PHP openssl_verify函数代码示例

 public function verify_license($product_code, $name, $email, $license)
 {
     ## NOTE ###############################################
     # If you change the parameters the function acepts do not
     # forget to change the lower string concatenation
     # to include all fields in the license generation
     $stringData = $product_code . "," . $name . "," . $email;
     #################################################
     // replace O with 8 and I with 9
     $replacement = str_replace("8", "O", str_replace("9", "I", $license));
     //remove Dashes.
     $undashed = trim(str_replace("-", "", $replacement));
     // Pad the output length to a multiple of 8 with '=' characters
     $desiredLength = strlen($undashed);
     if ($desiredLength % 8 != 0) {
         $desiredLength += 8 - $desiredLength % 8;
         $undashed = str_pad($undashed, $desiredLength, "=");
     }
     // decode Key
     $decodedHash = base32_decode($undashed);
     $ok = openssl_verify($stringData, $decodedHash, $this->public_key, OPENSSL_ALGO_DSS1);
     if ($ok == 1) {
         return TRUE;
     } elseif ($ok == 0) {
         return FALSE;
     } else {
         return FALSE;
     }
 }

 /**
  * 验证签名
  * @param string $data 验签数据
  * @param string $sign
  */
 public function verifySign($data, $sign)
 {
     $sign = $this->hex2bin($sign);
     $res = openssl_verify($data, $sign, $this->pubKey);
     //验证结果，1：验证成功，0：验证失败
     return 1 === $res ? true : false;
 }

 /**
  * Verifies that the response was signed with the given signature
  * and, optionally, for the right package
  * 
  * @param  AndroidMarket_Licensing_ResponseData|string $responseData
  * @param  string $signature
  * @return bool
  */
 public function verify($responseData, $signature)
 {
     if ($responseData instanceof AndroidMarket_Licensing_ResponseData) {
         $response = $responseData;
     } else {
         $response = new AndroidMarket_Licensing_ResponseData($responseData);
     }
     //check package name is valid
     if (!empty($this->_packageName) && $this->_packageName !== $response->getPackageName()) {
         return false;
     }
     if (!$response->isLicensed()) {
         return false;
     }
     $result = openssl_verify($responseData, base64_decode($signature), $this->_publicKey, self::SIGNATURE_ALGORITHM);
     //openssl_verify returns 1 for a valid signature
     if (0 === $result) {
         return false;
     } else {
         if (1 !== $result) {
             require_once 'AndroidMarket/Licensing/RuntimeException.php';
             throw new AndroidMarket_Licensing_RuntimeException('Unknown error verifying the signature in openssl_verify');
         }
     }
     return true;
 }

 /**
  * Método que verifica el código de autorización de folios
  * @return =true si está ok el XML cargado
  * @author Esteban De La Fuente Rubio, DeLaF (esteban[at]sasco.cl)
  * @version 2015-10-30
  */
 public function check()
 {
     // validar firma del SII sobre los folios
     $firma = $this->getFirma();
     $idk = $this->getIDK();
     if (!$firma or !$idk) {
         return false;
     }
     $pub_key = \sasco\LibreDTE\Sii::cert($idk);
     if (!$pub_key or openssl_verify($this->xml->getFlattened('/AUTORIZACION/CAF/DA'), base64_decode($firma), $pub_key) !== 1) {
         \sasco\LibreDTE\Log::write(\sasco\LibreDTE\Estado::FOLIOS_ERROR_FIRMA, \sasco\LibreDTE\Estado::get(\sasco\LibreDTE\Estado::FOLIOS_ERROR_FIRMA));
         return false;
     }
     // validar clave privada y pública proporcionada por el SII
     $private_key = $this->getPrivateKey();
     if (!$private_key) {
         return false;
     }
     $plain = md5(date('U'));
     if (!openssl_private_encrypt($plain, $crypt, $private_key)) {
         \sasco\LibreDTE\Log::write(\sasco\LibreDTE\Estado::FOLIOS_ERROR_ENCRIPTAR, \sasco\LibreDTE\Estado::get(\sasco\LibreDTE\Estado::FOLIOS_ERROR_ENCRIPTAR));
         return false;
     }
     $public_key = $this->getPublicKey();
     if (!$public_key) {
         return false;
     }
     if (!openssl_public_decrypt($crypt, $plain_firmado, $public_key)) {
         \sasco\LibreDTE\Log::write(\sasco\LibreDTE\Estado::FOLIOS_ERROR_DESENCRIPTAR, \sasco\LibreDTE\Estado::get(\sasco\LibreDTE\Estado::FOLIOS_ERROR_DESENCRIPTAR));
         return false;
     }
     return $plain === $plain_firmado;
 }

	function verify($pubKey, $toCheck, $signature) {
		$openSslPubKey = openssl_get_publickey($this->seclibToOpenSsl($pubKey));
		$verified = openssl_verify($toCheck, $signature, $openSslPubKey);
		openssl_free_key($openSslPubKey);
		
		return $verified;
	} # verify

 /**
  * RSA验签
  * @param $data 待签名数据
  * @param $public_key 支付宝的公钥文件路径
  * @param $sign 要校对的的签名结果
  * @return 验证结果
  */
 public function rsaVerify($data, $public_key, $sign)
 {
     $res = openssl_get_publickey($public_key);
     $result = (bool) openssl_verify($data, base64_decode($sign), $res);
     openssl_free_key($res);
     return $result;
 }

