Jump to content

Technified

New Members
  • Posts

    4
  • Joined

  • Last visited

Technified's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. Thanks for all the feedback. I have done my research on sign() and verify(), the issue is that this isn't a normal request and since I've never done anything in the manner that it has been asked for I am reaching out. This is a paying customer for which I have 1) attempted to put my foot down and provide them with my professional opinion 2) they are verifying it on their end in the same manner they have asked me to do so however the code sample they have provided me with is Java. I am simply trying to recreate the steps they used to produce a successful outcome on their end, in php. If it is just impossible, I can let them know that however I was not 100% sure that was a correct answer and therefore looked to those that have may have more knowledge than I. Again I appreciate the responses and help.
  2. Jacques1, I agree it does not make any sense and I passed that info on to the person who "developed" it in this manner. It is not a school project. The project is a SSO method. So this data is being passed from the main party to an intermediate bridge, this is where the verification takes place and if it passes their validation then the user will be redirected and auto logged in to the next party's address. I hope this makes it a little clearer however it still is not making any sense to me.
  3. Thanks @darkfreaks! I seem to have gotten much further however I am now receiving an error Invalid signature in ..\Crypt\RSA.php on line <b>2757</b> This is how I am approaching it. $rsa = new Crypt_RSA(); $rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1); $plaintext = mb_convert_encoding($msg, "UTF-16LE"); $plainTextInt = new Math_BigInteger($plaintext); $plainTextBytes = $plainTextInt->toBytes(); $signature = $rsa->sign($plainTextBytes); $ok = $rsa->verify($plainTextBytes, $newsignature) ? 'verified' : 'unverified'; { ERROR IS OCCURING HERE } I don't see what it is that I am missing...
  4. Hello All, I am working on a project where the client has provided me with the public key file and the private-key is being passed via url, along with 2 params that will be used on my end. These are the basics of the process that I am to use for verifying. Generate your own plaintext message matching the format of the string provided Create a SHA1withRSA hash of this message using the provided public key (UTF-16LE encode and pass this value) Base64 decode the signature Using a SHA1withRSA validator, verify your hashed message matches the Base64 decoded value in step 3 At this point I have performed steps 1-3 but am having an issue with step 4. The code is failing here. When I say failing I mean it is not being verified. $base64Sig = base64_decode($signature, true); $publickey = getPemKey(); $rsa = new Crypt_RSA(); $rsa->loadKey($publickey, CRYPT_RSA_PUBLIC_FORMAT_RAW); $hashedPlainText = sha1($utfString); $utfString = mb_convert_encoding($hashedPlainText ,"UTF-16LE"); echo $rsa->verify($hashedPlainText, $base64Sig) ? 'verified' : 'unverified'; If anyone can provide me with a basic example or a few sites that have examples with example data, it would be appreciated as I'm not sure I am "Using a SHA1withRSA validator". Thanks ahead of time!
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.