我刚开始介绍 X509 协议(protocol)、电子 token 和数字签名。 我可以对文本进行数字签名。
问题是,我如何验证已签名的文本?在 linux 上,使用 openssl 还是 PHP?
例如,我有一个文本“Veridiane”,这是用 javascript 和 capicom 制作的数字签名的结果。
--bof--
MIIQ+QYJKoZIhvcNAQcCoIIQ6jCCEOYCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3
DQEHAaCCD1MwggQ9MIIDJaADAgECAgEMMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYD
VQQGEwJCUjETMBEGA1UEChMKSUNQLUJyYXNpbDE9MDsGA1UECxM0SW5zdGl0dXRv
IE5hY2lvbmFsIGRlIFRlY25vbG9naWEgZGEgSW5mb3JtYWNhbyAtIElUSTE0MDIG
A1UEAxMrQXV0b3JpZGFkZSBDZXJ0aWZpY2Fkb3JhIFJhaXogQnJhc2lsZWlyYSB2
MTAeFw0xMDEyMjMxNzUzNDRaFw0xNDEyMzEyMzU5NTlaMG4xCzAJBgNVBAYTAkJS
MRMwEQYDVQQKEwpJQ1AtQnJhc2lsMTQwMgYDVQQLEytBdXRvcmlkYWRlIENlcnRp
ZmljYWRvcmEgUmFpeiBCcmFzaWxlaXJhIHYxMRQwEgYDVQQDEwtBQyBDQUlYQSB2
MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ8LTiZlgB3un4bBJ2hP
BkKJKLAv5IGj+CCHdgo4bX+7RG94G9Acx0HNk4KdpnUhuoW8Q26c4+BmV2YGCFgd
EH6YI2IZ+7YUEUDzuxF3r2GxVJQqznDYz6uls4wkV5tjw3G39heZ44J8u+L67Wku
DZxXq8fCE6eLRtr+qaB4Kvi52WJ6p6qusYxzHMOyAa2gPKkkLcElpmFwbMLGYLMK
SJTJsSNhgSabJO4VAl/KBTj0mVKnZWj3KEu0ijMK2f4hKH3v5D1h55kcrh3ZYsGi
GoausqFwXtXvwz7ziE2CZGppXSFTAukAVyoryoP5CpY2jmLlIFl+XN61eUu+IB4w
MhECAwEAAaOBuzCBuDAUBgNVHSAEDTALMAkGBWBMAQEJMAAwPwYDVR0fBDgwNjA0
oDKgMIYuaHR0cDovL2FjcmFpei5pY3BicmFzaWwuZ292LmJyL0xDUmFjcmFpenYx
LmNybDAfBgNVHSMEGDAWgBRCsixcdAEHvpv/VTM77im7XZG/BjAdBgNVHQ4EFgQU
WlBSpTqO7xh8b2DxlDySZ2mtu0wwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAEvd24KUj4azH8bZS2wVFV33AT4UEaMz
I3OhzcmRdrrbFO5l3X3S0cA23xyJvzV7nG1KxwSseSV03rftHwVEKkkgXReiD9bJ
hx/zxpYJrx+cTMp1kkg0ly+0puaVJHbuULfpVOtG5z4qB1ZfTzrGt3HTLTidkpTM
E4uGjEOnNV1W8+EjTrhtOh01WA2WiNBdv2/7NybUh4qD7ozqvG+XNQmvA/yAOs5X
+5V18FfvzmaGg4Pa6xEO8+ox3iKXP65iaPWU+nKfYSl4Wyfs7vyIEa0E6wJ7FeBu
CcSDRpHTFsyABqy5UAf3LLPMGpmteapmGTE7m3u2bDePaYijd+jhiwQwggWAMIIE
aKADAgECAggfLOkHGBalDTANBgkqhkiG9w0BAQUFADBdMQswCQYDVQQGEwJCUjET
MBEGA1UECgwKSUNQLUJyYXNpbDEgMB4GA1UECwwXQ2FpeGEgRWNvbm9taWNhIEZl
ZGVyYWwxFzAVBgNVBAMMDkFDIENBSVhBIFBGIHYxMB4XDTExMDYxNjE3MDYzNVoX
DTE0MDYxNTE3MDYzNVowgYkxCzAJBgNVBAYTAkJSMRMwEQYDVQQKDApJQ1AtQnJh
c2lsMSAwHgYDVQQLDBdDYWl4YSBFY29ub21pY2EgRmVkZXJhbDEXMBUGA1UECwwO
QUMgQ0FJWEEgUEYgdjExKjAoBgNVBAMMIUFORFJFWSBCSUJJQU5PIEpBUkRJTTow
