dongqing6755 2017-01-18 17:21
浏览 1633
已采纳

openssl_pkey_get_public返回false,但密钥确实存在

I'm using a library that uses openssl_pkey_get_public, but it's returning false. It seems that openssl is enabled, and the key exists. Below are the few lines from the library I'm using, btw which I am debugging but cannot modify as it is not my code base:

protected function decrypt($encryptedData)
    {
        $publicKey = openssl_pkey_get_public($this->publicKey->getKeyPath());
        $publicKeyDetails = @openssl_pkey_get_details($publicKey);
        if ($publicKeyDetails === null) {
            throw new \LogicException(
                sprintf('Could not get details of public key: %s', $this->publicKey->getKeyPath())
            );
        }
.
.
.

I have the inserted the following debug code:

$keyPath = $this->publicKey->getKeyPath(); // returns file:///var/www/sso/website/storage/id_rsa.pub
var_dump(file_exists($keyPath)); // outputs true
var_dump(openssl_pkey_get_public($keyPath)); // returns false

Below shows the contents of $keyPath:

echo file_get_content($keyPath);

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQChY1gtF0Oeku62+4HCisIswcDu9fjZV7fImTlqQej/UsmsJH7jz5EF/ZXCWTKV/bgOwzV2oeHomukITqiR14D01W3mVcpTBAp5AP4JN25am57xdc6Nxd8Lo/NsCKKqQ4/uBmpYBVZm8Ye/hu3ixM6y/xbCGnw/ca4z0DKDa94z1XrRc6FrV1mXx5lItQEo/v8wVKX9NJVAANYZ/jJEk7jGTB9WkSTNR5l/tNBBF3MFuBigjSuaxUsnKT2IwOV5g2ewN4TzXARi2/BI7rweNsUFCWRbkUa7VJc3XOVZbS50TzUpAIqHI9Q8enBs95A1JvSTDvlT3efEHrM2T7KP7QOz ubuntu@ubuntu-xenial

I had previously created the keys with the following command:

ssh-keygen -f storage/id_rsa -t rsa -N ''

Some additional info if it help:

$ php -i | grep openssl
openssl
Openssl default config => /usr/lib/ssl/openssl.cnf
openssl.cafile => no value => no value
openssl.capath => no value => no value

$ php -m | grep openssl
openssl

Is there any reason why this might be happening?

  • 写回答

2条回答 默认 最新

  • dragoninasia2014 2017-01-21 15:21
    关注

    You're using an SSH formatted public key. OpenSSL doesn't support that format. But you know what does support that format? phpseclib. It'll auto-detect the format and, once loaded, will let you do whatever RSA operations you need to do. Be aware, tho, that phpseclib expects the actual key to be passed to it - not a path to the key on the file system but the key itself.

    Sample code: http://phpseclib.sourceforge.net/rsa/examples.html#encrypt,enc

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?