SitePoint Sponsor

User Tag List

Results 1 to 11 of 11

Hybrid View

  1. #1
    SitePoint Zealot
    Join Date
    Feb 2003
    Location
    Mexico City
    Posts
    122
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    $30 bounty: How to use the RSA PEAR package? How do I use a .key file to sign a str.?

    Hi,

    My head is completely blocked on this issue. I'm even shaking from desperation of this... Our government has surely made it extremely difficult to understand the law... Anyway, I'm drifting away, so back to the subject.

    I have a key pair (.cer/.key - public/private), which was handed to me by the government.

    I'm supposed to sign invoices with the private key, and even though they don't provide much detail, I kinda arrived at the conclusion I could use PHP for the work.

    First, I need to create an MD5 hash of a string. Then I have to sign it with the public key, and then I need to convert the signature to base64.

    The middle step I don't know how to do. It seems that the RSA PEAR package only accepts strings, so how could I convert my .key file so I can use it to sign my invoices?

    I'll paypal $30 to the first person that helps me out.

    Thanks!

    Ivan V.

  2. #2
    SitePoint Guru enygmadae's Avatar
    Join Date
    Sep 2002
    Location
    Dallas, Tx.
    Posts
    795
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You can use the OpenSSL functionality in PHP (has to be compiled in) to do the encryption with the key:

    http://us3.php.net/manual/en/functio...te-encrypt.php

    Then you can use the rest of the functions to send the message off...
    PHP News, Views and Community: http://www.phpdeveloper.org

  3. #3
    SitePoint Zealot
    Join Date
    Feb 2003
    Location
    Mexico City
    Posts
    122
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I was trying that, but it doesn't work. i.e.:

    PHP Code:
    $passphrase="...";
    $priv_key_file_name = ("./veri.key");
    openssl_pkey_get_private(array("file://$priv_key_file_name"$passphrase)) 
    The function returns false.

    This stuff is driving me mad!!! please help me...

  4. #4
    SitePoint Guru enygmadae's Avatar
    Join Date
    Sep 2002
    Location
    Dallas, Tx.
    Posts
    795
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    why are you putting an array into opennssl_pkey_get_private?

    "key can be one of the following: a string having the format file://path/to/file.pem. The named file must contain a PEM encoded certificate/private key (it may contain both)."

    the second value passed to the function is the passphrase, not the second value in the array...
    PHP News, Views and Community: http://www.phpdeveloper.org

  5. #5
    SitePoint Zealot
    Join Date
    Feb 2003
    Location
    Mexico City
    Posts
    122
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    See the user comments in the function documentation.

  6. #6
    SitePoint Guru enygmadae's Avatar
    Join Date
    Sep 2002
    Location
    Dallas, Tx.
    Posts
    795
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ahh....okay...didn't get that far down.
    Is the "./veri.key" path to the file valid? You might try using the fill path to the file in there...
    PHP News, Views and Community: http://www.phpdeveloper.org

  7. #7
    SitePoint Zealot
    Join Date
    Feb 2003
    Location
    Mexico City
    Posts
    122
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The path is correct. I even tried loading the file first, just to make sure.

    I think the key pairs were generated with ****1n6 Java, so I might just ask someone to write a damn program to sign my invoices... Damn it, our government has just made me hate java.

  8. #8
    SitePoint Guru enygmadae's Avatar
    Join Date
    Sep 2002
    Location
    Dallas, Tx.
    Posts
    795
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well, it shouldn't matter what made them....
    you might try this method: http://us2.php.net/manual/en/functio...privatekey.php
    PHP News, Views and Community: http://www.phpdeveloper.org

  9. #9
    SitePoint Zealot
    Join Date
    Feb 2003
    Location
    Mexico City
    Posts
    122
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    not working :-(

  10. #10
    SitePoint Guru enygmadae's Avatar
    Join Date
    Sep 2002
    Location
    Dallas, Tx.
    Posts
    795
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    whats the error msg?
    PHP News, Views and Community: http://www.phpdeveloper.org

  11. #11
    SitePoint Zealot
    Join Date
    Feb 2003
    Location
    Mexico City
    Posts
    122
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    openssl_get_privatekey returns false, and then:

    Warning: openssl_private_encrypt(): key param is not a valid private key

    So it would seem openssl_get_privatekey somehow doesn't understand my private key because it's not loading it... The key is not corrupt or anything like that, because I've already used it to sign other stuff, with the program provided by the government. Unfortunately, that stupid program doesn't sign arbitrary data, so I'm off to create my own damn solution.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •