| SitePoint Sponsor |
Hi guys...
I got this big project today.The application itself is not that complicated but the aplication should have checking of digital signatures...The signatures will be published by our state agency but I have no clue where to start.How can this be done in php? What do I need?What's the concept?...
Any help would be really really appriciated....
exit(0);
be more clear about what u need......
for what is that digital signatures?
@reminder: You have a PM!
I have a database of 300 people...they all should apply with our goverment agency to issue them a certificat with whome they will be able to use the application...but I have no experience with certificates or signatures and don't know where to start....how can I (technically) sort this out?...
exit(0);
Have a look at the manual.
http://uk2.php.net/manual/en/functio...ssl-verify.php
Hi...yes I was looking at those functions but I still have a "logic" problem...I have an authority who will issue digital signatures to each person....and I will somehow have to check if that digital signature is ok....so openSSL functions should be enough for that?just so I know that I'm on the right track....thanx to all...
exit(0);
anyone? Nobody ever worked with PHP and digital signatures?...woow...am I the first?
exit(0);
well ahem! I was supposed to work on an app that uses them but never got around using them yet since the app is still in its feasibility analysis stage.
Never thought of OpenSSL functions but yeah all you need to do is verify the signature's info and then carry out whatever processing you need to based on that.
PHP Code://FROM THE PHP MANUAL
<?php
// $data and $signature are assumed to contain the data and the signature
// fetch public key from certificate and ready it
$fp = fopen("/src/openssl-0.9.6/demos/sign/cert.pem", "r");
$cert = fread($fp, 8192);
fclose($fp);
$pubkeyid = openssl_get_publickey($cert);
// state whether signature is okay or not
$ok = openssl_verify($data, $signature, $pubkeyid);
if ($ok == 1) {
echo "good";
} elseif ($ok == 0) {
echo "bad";
} else {
echo "ugly, error checking signature";
}
// free the key from memory
openssl_free_key($pubkeyid);
?>
Last edited by bigduke; Jun 2, 2005 at 09:19.
Posting Permissions
Bookmarks