php man page for openssl_verify

Php Man Pages All Man Pages Latest Topics Forum Categories

Query: openssl_verify

OS: php

Section: 3

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

OPENSSL_VERIFY(3)							 1							 OPENSSL_VERIFY(3)

openssl_verify - Verify signature


SYNOPSIS

       int openssl_verify (string  $data, string  $signature, mixed  $pub_key_id, [mixed  $signature_alg = OPENSSL_ALGO_SHA1])


DESCRIPTION

       openssl_verify(3)  verifies  that  the $signature is correct for the specified $data using the public key associated with $pub_key_id. This
       must be the public key corresponding to the private key used for signing.


PARAMETERS

	      o $data
		- The string of data used to generate the signature previously

	      o $signature
		- A raw binary string, generated by openssl_sign(3) or similar means

	      o $pub_key_id
		- resource - a key, returned by openssl_get_publickey(3) string - a  PEM  formatted  key,  example,  "-----BEGIN  PUBLIC  KEY-----
		MIIBCgK..."

	      o $signature_alg
		- int - one of these Signature Algorithms.  string - a valid string returned by openssl_get_md_methods(3) example, "sha1WithRSAEn-
		cryption" or "sha512".


RETURN VALUES

	Returns 1 if the signature is correct, 0 if it is incorrect, and -1 on error.


CHANGELOG

       +--------+------------------------------------------+
       |Version |					   |
       |	|					   |
       |	|		Description		   |
       |	|					   |
       +--------+------------------------------------------+
       | 5.2.0	|					   |
       |	|					   |
       |	|  The $signature_alg parameter was added. |
       |	|					   |
       +--------+------------------------------------------+

EXAMPLES

       Example #1

	      openssl_verify(3) example

	      <?php
	      // $data and $signature are assumed to contain the data and the signature

	      // fetch public key from certificate and ready it
	      $pubkeyid = openssl_pkey_get_public("file://src/openssl-0.9.6/demos/sign/cert.pem");

	      // state whether signature is okay or not
	      $ok = openssl_verify($data, $signature, $pubkeyid);
	      if ($ok == 1) {
		  echo "good";
	      } elseif ($ok == 0) {
		  echo "bad";
	      } else {
		  echo "ugly, error checking signature";
	      }
	      // free the key from memory
	      openssl_free_key($pubkeyid);
	      ?>

       Example #2

	      openssl_verify(3) example

	      <?php
	      //data you want to sign
	      $data = 'my data';

	      //create new private and public key
	      $private_key_res = openssl_pkey_new(array(
		  "private_key_bits" => 2048,
		  "private_key_type" => OPENSSL_KEYTYPE_RSA,
	      ));
	      $details = openssl_pkey_get_details($private_key_res);
	      $public_key_res = openssl_pkey_get_public($details['key']);

	      //create signature
	      openssl_sign($data, $signature, $private_key_res, "sha1WithRSAEncryption");

	      //verify signature
	      $ok = openssl_verify($data, $signature, $public_key_res, OPENSSL_ALGO_SHA1);
	      if ($ok == 1) {
		  echo "valid";
	      } elseif ($ok == 0) {
		  echo "invalid";
	      } else {
		  echo "error: ".openssl_error_string();
	      }
	      ?>


SEE ALSO

       openssl_sign(3).

PHP Documentation Group 													 OPENSSL_VERIFY(3)
Related Man Pages
nbsvtool(1) - netbsd
md2(1) - redhat
mdc2(1) - redhat
dgst(1) - opendarwin
openssl_verify(3) - php
Similar Topics in the Unix Linux Community
Efficient signature schemes supporting redaction, pseudonymization, and data deidenti
Can we echo something for &quot;down key&quot;
&quot;License signature is invalid: /etc/op5license/op5license.lic&quot;