openssl_sign(): supplied key param cannot be coerc

2019-09-07 08:26发布

站内问答 / 前端开发
1635 3 5

I have googled to search answer for these problem.but I'm not able to find proper solution for my question as many answer was specific to problem related.

when I tried to create digital signature of content using XMLSecurityKey and openssl_sign I'm getting warning and signature was not created.

openssl_sign is throwing error as :

Warning: openssl_sign(): supplied key param cannot be coerced into a private key in /var/www/git/ta_client/accessService.php on line 105

And my code is:

public function _signMessage($encData, $configValues)
    {
$decode = 'decode';
    $token = $encData['token'];
    $cipherValue = $encData['cipherValue'];
    $clientId = $encData['ClientId'];
    $grpCustNum = $encData['grpCustNum'];

    // Sign the concatenated string
    $toSign = $token . $cipherValue . $clientId . $grpCustNum;

    // Encrypt the token with the public key from vendor
    $cipher = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type'=>'private')); // Reference to XMLSecLibs
    $cipher->loadKey($configValues['privkey'], true);
    try{
    if (! openssl_sign ($toSign, $signature, $cipher->key, OPENSSL_ALGO_MD5)) {
        openssl_error_string();
        throw new Exception();
    }
    }catch(Exception $e){
    print_r($e);
    die;
}
    // append the decode values
    $encData['sign'] = urlencode(base64_encode($signature)) . $decode;
    $encData['token'] = urlencode($token) . $decode;
    $encData['cipherValue'] = urlencode($cipherValue) . $decode;

    return $encData;
}

And my $configValues['privkey'] is in xml format.Any suggestions?

3条回答
欢心
2楼-- · 2019-09-07 09:06

openssl doesn't support XML format. My recommendation would be to use phpseclib. ie.

<?php
include('Crypt/RSA.php');

$rsa = new Crypt_RSA();
$rsa->loadKey('...'); // private key

$plaintext = '...';

$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
$signature = $rsa->sign($plaintext);

I'm assuming the private key you're trying to load is in this format?:

<RSAKeyValue>
  <Modulus>AKoYq6Q7UN7vOFmPr4fSq2NORXHBMKm8p7h4JnQU+quLRxvYll9cn8OBhIXq9SnCYkbzBVBkqN4ZyMM4vlSWy66wWdwLNYFDtEo1RJ6yZBExIaRVvX/eP6yRnpS1b7m7T2Uc2yPq1DnWzVI+sIGR51s1/ROnQZswkPJHh71PThln</Modulus>
  <Exponent>AQAB</Exponent>
  <P>AN4DDp+IhBca6QEjh4xlm3iexzLajXYrJid6vdWmh4T42nar5nem8Ax39o3ND9b1Zoj41F9zFQmuZ8/AgabreKU=</P>
  <Q>AMQi+R0G9m0K+AcqK3DFpv4RD9jGc0Tle98heNYT7EQvZuuiq4XjvRz0ybqN//bOafrKhsTpRS9DQ7eEpKLI4Bs=</Q>
  <DP>FklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5kX6zk7S0ljKtt2jny2+00VsBerQ==</DP>
  <DQ>AJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2eplU9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhM=</DQ>
  <InverseQ>EaiK5KhKNp9SFXuLVwQalvzyHk0FhnNZcZnfuwnlCxb6wnKg117fEfy91eHNTt5PzYPpf+xzD1FnP7/qsIninQ==</InverseQ>
  <D>Fijko56+qGyN8M0RVyaRAXz++xTqHBLh3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxE=</D>
</RSAKeyValue>
查看更多
0人赞 添加讨论(0) 举报
我欲成王,谁敢阻挡
3楼-- · 2019-09-07 09:12

The same error will be generated if you are using a malformed private key or attempting to sign with the public key...

查看更多
0人赞 添加讨论(0) 举报
祖国的老花朵
4楼-- · 2019-09-07 09:18

This error message has several causes and can be extremely misleading!

Of course, this error message will appear if your PEM file is somehow corrupt or does not contain a private key, obviously.

But this error message also comes when the file can't be read at all, e.g. because there are no permissions. Unfortunately, the message does not mention that.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)