" button // and re-send last data... you can handle it using something like it. if($challenge == $_SESSION['lastForm']) { echo 'Ok, this one is valid.', '<br><br>'; } else { echo 'Nice try... nice try...', '<br><br>'; } } } // If you open two window, the challenge won't match! $_SESSION['lastForm'] = hash('md5', microtime(true)); ?> <!DOCTYPE html> <html> <body> <form action="/index.php" method="post"> Encryption: <keygen name="security" keytype="rsa" challenge="<?php echo $_SESSION['lastForm']; ?>"/> <input type="submit"> </form> </body> </html>