i-avatar777/service-ecdsa

使用openssl函数库的简单快速PHP ECDSA实现

维护者

详细信息

github.com/i-avatar777/service-ecdsa

主页

源代码

问题

安装: 90

依赖项: 0

建议者: 0

安全性: 0

星标: 0

关注者: 2

分支: 0

开放问题: 0

1.0.3 2020-02-22 14:50 UTC

Requires

MIT b7b30d00ba84a7d6f9224e27e66510b4474dbeb3

This package is auto-updated.

Last update: 2024-09-23 01:14:21 UTC

README

介绍

这是PHP实现的椭圆曲线数字签名算法。它兼容PHP 5.5+。请注意,这个库严重依赖于PHP的openssl包,因此——根据您的PHP安装——您可能需要使用“–with-openssl”标志重新编译它。

模块封装了内置的openssl函数,因此所有标准曲线都应该得到支持。默认值:secp256k1

安装

要安装ECDSA-PHP,请使用composer

{
    "require": {
        "i-avatar777/service-ecdsa": "*"
    }
}

速度

我们在2017年MAC Pro i7上进行了测试。我们运行了100次库,平均时间如下

代码示例

如何签名JSON消息

use iAvatar777\services\EllipticCurve\Ecdsa;
use iAvatar777\services\EllipticCurve\PrivateKey;

# Generate privateKey from PEM string
$privateKey = PrivateKey::fromPem("
    -----BEGIN EC PARAMETERS-----
    BgUrgQQACg==
    -----END EC PARAMETERS-----
    -----BEGIN EC PRIVATE KEY-----
    MHQCAQEEIODvZuS34wFbt0X53+P5EnSj6tMjfVK01dD1dgDH02RzoAcGBSuBBAAK
    oUQDQgAE/nvHu/SQQaos9TUljQsUuKI15Zr5SabPrbwtbfT/408rkVVzq8vAisbB
    RmpeRREXj5aog/Mq8RrdYy75W9q/Ig==
    -----END EC PRIVATE KEY-----
");


# Create message from json
$message = array(
    "transfers" => array(
        array(
            "amount" => 100000000,
            "taxId" => "594.739.480-42",
            "name" => "Daenerys Targaryen Stormborn",
            "bankCode" => "341",
            "branchCode" => "2201",
            "accountNumber" => "76543-8",
            "tags" => array("daenerys", "targaryen", "transfer-1-external-id")
        )
    )
);

$message = json_encode($message, JSON_PRETTY_PRINT);

$signature = Ecdsa::sign($message, $privateKey);

# Generate Signature in base64.
echo "\n" . $signature->toBase64();

# To double check if message matches the signature
$publicKey = $privateKey->publicKey();

echo "\n" . Ecdsa::verify($message, $signature, $publicKey);

简单使用

# Generate new Keys
use iAvatar777\services\EllipticCurve\PrivateKey;
use iAvatar777\services\EllipticCurve\Ecdsa;

$privateKey = new PrivateKey;
$publicKey = $privateKey->publicKey();

$message = "My test message";

# Generate Signature
$signature = Ecdsa::sign($message, $privateKey);

# Verify if signature is valid
echo "\n" . Ecdsa::verify($message, $signature, $publicKey);

OpenSSL

这个库与OpenSSL兼容,因此您可以使用它来生成密钥

openssl ecparam -name secp256k1 -genkey -out privateKey.pem
openssl ec -in privateKey.pem -pubout -out publicKey.pem

创建message.txt文件并对其签名

openssl dgst -sha256 -sign privateKey.pem -out signatureDer.txt message.txt

现在我们来签名

use iAvatar777\services\EllipticCurve\Utils\File;
use iAvatar777\services\EllipticCurve\PublicKey;
use iAvatar777\services\EllipticCurve\Signature;
use iAvatar777\services\EllipticCurve\Ecdsa;

$publicKeyPem = File::read("publicKey.pem");
$signatureDer = File::read("signatureDer.txt");
$message = File::read("message.txt");

$publicKey = PublicKey::fromPem($publicKeyPem);
$signature = Signature::fromDer($signatureDer);

echo "\n" . Ecdsa::verify($message, $signature, $publicKey);

您可以在自己的终端中检查

openssl dgst -sha256 -verify publicKey.pem -signature signatureDer.txt message.txt

openssl base64 -in signatureDer.txt -out signatureBase64.txt

您也可以使用这个库来检查

use iAvatar777\services\EllipticCurve\Utils\File;
use iAvatar777\services\EllipticCurve\Signature;

$signatureDer = File::read("signatureDer.txt");

$signature = Signature::fromDer($signatureDer);

echo "\n" . $signature->toBase64();

运行单元测试

php tests/test.php