On Wed, May 23, 2012 at 8:29 PM, jas <jason.ger...@utah.edu> wrote:
> I have run into a problem that I am altogether unfamiliar with.
> A scenario. I retrieve a users private key from a database.
> I then use the openssl_pkey_get_private() function to load it as a resource
> object and proceed to call the openssl_sign() function to obtain a digital
> signature of a string.
> No problem, I get a valid signature which I then base64 encode and store in
> a database.
> Now lets say a couple of days from now I load up the public key which
> corresponds to the private key which was used to originally sign the data to
> verify it and it does not work.
> The kicker is if I perform the very same routine without saving the
> signature and attempting to verify it it works without problems.

Have you checked what $signed looks like after running the script?
Compare it to $signature. Most likely you corrupted your date
elsewhere, maybe when inserting it into the database.

- Matijn

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to