问题
I have a private key stored as a string (hard coded), and I need to sign a string with that key.
I could use openssl, but I don't find in the documentation how to use my private key. I only see how to use pem files, or things related to certificates, whereas my process has nothing to do with certificates or anything of the sort.
The private key comes from a Java desktop application and has been generated with the class KeyPairGenerator
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA", "SUN");
SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN");
keyGen.initialize(512, random);
KeyPair pair = keyGen.generateKeyPair();
PrivateKey pri = pair.getPrivate();
String base64Key = new Base64().encode(pri.getEncoded());
Does anyone have a hint on this ?
Thank you !
Edit: One of the private keys as an example :
"MIHGAgEAMIGoBgcqhkjOOAQBMIGcAkEA/KaCzo4Syrom78z3EQ5SbbB4sF7ey80etKII864WF64B
81uRpH5t9jQTxeEu0ImbzRMqzVDZkVG9xD7nN1kuFwIVAJYu3cw2nLqOuyYO5rahJtk0bjjFAkBn
hHGyepz0TukaScUUfbGpqvJE8FpDTWSGkx0tFCcbnjUDC3H9c9oXkGmzLik1Yw4cIGI1TQ2iCmxB
blC+eUykBBYCFFVbS2ccW7j+SMOiro2PzB1FG/TL"
It is the Base64 representation of the key.
My current code saving the key in a file named pem :
$pkeyid = openssl_pkey_get_private("key.pem");
echo openssl_sign($data, $signature, $pkeyid);
echo "<br/>";
echo $signature;
But openssl_sign doesn't echo anything, even false as it is supposed to in case of failure...
来源:https://stackoverflow.com/questions/37401519/signing-with-a-private-key-as-a-string-in-php