Digital signature with certificate

0

How to get the data generated from a digital signature, made with a Brazilian digital certificate in a PDF, using openssl and php?

I am using openssl_verify to check if the document has not been modified and signature is authentic, but I need the hash generated in the signature, but I can not get it

    
asked by anonymous 23.06.2017 / 18:13

1 answer

1

There is an example that explains this in the PHP manual using hashes link: link

See if it can help you, it explains how the method works, and how to use it code:

<?php
//data you want to sign
$data = 'my data';

//create new private and public key
$private_key_res = openssl_pkey_new(array(
    "private_key_bits" => 2048,
    "private_key_type" => OPENSSL_KEYTYPE_RSA,
));
$details = openssl_pkey_get_details($private_key_res);
$public_key_res = openssl_pkey_get_public($details['key']);

//create signature
openssl_sign($data, $signature, $private_key_res, "sha1WithRSAEncryption");

//verify signature
$ok = openssl_verify($data, $signature, $public_key_res, OPENSSL_ALGO_SHA1);
if ($ok == 1) {
    echo "valid";
} elseif ($ok == 0) {
    echo "invalid";
} else {
    echo "error: ".openssl_error_string();
}

If you know what type of hash was used to encrypt your signature, simply pass it by parameter in openssl_verify as in the example, the encryption hash is usually specified in the integration manual you are trying to perform.

    
23.06.2017 / 18:33