Get the solution ↓↓↓
I have a signature function that comes from openssl API in PHP using ECDSA with SHA256, I need to verify this signature in a React Typescript environment with Elliptic library. I think it could be relevant to know that I don't have formal CS background.
I' testing in a PHP 8.1 - apache docker, I generated the keys with openssl on Ubuntu 22.04:
openssl ecparam -name secp256k1 -genkey -noout -out private_key.pem
openssl ec -in private_key.pem -text -noout
It doesn't matter if another curve is used, it just has to be at least as secure as a standard 256 bit curve.
private_key.pem (don't use in production)
-----BEGIN EC PRIVATE KEY-----
MHQCAQEEIElP6IpLbE3Jd7KdBjlHtgtJfcZ94/OEkCoIsl/iV8q8oAcGBSuBBAAK
oUQDQgAECQ5QVzipmVe7SUco3rzOgvaO+f70wN5jVVHDK2bSVY1OV3OCW0UZmSjU
az/p1DNMYv9tcjPUuPwf+eCtxXSepg==
-----END EC PRIVATE KEY-----
signature function
<?php
function my_sign($data)
{
$keyfile = file_get_contents("private_key.pem");
$private_key = openssl_get_privatekey($keyfile);
openssl_sign(bin2hex($data), $signature, $private_key, OPENSSL_ALGO_SHA256);
return base64_encode($signature);
}
$test_str = "test_str";
$signature64 = my_sign($test_str);
?>
.env.local (public key)
REACT_APP_V_KEY = 04090e505738a99957bb494728debcce82f68ef9fef4c0de635551c32b66d2558d4e5773825b45199928d46b3fe9d4334c62ff6d7233d4b8fc1ff9e0adc5749ea6
verification function
import { Buffer } from "buffer";
const V_KEY: string = process.env.REACT_APP_V_KEY as string;
export function my_verify(data: string, signature64: string)
{
let EC = require('elliptic').ec;
let ec = new EC('secp256k1');
let key = ec.keyFromPublic(V_KEY, 'hex');
let signature = Buffer.from(signature64, "base64").toString("hex");
let datahex = Buffer.from(data, "utf-8").toString("hex");
return key.verify(datahex, signature);
}
import { my_verify } from "/verify";
const test_field_test_str: string = json_response["test_field"]["test_str"];
const test_field_sign: string = json_response["test_field"]["signature64"];
console.log("verification: ", my_verify(test_field_test_str, test_field_sign));
Verification always returns false on client side, my guess is that it has something to do with DER format and/or public key, I'm pretty lost after checking that data and signature strings in hexadecimal print/log the same on client and server. How to properly verify signature from PHP server in React Typescript client?
Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.
Find the answer in similar questions on our website.
Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.
PHP (from the English Hypertext Preprocessor - hypertext preprocessor) is a scripting programming language for developing web applications. Supported by most hosting providers, it is one of the most popular tools for creating dynamic websites.
The PHP scripting language has gained wide popularity due to its processing speed, simplicity, cross-platform, functionality and distribution of source codes under its own license.
https://www.php.net/
React is currently the leader in JavaScript UI frameworks. First, the Facebook developers started working on this to make their job easier. An app called Facebook Ads grew very quickly, which meant complex management and support. As a result, the team began to create a structure that would help them with efficiency. They had an early prototype before 2011, and two years later, the framework was open source and available to the public. It is currently used by many business giants: AirBNB, PayPal, Netflix, etc.
https://reactjs.org/
Welcome to the Q&A site for web developers. Here you can ask a question about the problem you are facing and get answers from other experts. We have created a user-friendly interface so that you can quickly and free of charge ask a question about a web programming problem. We also invite other experts to join our community and help other members who ask questions. In addition, you can use our search for questions with a solution.
Ask about the real problem you are facing. Describe in detail what you are doing and what you want to achieve.
Our goal is to create a strong community in which everyone will support each other. If you find a question and know the answer to it, help others with your knowledge.