NDY4OTM1MjY2NjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41zwjgCotpwL
soW/6C3fjo901Gh7kDZaycJ2VY05W4VmICLGilEThwDgaRPf+BiGeW9eSSfvm/kV
ICxY3ytd0SjT1P9NPnXhf2V/zkhz3pwm490iDtSQArh7rwFZGdIHaCrnCE8PtlhN
H3zfLtAUY1hbJ9ZxaejsXH8XQaL95iECAwEAAaOCApkwggKVMA4GA1UdDwEB/wQE
AwIF4DApBgNVHSUEIjAgBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcUAgIw
HQYDVR0OBBYEFP8s41Kn3bYpV4qqwhMJE4VU3eg9MB8GA1UdIwQYMBaAFH2C84gE
V6aFE1eMASaWdbPd4wk7MIGbBgNVHREEgZMwgZCBFmFuZHJleWphcmRpbUB5YWhv
by5jb22gFwYFYEwBAwagDgQMMDAwMDAwMDAwMDAwoB4GBWBMAQMFoBUEEzAwMDAw
MDAwMDAwMDAwMDAwMDCgPQYFYEwBAwGgNAQyMDIwODE5ODAwNDY4OTM1MjY2NjAw
MDAwMDAwMDAwMDAwMDAzNjcyMTY5MzcwRE5UTUcwZgYDVR0gBF8wXTBbBgZgTAEC
AwgwUTBPBggrBgEFBQcCARZDaHR0cDovL2NlcnRpZmljYWRvZGlnaXRhbC5jYWl4
YS5nb3YuYnIvZG9jdW1lbnRvcy9kcGNhYy1jYWl4YXBmLnBkZjCBuQYDVR0fBIGx
MIGuMC2gK6AphidodHRwOi8vbGNyLmNhaXhhLmdvdi5ici9hY2NhaXhhcGZ2MS5j
cmwwLqAsoCqGKGh0dHA6Ly9sY3IyLmNhaXhhLmdvdi5ici9hY2NhaXhhcGZ2MS5j
cmwwTaBLoEmGR2h0dHA6Ly9yZXBvc2l0b3Jpby5pY3BicmFzaWwuZ292LmJyL2xj
ci9DQUlYQS9BQ0NBSVhBUEYvYWNjYWl4YXBmdjEuY3JsMFYGCCsGAQUFBwEBBEow
SDBGBggrBgEFBQcwAoY6aHR0cDovL2NlcnRpZmljYWRvZGlnaXRhbC5jYWl4YS5n
b3YuYnIvYWlhL2FjY2FpeGFwZnYxLnA3YjANBgkqhkiG9w0BAQUFAAOCAQEAlXDd
LdvMX15mfXBEGnP5HTaIeA5xAa69OY/WZMRuzomzBT3VhlQmbmG2pyE0Zhwy36wD
rjFMlxXcAhBG9dwE7JdVWE1B8sk/0qM/l3XPPCqzk1TqBZS4fCFmOqAYetMqI+sx
pYov+VfaQmBPMnw/vsfRrbas2GOKDIFbG1q59d6gcTUKdfvW3vwmniURT1BuRhXh
Bi3+1zQbkxxIC5szI0bdM6Glc+71EeK8enitdPbgM6nkXGa7913hVlaGqb/sB6IZ
wnF23a+pF6LlGe/SfcrzEUM9ceIzP7/Xc7opX+KVdpBUQ3On63pt5I6uizjsP8V2
a80FsmQEOJRccQHByzCCBYowggRyoAMCAQICCGOZvGd7dH5OMA0GCSqGSIb3DQEB
BQUAMG4xCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMTQwMgYDVQQL
EytBdXRvcmlkYWRlIENlcnRpZmljYWRvcmEgUmFpeiBCcmFzaWxlaXJhIHYxMRQw
EgYDVQQDEwtBQyBDQUlYQSB2MTAeFw0xMTAxMjQxNDUyNDVaFw0xNDEyMzExNDUy
NDVaMF0xCzAJBgNVBAYTAkJSMRMwEQYDVQQKDApJQ1AtQnJhc2lsMSAwHgYDVQQL
DBdDYWl4YSBFY29ub21pY2EgRmVkZXJhbDEXMBUGA1UEAwwOQUMgQ0FJWEEgUEYg
djEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUbGB//Rz3iwzRkwM9
I07GFrQwLmUQ8paw5zFq0oz6HnWP34F7oE3rFo9X6ycmphnBnwN6GLYEiO3ClY+u
23EUBvUaBX3gNNYbkotncokwpg4QoZfOWyAhWuhpMNaZV9iXShAdQlgsjItkRvC9
