Technified Posted September 28, 2014 Share Posted September 28, 2014 Hello All, I am working on a project where the client has provided me with the public key file and the private-key is being passed via url, along with 2 params that will be used on my end. These are the basics of the process that I am to use for verifying. Generate your own plaintext message matching the format of the string provided Create a SHA1withRSA hash of this message using the provided public key (UTF-16LE encode and pass this value) Base64 decode the signature Using a SHA1withRSA validator, verify your hashed message matches the Base64 decoded value in step 3 At this point I have performed steps 1-3 but am having an issue with step 4. The code is failing here. When I say failing I mean it is not being verified. $base64Sig = base64_decode($signature, true); $publickey = getPemKey(); $rsa = new Crypt_RSA(); $rsa->loadKey($publickey, CRYPT_RSA_PUBLIC_FORMAT_RAW); $hashedPlainText = sha1($utfString); $utfString = mb_convert_encoding($hashedPlainText ,"UTF-16LE"); echo $rsa->verify($hashedPlainText, $base64Sig) ? 'verified' : 'unverified'; If anyone can provide me with a basic example or a few sites that have examples with example data, it would be appreciated as I'm not sure I am "Using a SHA1withRSA validator". Thanks ahead of time! Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.