CODEWITHSUNDEEP
phpcryptographydigital-signaturecryptoapiphp-openssl
Hamed Forsi
Hamed Forsi

Reputation: 77

C++ DSS Signature verification in PHP

I have a C++ application to sign and verify some data, now I want to verify the data in PHP, following is my C++ code for data signing:

extern "C" __declspec(dllexport) BYTE* Sign(BYTE* bytdata)
{
    // Private key blob
    BYTE prKeyBlob[] = {7 , 2 , 0 , 0 , 0 , 34 , 0 , 0 , ...};

    HCRYPTPROV hProv = NULL;
    HCRYPTKEY prKey;
    HCRYPTHASH hHash;
    DWORD SignLen;

    if(CryptAcquireContext(&hProv, NULL, NULL, PROV_DSS, CRYPT_VERIFYCONTEXT)) 
// Creating cryptography provider
    {
        // Importing public key
        if(!CryptImportKey(hProv, prKeyBlob, sizeof(prKeyBlob), 0, 0, &prKey))
            return NULL;

        // Creating hash object
        if(!CryptCreateHash(hProv, CALG_SHA, 0, 0, &hHash))
            return NULL;

        if(!CryptHashData(hHash, bytdata, DATALEN, 0))
            return NULL;

        // Signing hashed value
        if(!CryptSignHash(hHash, AT_SIGNATURE, NULL, 0, NULL, &SignLen))
            return NULL;

        BYTE* bytSign = (BYTE*)malloc(SignLen);
        if(CryptSignHash(hHash, AT_SIGNATURE, NULL, 0, bytSign, &SignLen))
            return bytSign;
        else
            return NULL;
    }
    else
        return NULL;
}

I've tried PHP openssl_verify() but I cannot feed the public key correctly; in C++ I have a byte array of public key blob but I don't know how to extract public key from this array, and use it with php openssl.

function verify($data, $sign)
{
    // fetch public key from certificate and ready it
    $cert = file_get_contents('./key.pem');
    $pubkeyid = openssl_get_publickey($cert) or die("KEY ERROR");

    // state whether signature is okay or not
    return openssl_verify($data, $sign, $pubkeyid, OPENSSL_ALGO_DSS1)?1:0;
}

But I get "error:0906D06C:PEM routines:PEM_read_bio:no start line" from openssl_get_publickey

my key.pem file contents:

-----BEGIN PUBLIC KEY-----
fkNkBaO1Y0ZruN8LD8BGm3IF00bbSNZN/ql8ak0duOjbzDP229rnkPFDIPihbO
9Uw6369b3suwqvPY3w+VzwRKKfLG99KiMxMgF3H3IvJl8hyzQf6qJGJ9X
sonzhrTqDeugT9fa2FnpY5pg+7g+6MqSRh1T0qTii9JFcwVf5r/o=
-----END PUBLIC KEY-----

Thank you in advance.

Upvotes: 1

Views: 513

Answers (1)

Maarten Bodewes
Maarten Bodewes

Reputation: 93978

There is a clear indication in the PHP documentation what is wrong. PHP retrieves the public key from a certificate if you use openssl_get_publickey. Unfortunately, you haven't not a certificate, you only have a public key.

So there are two options: create a (self-signed?) certificate around your public key or find a function in PHP that reads a PEM encoded public key. Unfortunately, that last function seems to be missing in action.

Upvotes: 0

Related Questions