 /**
  * Verifies that the data and the signature belong to this public key.
  * Returns true on success, false on failure.
  * @param mixed $data The data to be verified
  * @param mixed $signature The signature of the data
  * @param string $algoritm Which algorithm to use for signing
  * @return boolean
  * @throws InvalidMessageDigestAlgorithmException
  */
 public function verify($data, $signature, $algorithm = 'RSA-SHA256')
 {
     if (!in_array($algorithm, openssl_get_md_methods(true))) {
         throw new InvalidMessageDigestAlgorithmException("The digest algorithm '{$algorithm}' is not supported by this openssl implementation.");
     }
     return openssl_verify($data, $signature, $this->keyResource, $algorithm) == 1;
 }

 /**
  * Validates a message from SNS to ensure that it was delivered by AWS
  *
  * @param Message $message The message to validate
  *
  * @throws CannotGetPublicKeyFromCertificateException If the certificate cannot be retrieved
  * @throws CertificateFromUnrecognizedSourceException If the certificate's source cannot be verified
  * @throws InvalidMessageSignatureException           If the message's signature is invalid
  */
 public function validate($message)
 {
     // Get the cert's URL and ensure it is from AWS
     $certUrl = $message->get('SigningCertURL');
     $host = parse_url($certUrl, PHP_URL_HOST);
     if ('.amazonaws.com' != substr($host, -14)) {
         throw new CertificateFromUnrecognizedSourceException($host . ' did not match .amazonaws.com');
     }
     // Get the cert itself and extract the public key
     $response = wp_remote_get($certUrl);
     if (is_wp_error($response)) {
         throw new CannotGetPublicKeyFromCertificateException('Could not retrieve certificate from ' . $certUrl);
     }
     $certificate = wp_remote_retrieve_body($response);
     $publicKey = openssl_get_publickey($certificate);
     if (!$publicKey) {
         throw new CannotGetPublicKeyFromCertificateException('Could not extract public key from ' . $certUrl);
     }
     // Verify the signature of the message
     $stringToSign = $message->getStringToSign();
     $incomingSignature = base64_decode($message->get('Signature'));
     if (!openssl_verify($stringToSign, $incomingSignature, $publicKey, OPENSSL_ALGO_SHA1)) {
         throw new InvalidMessageSignatureException('The message did not match the signature ' . "\n" . $stringToSign);
     }
 }

/**
 * RSA验签
 * @param $data 待签名数据
 * @param $ali_public_key_path 支付宝的公钥文件路径
 * @param $sign 要校对的的签名结果
 * return 验证结果
 */
function ApiRsaVerify($data, $ali_public_key_path, $sign)  {
	$pubKey = file_get_contents($ali_public_key_path);
    $res = openssl_get_publickey($pubKey);
    $result = (bool)openssl_verify($data, base64_decode($sign), $res);
    openssl_free_key($res);    
    return $result;
}

 /**
  * Verifiy the given data.
  *
  * @param  string $playerId
  * @param  string $bundleId
  * @param  int    $timestamp
  * @param  string $salt Binary string.
  * @return bool
  */
 public function verify($playerId, $bundleId, $timestamp, $salt)
 {
     if (filter_var($this->certificate, FILTER_VALIDATE_URL) !== false) {
         $this->certificate = file_get_contents($this->certificate);
         if ($this->certificate === false) {
             $this->error = static::CERT_DOWNLOAD_ERR;
             return false;
         }
     }
     if (($pubKeyId = $this->pubKey()) === false) {
         $this->error = static::CERT_PUB_KEY_ERR;
         return false;
     }
     $data = $playerId . $bundleId . $this->toBigEndian($timestamp) . $salt;
     $result = openssl_verify($data, $this->signature, $pubKeyId, OPENSSL_ALGO_SHA256);
     if ($result === 1) {
         return true;
     }
     if ($result === 0) {
         $this->error = static::SIGNATURE_INCORRECT;
     } else {
         $this->error = static::SIGNATURE_ERR;
     }
     return false;
 }

