Principles of signature verification for PHP interface development

Interface development is an important method for interconnection between systems. Its data is transmitted over the open Internet, which requires certain data security. To improve the tamper-proofing of transmission parameters, the signature sign method is currently a common method.

I would like to introduce one method that is commonly used by Internet companies in China. Among them, Taobao's Alipay payment interface, Taobao's open platform interface, Tencent's open platform, and other applications.

I. Signature parameter sign generation method

Step 2: sort all parameters (note all parameters) in ascending order of parameter names, except for parameters with the sign and null values.
Step 2: sort the sorted parameters by parameter 1 value 1 parameter 2 value 2... Parameter n value n (the parameter and value here must be the original value of the transmission parameter and cannot be processed. For example, you cannot convert & quot; to "and then splice it) to a string.
Step 2: splice the verification key allocated to the access party before the string obtained in step 3.
Step 2: Add the verification key before the string obtained in the previous step (here, the key is allocated to the interface access party by the interface provider), and then calculate the md5 value to obtain a 32-bit string, and then converts it to uppercase.
Step 2: calculate the md5 value (32 bits) of the string in step 2 and convert it to uppercase. The obtained string is used as the sign value.

Example:

Suppose the transmitted data is/interface. php? Sign = sign_value & p2 = v2 & p1 = v1 & method = cancel & p3 = & pn = vn (it is best to send it via post ),

The sign_value corresponding to the sign parameter is the signature value.

Step 1: concatenate a string, first remove the sign parameter, and then remove the parameter p3 whose value is null. The remaining p2 = v2 & p1 = v1 & method = cancel & amp; pn = vn, sort by parameter name in ascending order. method = cancel & p1 = v1 & p2 = v2 & pn = vn.

Step 2: splice the parameter names and values to obtain methodcancelp1v1p2v2pnvn.
Step 3: Add the verification key before the concatenated string. Assume abc is used to obtain the new string abcmethodcancelp1v1p2v2pnvn.

Step 4: perform md5 calculation on the string. Assume that the obtained string is abcdef and convert it to uppercase. Then, the value of ABCDEF is the sign value.

Note: Before calculating md5, make sure that the interface is consistent with the string encoding of the access party. For example, if the encoding method is inconsistent, the calculated signature will fail to be verified.

II. Signature verification method:

According to the method rules generated by the signature parameter sign described above, the signature value of the parameter is calculated and compared with the parameter value corresponding to the sign notified in the parameter. If it is consistent, the verification is passed. If they are inconsistent, the parameter is modified.

Example

 

The code is as follows:

Copy code

<? Php // Header ('content-Type: text/xml; charset = utf-8 '); Include_once (dirname (_ FILE _). DIRECTORY_SEPARATOR. 'Phpsec '. DIRECTORY_SEPARATOR. 'Math'. DIRECTORY_SEPARATOR. 'Biginteger. Php '); Include_once (dirname (_ FILE _). DIRECTORY_SEPARATOR. 'Phpsec '. DIRECTORY_SEPARATOR. 'Crypt'. DIRECTORY_SEPARATOR. 'Aes. Php '); Include_once (dirname (_ FILE _). DIRECTORY_SEPARATOR. 'Phpsec '. DIRECTORY_SEPARATOR. 'Crypt'. DIRECTORY_SEPARATOR. 'RSA. Php '); // Ciphertext $ Crypttext = 'encrypt/decrypt/k/encrypt/decrypt/xGb0g2XE/encrypt + qB7P/EMII/encrypt + 0 lujNgxIq/encrypt/hBT1UvIUml + encrypt/JcDCrdy0Co/decrypt + decrypt /release + btyn1_v/release + nQjj1THk0XHFc69N9g2 + Release/QVVU2julTeKunvgAAEc3n + Release/revgpasTOzDQa5NqR1B + release + CA '; $ Aeskey = base64_decode ('qze60qzfxuirub2ey4 + 7 + Q = '); // AES decryption, in ECB mode $ Aes = new Crypt_AES (CRYPT_MODE_ECB ); // Set the AES key $ Aes-> setKey ($ aeskey ); // Decrypt the AES ciphertext $ Plaintext = $ aes-> decrypt (base64_decode ($ crypttext )); Echo $ plaintext; Echo '// AES encrypted plaintext // Echo $ aes-> encrypt ($ plaintext ); // Rsa public key $ Publickey = 'prop + rDknXLqMT + DXeQAqGo4hBmcbej1aoMzn6hIJHk3/large/A0Vfb0 + xm8mnf46ddhhrrycerbsbyrcwidaqab '; // Echo base64_decode ($ publickey ); // Rsa signature $ Signature = 'xhin4uufqrkdehkbd/signature + Q0eqwsoAdywsVQDEceG5stas1CkPtrznAIW2eBGXCWspOj + aumEAcPyYDxLhDN646Krzw = '; // Echo base64_decode ($ signature ); $ Rsa = new Crypt_RSA (); // Set the RSA signature mode CRYPT_RSA_SIGNATURE_PSS or CRYPT_RSA_SIGNATURE_PKCS1 $ Rsa-> setSignatureMode (CRYPT_RSA_SIGNATURE_PKCS1 ); // Var_dump ($ rsa-> createKey ()); // Generate the RSA public key and private key // Extract ($ rsa-> createKey ()); // Use the RSA private key to generate a signature // $ Rsa-> loadKey ($ privatekey ); // $ Signature = $ rsa-> sign ($ plaintext ); // Use the RSA public key to verify the signature Echo $ plaintext; $ Rsa-> loadKey (base64_decode ($ publickey )); Echo $ rsa-> verify ($ plaintext, base64_decode ($ signature ))? 'Verified ': 'unverified '; Echo '// Generate the RSA public key and private key // Var_dump ($ rsa-> createKey ()); Extract ($ rsa-> createKey ()); // Use the RSA private key to encrypt data $ Rsa-> loadKey ($ privatekey ); $ Ciphertext = $ rsa-> encrypt ($ plaintext ); // Use the RSA public key to decrypt data $ Rsa-> loadKey ($ publickey ); Echo $ rsa-> decrypt ($ ciphertext );