$config = array(
"digest_alg" => "sha512",
"private_key_bits" => 512,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
);
// 默认的 private_key_bits 为 1024
$r = openssl_pkey_new($config);
openssl_pkey_export($r, $privKey);
file_put_contents($this->_keyPath . DIRECTORY_SEPARATOR . 'private_key.pem', $privKey);
$this->_privKey = openssl_pkey_get_private($privKey);
$rp = openssl_pkey_get_details($r);
$pubKey = $rp['key'];
file_put_contents($this->_keyPath . DIRECTORY_SEPARATOR . 'public_key.pem', $pubKey);
//$this->_pubKey = openssl_get_publickey($pubKey);
$this->_pubKey = openssl_pkey_get_public($pubKey);
php大概用上面的代码导出 一堆.pem的证书
然后在go中
block, _ := pem.Decode([]byte(这里就是导出的公匙的内容))
pub, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
fmt.Printf("Failed to parse RSA public key: %s\n", err)
return false, err
}
rsaPub, _ := pub.(*rsa.PublicKey)
h := crypto.Hash.New(crypto.SHA1)
h.Write([]byte(src))
digest := h.Sum(nil)
data, _ := base64.StdEncoding.DecodeString(string(sign))
hexSig := hex.EncodeToString(data)
fmt.Printf("base decoder: %v, %v\n", string(sign), hexSig)
err = rsa.VerifyPKCS1v15(rsaPub, crypto.SHA1, digest, data)
if err != nil {
fmt.Println("Verify sig error, reason: ", err)
return false, err
}
return true, nil
然后这个签名的 始终无法在php代码里验证签名
有疑问加站长微信联系(非本文作者)