 /**
  * Function that processes the callback from the bank and returns CPayment objects with isSuccessful
  * (and other applicable) parameters filled according to the answers from the bank.
  *
  * @return CPayment
  */
 public function HandleCallback()
 {
     $rsField = array();
     foreach ((array) $_REQUEST as $ixField => $fieldValue) {
         $rsField[$ixField] = $fieldValue;
     }
     $sSignatureBase = sprintf("%03s", $rsField['ver']) . sprintf("%-10s", $rsField['id']) . sprintf("%012s", $rsField['ecuno']) . sprintf("%06s", $rsField['receipt_no']) . sprintf("%012s", $rsField['eamount']) . sprintf("%3s", $rsField['cur']) . $rsField['respcode'] . $rsField['datetime'] . sprintf("%-40s", $rsField['msgdata']) . sprintf("%-40s", $rsField['actiontext']);
     function hex2str($hex)
     {
         for ($i = 0; $i < strlen($hex); $i += 2) {
             $str .= chr(hexdec(substr($hex, $i, 2)));
         }
         return $str;
     }
     $mac = hex2str($rsField['mac']);
     $sSignature = sha1($sSignatureBase);
     $flKey = openssl_get_publickey(file_get_contents($this->flBankCertificate));
     if (!openssl_verify($sSignatureBase, $mac, $flKey)) {
         trigger_error("Invalid signature", E_USER_ERROR);
     }
     if ($rsField['receipt_no'] == 00) {
         return new CPayment($rsField['ecuno'], $rsField['msgdata'], null, null, False);
     } else {
         return new CPayment($rsField['ecuno'], $rsField['msgdata'], $rsField['eamount'] / 100, $rsField['cur'], True);
     }
 }

function ValidateGooglePlaySignature($receipt, $signature)
{
    $publicGoogleKey = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+zLT00kiP/8iHZrvBwbAOIibC6qhGW9Mt6FHFHh+uJN5+wIYWKfsWS8cU9383iJ6Q0zL2Gk7UQtZvp9ug3yCzWkTADWzepO8rm0+gBuv7OcrIq5TF5qIS4qXrmTg1VkloJb0C4OP9IPqRpa9VKa1nWIa1VbLY2U4U7vgQIcLBIGL+5d2/qhjj4UeK3seWvY8XxHh9CElxMAmaOWU6aNUSon0G7r68gwx15hMOoVy4ICeKrGyn8XibTiruYwXHwBJ6JQNYzWRtJPEF1DL1TLev/DneVVoFgrc6ZnZMZGwlnYLKn0AolCTfq2c1GRUj/FI/wd3Rcm6lHeN3pbkmb1GwIDAQAB";
    $receipt = trim($receipt);
    $signature = trim($signature);
    //Create an RSA key compatible with openssl_verify from our Google Play sig
    $key = "-----BEGIN PUBLIC KEY-----\n" . chunk_split($publicGoogleKey, 64, "\n") . '-----END PUBLIC KEY-----';
    $key = openssl_pkey_get_public($key);
    //print $signature;print_r(openssl_pkey_get_details($key)); exit();
    if ($key == false) {
        return $ret = 100;
    }
    //Signature should be in binary format, but it comes as BASE64.
    $signature = base64_decode($signature);
    //Verify the signature
    $result = openssl_verify($receipt, $signature, $key, OPENSSL_ALGO_SHA1);
    //print $result . ' / ' . $receipt . ' / ' . $signature . ' / ' . $key;exit();
    if ($result == 1) {
        $ret = 1;
    } elseif ($result == 0) {
        $ret = 0;
    } else {
        $ret = 2;
    }
    return $ret;
}

 public function __construct($headers = null, $body = null)
 {
     $config = Payplug::getConfig();
     if (is_null($config)) {
         throw new ParametersNotSetException();
     }
     if (is_null($body)) {
         $body = file_get_contents("php://input");
     }
     if (is_null($headers)) {
         $headers = getallheaders();
     }
     $headers = array_change_key_case($headers, CASE_UPPER);
     $signature = base64_decode($headers['PAYPLUG-SIGNATURE']);
     $publicKey = openssl_pkey_get_public($config->payplugPublicKey);
     $isValid = openssl_verify($body, $signature, $publicKey, OPENSSL_ALGO_SHA1);
     if (!$isValid) {
         throw new InvalidSignatureException();
     }
     $data = json_decode($body, true);
     $this->amount = $data['amount'];
     $this->customData = $data['custom_data'];
     $this->customer = $data['customer'];
     $this->email = $data['email'];
     $this->firstName = $data['first_name'];
     $this->idTransaction = $data['id_transaction'];
     $this->lastName = $data['last_name'];
     $this->order = $data['order'];
     $this->origin = $data['origin'];
     $this->state = $data['state'];
 }

 public function verify($data, $signature)
 {
     $signature = $this->_base64encode ? base64_decode($signature) : $signature;
     $public_key = file_get_contents($this->_public_key);
     $verify_result = openssl_verify($data, $signature, $public_key);
     return $verify_result === 1;
 }

 /**
  * @inheritdoc
  */
 public function verify($key, $signature, $input)
 {
     if (!$this->supportsKey($key)) {
         throw new InvalidArgumentException('Invalid key supplied.');
     }
     return (bool) openssl_verify($input, $signature, $key, $this->getHashingAlgorithm());
 }