php demo:
参考:
https://gist.github.com/winok/6153500
<?php ## openssl genrsa -out key.pem 1024 ## openssl rsa -in key.pem -pubout -outform PEM -out pubkey.pem ## openssl rsa -in key.pem -pubout -outform DER -out pubkey.der function hextobin($hexstr) { $n = strlen($hexstr); $sbin=""; $i=0; while($i<$n) { $a =substr($hexstr,$i,2); $c = pack("H*",$a); if ($i==0){$sbin=$c;} else {$sbin.=$c;} $i+=2; } return $sbin; } function buildSign($toSign) { $signature = null; $priv_key = file_get_contents('key.pem'); $pkeyid = openssl_get_privatekey($priv_key); openssl_sign($toSign, $signature, $pkeyid); openssl_free_key($pkeyid); $hex = bin2hex( $signature ); return $hex; } function verifySign($sign, $toSign) { $signdata = hextobin($sign); $ret = openssl_verify($toSign, $signdata, file_get_contents('pubkey.pem')); return $ret; } function verifySign_der($sign, $toSign) { $signdata = hextobin($sign); $der = file_get_contents('pubkey.der'); $pem = "-----BEGIN PUBLIC KEY-----n"; $str = base64_encode($der); $pem .= wordwrap($str, 64, "n", true)."n"; $pem .= "-----END PUBLIC KEY-----n"; $ret = openssl_verify($toSign, $signdata, $pem); return $ret; } $sign = buildSign('test1'); if (verifySign($sign, 'test1') == 1) echo "successn"; if (verifySign_der($sign, 'test1') == 1) echo "successn"; echo "n"; $sign = buildSign('test1'); if (verifySign($sign, 'test2') == 0) echo "successn"; if (verifySign_der($sign, 'test2') == 0) echo "successn"; ?>
相关格式参考:
http://www.cnblogs.com/xiaoweiyu/archive/2011/12/26/2302297.html
注意:
1.相关参数(如:openssl pkcs8 -topk8 -inform PEM -outform DER -in key.pem -out key.der -nocrypt 里的最后一个参数 )
2.公钥和私钥所用命令不同
3.通常二进制der格式通过 base64 或十六进制表示。先还原,再转换格式。
转发请注明出处http://blog.martoo.cn
如有漏缺,请联系我 QQ 243008827