我有一封经过数字签名的电子邮件。
email :
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The below email has been digitally signed for test purposes. We will
now go on and save this signed email in our dms system.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJTnwd9AAoJEEWjhuB1kNr9dQcH/2YeZlHEfK/KOPg8XhpOY+4l
3camfFVya8JIzLHsOzhhdSqIItDr7VlGDrjrMgPPiD1abyy9zhcqZ18Kh8sUuFJV
/TA434rrnMJC0xmSzXl4uo+UagyNyCjzwR4TFCGP4Ob6SzPl/jxfrcfO5yXEdF1I
X6wgQUmnb3ZLczdPVXsKpwpVIGqX7diwe1CAZKxCmjZo9rr/MmDLLl7AjYq/WQDT
uOYqXs2IasOIiTGpYrqexBpDn1qRUNiKVgFSRUTfTjYGXYij9P635WTfeE1bQrn1
HpT9hKhipYPkFcELAor7asqAcnE0lc4Oy9NV2bUryss8ic/pkhiXvlohA3MpCDA=
=+IbK
-----END PGP SIGNATURE-----
公钥:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.22 (MingW32)
mQENBFOfBmkBCAC6gH9rR185hiCADttaQeUp9Jc+4Zzx60E+ogWd33Tb1dNvK/IK
wqpnRpYI1CHVpqX0xWy8Ylcw3rLpPJ6BUzO3hWFLRMXAIXiemV/+VKrKysgm1Xdg
1PSAVfqmgkXLEEGGSj2OHNA0VVnl1G8AI8/SMpLqhS3PMz3X1nmBv4hLohugLla9
AVdYp6Me5OAWfjHswkUxCvc/fSh2ufFSnFxgjUibIyn+GP5qG8Wc+GjrBzTLzjA7
LvP198fWIHQ5w342F3WE8/9ec+1ir/a4japcFodRibXBEqltF+BXgk9pVcEXTd8O
FCxygrnSkWioj9Qf5uyjuKfV1F7Wq/Nu5uPZABEBAAG0JkFiaGluYXYgQWdnYXJ3
YWwgPGFiaGluYXZAdHJ1dGVjaC5vcmc+iQE/BBMBAgApBQJTnwZpAhsjBQkJZgGA
BwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQRaOG4HWQ2v2F9Af/RAKCz0uo
xqrVe1MXqCe9ZCPSwlHGH4X4NtQbo7FTYy7K2fo9ucoKI4c2lHZA+Ef1K6BhZG34
IlXPSwy8nhTWJl7pi/xo7gEDlnHJMJCGvQcdtm4lkp39V2cy/Y0lS9V/EYmiesIX
tmPwwyYxo85jNsdmbjQKDTv5mcir9AebllCk2NlrxpyTO8oAnp1peHaHHq+U92e3
ZipHEiuAvE0U6WU/fA7tHoWoUor9AUm1hE5mSsyi+do4o/YJqGEgAss62v0npcBx
oyHoHum5XUgZ1kjvq40Mzkxo9N6vU7P7ULyt9FZylM+pk9XEqiz8IGTPW6JGiJS2
WmhJli2Szl1xgLkBDQRTnwZpAQgA27UvNu/m61pZwTBSQAVjLNJnJTlU4yh/DxKU
B3opw7JvvgXYB3VS9AyqSYaIJTcziCBZRewMH+WVpZwRk9SFMyeyNhuk9SGeGU9s
vyE5dGPa/U5zpvhaqn//CMdRr+wf6XeBKjzc9eKgWMrPLhzlHZ6kzLsbRsalOd4x
0M3aeO4SV00HFFfXVfJplNB8/zsHNNqtF5ACz9DX69p1GWJD6AAlu/s04xkkUScr
M2B5lHm6iU6NmfP1GeTD+rOyigcOrSlAL4QGIzGDfoDJOy9UYtk+YOv8UBa3IpG0
7sARkd+MZGUOgPWIDYQLiSi+9opFHtn4EzrvuUP3Zj1kN4ZUTwARAQABiQElBBgB
AgAPBQJTnwZpAhsMBQkJZgGAAAoJEEWjhuB1kNr9kHoIAKnjEAiH53ZrWYuummPR
PRztZL1K7LkxEAxQ00V+PMrg4wNlp1WW5Vl3X0jB5FqUTUmI/65MhoWa+Ucqg31c
pUOpw5OHK/cyrsscj+gL3nknhswWcvqBNQuiB8UO7Kt89yFYysA754sADKE+nDBM
D+kmlH4u3vvKep0hZ+gzvH3AOZDhijKJYN9zMMf/gtwZhlEm/N+yBpkP1sxcFsJ+
V5hduu4sqJnAcCWg3V/JXonAOZGPS/GE+wXt4Om1D/6RcBBtrBGwh/ezBFS/gSio
vGRcFzZYRhM1rMEu82raZ3ji3X/5fOjxvhSXdrajG3LX8s2gCk+a0nGDi3MYs5l0
p14=
=cn4r
-----END PGP PUBLIC KEY BLOCK-----
我想用 php 编写一个程序来验证数字签名。我有发件人的公钥。我尝试从下载 GnuPG 库这个网站 https://www.gnupg.org/download/index.html,但没有被下载。
还有其他办法吗?我该怎么做呢?任何帮助将不胜感激。
PHP 已经带来了用于连接 GnuPG 的模块 http://php.net/manual/en/function.gnupg-verify.php,这相当容易使用。
GnuPG 必须已经安装,在 Linux 服务器上通常是这样,在 Windows 机器上我听说让 PHP 与 GnuPG 一起运行相当困难。
For 验证签名, use gnupg_verify(...) http://php.net/manual/en/function.gnupg-verify.php,来自链接的 PHP 文档的示例:
<?php
$plaintext = "";
$gpg = new gnupg();
// clearsigned
$info = $gpg -> verify($signed_text,false,$plaintext);
print_r($info);
// detached signature
$info = $gpg -> verify($signed_text,$signature);
print_r($info);
?>
你不得不导入签名者的公钥 http://php.net/manual/en/function.gnupg-import.php在验证之前(如果尚未完成)。
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)