On Wed, May 23, 2012 at 8:29 PM, jas <jason.gerfen@xxxxxxxx> wrote: > I have run into a problem that I am altogether unfamiliar with. > > A scenario. I retrieve a users private key from a database. > > I then use the openssl_pkey_get_private() function to load it as a resource > object and proceed to call the openssl_sign() function to obtain a digital > signature of a string. > > No problem, I get a valid signature which I then base64 encode and store in > a database. > > Now lets say a couple of days from now I load up the public key which > corresponds to the private key which was used to originally sign the data to > verify it and it does not work. > > The kicker is if I perform the very same routine without saving the > signature and attempting to verify it it works without problems. > Have you checked what $signed looks like after running the script? Compare it to $signature. Most likely you corrupted your date elsewhere, maybe when inserting it into the database. - Matijn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