3y/AqCWd2BKutcVT1gki1Qt/YR0H1IeetxsPtN20e3xsRc5SmOiXAX35/JlEsW0W
zceqCYNpYj8oOFF4aDy4eAdBQKRduxho8SDqA10A1NEN88RKrpMmXn/j+lO4JYcF
RfpzMPT/JRQZtkuNoqjm0jVA9eqV9Aoe/1oK8cTkVNCoIOQqrUM7mhN4Qp5Kis+A
nNklAgMBAAGjggI7MIICNzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
BjAdBgNVHQ4EFgQUfYLziARXpoUTV4wBJpZ1s93jCTswHwYDVR0jBBgwFoAUWlBS
pTqO7xh8b2DxlDySZ2mtu0wwgcUGA1UdIASBvTCBujBbBgZgTAECAwgwUTBPBggr
BgEFBQcCARZDaHR0cDovL2NlcnRpZmljYWRvZGlnaXRhbC5jYWl4YS5nb3YuYnIv
ZG9jdW1lbnRvcy9kcGNhYy1jYWl4YXBmLnBkZjBbBgZgTAECAQgwUTBPBggrBgEF
BQcCARZDaHR0cDovL2NlcnRpZmljYWRvZGlnaXRhbC5jYWl4YS5nb3YuYnIvZG9j
dW1lbnRvcy9kcGNhYy1jYWl4YXBmLnBkZjCBswYDVR0fBIGrMIGoMCygKqAohiZo
dHRwOi8vbGNyLmNhaXhhLmdvdi5ici9hY2NhaXhhdjEuY3JsIDAtoCugKYYnaHR0
cDovL2xjcjIuY2FpeGEuZ292LmJyL2FjY2FpeGF2MS5jcmwgMEmgR6BFhkNodHRw
Oi8vcmVwb3NpdG9yaW8uaWNwYnJhc2lsLmdvdi5ici9sY3IvQ0FJWEEvQUNDQUlY
QS9hY2NhaXhhdjEuY3JsMFYGCCsGAQUFBwEBBEowSDBGBggrBgEFBQcwAoY6aHR0
cDovL2NlcnRpZmljYWRvZGlnaXRhbC5jYWl4YS5nb3YuYnIvYWlhL2FjY2FpeGFw
ZnYxLnA3YjANBgkqhkiG9w0BAQUFAAOCAQEAXRei0hphXf8SoGYDgY93qBDJoKbo
NRU24pC8j7D3YnC/Km1ZkETIf0OZh+aLHZ57QJXVQiz7Qkywzon5YSJFgX32tDsj
6nsk2q0eBdBZ3Z4MAQrmEvADUkQbm19c5Y8cNG1Y7utfxTz4ZjTwV6mCHkRPpCCA
nyPQz2j7yNNoWrr/nLSQyo7o97rAdQSIR0jw/vkPQND7fmsmh6chyXL46EUWiXSv
X9L/iiDKG832DO1HRWYaUQsMrBO3Ld0WHO3FcF2S4Ybua/ycWvBO7lBBuzFxJ/XK
UzcKeM5whwPhoDc0KOhcU2JfBJbHI7rR+QcWIiCkJlqU69KDqcYPhXTiDzGCAW4w
ggFqAgEBMGkwXTELMAkGA1UEBhMCQlIxEzARBgNVBAoMCklDUC1CcmFzaWwxIDAe
BgNVBAsMF0NhaXhhIEVjb25vbWljYSBGZWRlcmFsMRcwFQYDVQQDDA5BQyBDQUlY
QSBQRiB2MQIIHyzpBxgWpQ0wCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkq
hkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTExMDYxNzA5MjMxNFowIwYJKoZIhvcN
AQkEMRYEFCm/wZ4YKPeROqe+YHGjJHAch4XqMA0GCSqGSIb3DQEBAQUABIGAv5Gg
H+8151ryCX7BvPQUHU6ve2PZuDcMNuTI2YypMycnkOXhJf9L6/3OVRp6mMla4Hz0
7LMUlT5jiCkpqOgvlqEPM0ZoIA2TC5rqU/s7mcet1uaKleGnzpAB7jnkfHHrFnOf
94BxEoInO7WHCaSSvzPgVbIiO20YQCh9iq8+MaU=
--eof--
提前致谢...
最佳答案
当然是用 openssl。您可以使用命令行版本,或者如果已编译则使用相应的 PHP API。看起来 openssl_verify()是你需要的。看看 examples .
如果您说显示的 blob 是 x509 格式,那么您可能需要查看 openssl_x509_read()也是。
关于php - 在 PHP、linux openssl 或其他任何工具上验证 x509 签名文本,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/6385738/