[PHP 4 >= 4.0.4, PHP 5, PHP 7, PHP 8]
openssl_verify — Verify signature
Return Values
Returns 1 if the signature is correct, 0 if it is incorrect, and -1 or false on error.
Examples
Example #1 openssl_verify[] example
Example #2 openssl_verify[] example
Stiv ¶
16 years ago
I've finally found a way to verify signature. Sample in the documentation doesn't work. Code bellow DOES work :]
steve dot venable at lmco dot com ¶
20 years ago
A note about the openssl_verify[] [and some of the other functions]. The public key comes from a certificate in any of the support formats [as the example shows, use openssl_get_publickey[] to get the resource id]. But after some trial and error I found the signature string MUST BE BINARY. While no error occurs, passing a base64-formatted signature string [PEM format?], you simply get a mismatch. When I did the base64 decode myself, the verify returned a match [return value 1]. You can simply drop the begin/end lines and take the output of the 'base64_decode[]' function.
mikey at badpenguins dot com ¶
12 years ago
I spent days scouring the php openssl documentation trying to figure out how to do what sounds like a simple task - given two PEM encoded certificates, is one the signer of the other? Nowhere in the openssl_verify[] documentation or comments is it explained where to obtain the signature of an existing certificate. The openssl_x509_parse[] function looked promising, but it is an unstable API that may change.
I had to write my own code to determine if one cert signed another, it is located here: //badpenguins.com/source/misc/isCertSigner.php?viewSource
In a nutshell here is what I learned...
The signature data in a signed X.509 certificate contains DER formatted data about the signature that is encrypted with the signers public key. The data contains a hash of the original subject certificate and information about what encryption algorithm was used to create the signature.
So you need to get this signature data and a copy of the original certificate with the issuer and signature sequences removed. Hash a copy of the original certificate [sans issuer/signature sequences] with the same algorithm the issuer used and if the hashes match, you have the issuer cert that signed the certificate.
phpdev at fpierrat dot fr ¶
11 months ago
As stated from the doc: "Returns 1 if the signature is correct, 0 if it is incorrect, and -1 or false on error. "
In the second example as a well as in Stiv's note, following condition will match for both 0 or false, which have different meaning:
elseif [$ok == 0] {
echo "bad";
}
On should do an identical test here [===] instead of an equal test [==]:
elseif [$ok === 0] {
echo "bad";
}
---
var_dump[0==false]; //==> true
var_dump[0===false];//==> false
peter dot labos at gmail dot com ¶
4 years ago
openssl_verify[] is populating openssl_error_string[] even on false.
When openssl_verify[] returns 0, openssl_error_string[] is populated with 1.
I spent lot of time to understand, while my next call to openssl was failing with checks for error.