• 首页
  • vue
  • TypeScript
  • JavaScript
  • scss
  • css3
  • html5
  • php
  • MySQL
  • redis
  • jQuery
  • openssl_spki_verify()

    (PHP 5 >= 5.6.0, PHP 7)

    验证签名公钥和挑战。

    说明

    openssl_spki_verify(string &$spkac): string

    验证所提供的签名公钥和挑战。

    参数

    $spkac

    期望一个有效的签名公钥和挑战。

    返回值

    成功,返回true,失败返回false.

    错误/异常

    如果$spkac参数不是一个可用的参数,将会抛出一个E_WARNING等级的错误。

    范例

    openssl_spki_verify()范例:

    验证现有签名公钥和挑战

    <?php
    $pkey = openssl_pkey_new('secret password');
    $spkac = openssl_spki_new($pkey, 'challenge string');
    if (openssl_spki_verify(preg_replace('/SPKAC=/', '', $spkac))) {
        echo $spkac;
    } else {
        echo "SPKAC validation failed";
    }
    ?>
    

    openssl_spki_verify() example from <keygen>

    通过<keygen>元素验证现有签名公钥和挑战

    <?php
    if (openssl_spki_verify(preg_replace('/SPKAC=/', '', $_POST['spkac']))) {
        echo $spkac;
    } else {
        echo "SPKAC validation failed";
    }
    ?>
    <keygen name="spkac" challenge="challenge string" keytype="RSA">

    参见

    This openssl_spki_* funcs are very usefull to use with <keygen/> tag in html5.
    Example:
    <?php
    session_start();
    // form submitted... (?)
    if(isset($_POST['security']))
    {
      // If true, the send from <keygen/> is valid and you can
      // test the challenge too
      if(openssl_spki_verify($_POST['security']))
      {
        // Gets challenge string
        $challenge = openssl_spki_export_challenge($_POST['security']);
        // If true... you are not trying to trick it.
        // If user open 2 windows to prevent data lost from a "mistake" or him just press "back" button
        // and re-send last data... you can handle it using something like it.
        if($challenge == $_SESSION['lastForm'])
        {
          echo 'Ok, this one is valid.', '<br><br>';
        }
        else
        {
          echo 'Nice try... nice try...', '<br><br>'; 
        }
      }
    }
    // If you open two window, the challenge won't match!
    $_SESSION['lastForm'] = hash('md5', microtime(true));
    ?>
    <!DOCTYPE html>
    <html>
    <body>
    <form action="/index.php" method="post">
     Encryption: <keygen name="security" keytype="rsa" challenge="<?php echo $_SESSION['lastForm']; ?>"/>
     <input type="submit">
    </form>
    </body>
    </html>