(PHP 4 >= 4.0.4, PHP 5, PHP 7)

openssl_verifyVérifie une signature


int openssl_verify ( string $data , string $signature , mixed $pub_key_id [, mixed $signature_alg = OPENSSL_ALGO_SHA1 ] )

openssl_verify() vérifie que la signature signature est correcte pour les données data, et avec la clé publique pub_key_id. Cette clé doit être la clé publique correspondant à la clé privée utilisée lors de la signature.

Liste de paramètres


La chaîne de données utilisé pour générer la signature


Une chaîne brûte binaire, générée par la fonction openssl_sign() ou signification similaire


resource - une clé, retourné par la fonction openssl_get_publickey()

string - une clé au format PEM, par exemple : "-----BEGIN PUBLIC KEY----- MIIBCgK..."


int - une des signatures d'algorithmes.

string - une chaîne valide retournée par la fonction openssl_get_md_methods(), par exemple : "sha1WithRSAEncryption" ou "sha512". Algorithme par défaut: "OPENSSL_ALGO_SHA1".

Valeurs de retour

Retourne 1 si la signature est correcte, 0 si elle est incorrecte et -1 si une erreur survient.


Version Description
5.2.0 Ajout du paramètre signature_alg.


Exemple #1 Exemple avec openssl_verify()

// On suppose que $data et $signature contiennent les données à signer et
// la signature.

// Lecture de la clé publique depuis le certificat
$pubkeyid openssl_pkey_get_public("file://src/openssl-0.9.6/demos/sign/cert.pem");

// indique si la signature est correcte
$ok openssl_verify($data$signature$pubkeyid);
if (
$ok == 1) {
"Signature valide";
} elseif (
$ok == 0) {
"Signature erronée";
} else {
"Erreur de vérification de la signature";
// libère les clés de la mémoire

Exemple #2 Exemple avec openssl_verify()

//Données que vous souhaitez signer
$data 'my data';

//Crée une nouvelle clé privée et publique
$private_key_res openssl_pkey_new(array(
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
$details openssl_pkey_get_details($private_key_res);
$public_key_res openssl_pkey_get_public($details['key']);

//Crée une signature

//Vérifie la signature
$ok openssl_verify($data$signature$public_key_resOPENSSL_ALGO_SHA1);
if (
$ok == 1) {
} elseif (
$ok == 0) {
} else {
"erreur : ".openssl_error_string();

Voir aussi

add a note add a note

User Contributed Notes 6 notes

11 years ago
I've finally found a way to verify signature. Sample in the documentation doesn't work. Code bellow DOES work :)

// $data is assumed to contain the data to be signed

// fetch certificate from file and ready it
$fp = fopen("path/file.pem", "r");
$cert = fread($fp, 8192);

// state whether signature is okay or not
// use the certificate, not the public key
$ok = openssl_verify($data, $signature, $cert);
if (
$ok == 1) {
} elseif (
$ok == 0) {
} else {
"ugly, error checking signature";
steve dot venable at lmco dot com
15 years ago
A note about the openssl_verify() (and some of the other functions).  The public key comes from a certificate in any of the support formats (as the example shows, use openssl_get_publickey() to get the resource id).  But after some trial and error I found the signature string MUST BE BINARY.  While no error occurs, passing a base64-formatted signature string (PEM format?), you simply get a mismatch.  When I did the base64 decode myself, the verify returned a match (return value 1).  You can simply drop the begin/end lines and take the output of the 'base64_decode()' function.
mikey at badpenguins dot com
7 years ago
I spent days scouring the php openssl documentation trying to figure out how to do what sounds like a simple task - given two PEM encoded certificates, is one the signer of the other?  Nowhere in the openssl_verify() documentation or comments is it explained where to obtain the signature of an existing certificate.  The openssl_x509_parse() function looked promising, but it is an unstable API that may change.

I had to write my own code to determine if one cert signed another, it is located here:

In a nutshell here is what I learned...

The signature data in a signed X.509 certificate contains DER formatted data about the signature that is encrypted with the signers public key.  The data contains a hash of the original subject certificate and information about what encryption algorithm was used to create the signature.

So you need to get this signature data and a copy of the original certificate with the issuer and signature sequences removed.  Hash a copy of the original certificate (sans issuer/signature sequences) with the same algorithm the issuer used and if the hashes match, you have the issuer cert that signed the certificate.
jeremie dot gomez at gmail dot com
6 years ago
You can actually use the public key as third parameter and not the certificate.

If you can't make it work, make sure that :

1) Your public key is well formatted. It seems that it must have the ----BEGIN PUBLIC KEY---- and ----END PUBLIC KEY----

2) Your signature is in binary format. You can use the php base64_decode for this.
meint dot post at bigfoot dot com
16 years ago
Anbybody trying to get a Win32 CryptoAPI based digital signature component to work with the openssl_verify() function should be aware that the CryptoAPI PKCS1 (RSA) method uses bytes in reverse order while the openssl_verify() method expects a correctly formatted PKCS1 digital signature (as should be). I learned this the hard way and it took me some time to dig this out. A simple solution in VBScript to reverse the byte order:

N = Len(Blob.Hex)

' reverse bytes in the signature using Hex format
For i = 1 To N - 1 Step 2
    s = Mid(Blob, i, 2) & s

s contains the digital signature in reverse order. Blob is an arbitrary binary container.

Send the signature off in Hex format and use a hex2bin method in PHP to convert to the correct format for openssl_verify(), i.e.

function hex2bin($data) {

    $len = strlen($data);
    return pack("H" . $len, $data);


That's it, hope it helps out. BTW I used ASPEncrypt to toy around with on Win32 platform. Works only with Internet Explorer but you could also use a Java applet and have none of the abovementioned problems :-)
attila dot m dot magyar at gmail dot com
3 years ago
mikey at badpenguins dot com -- validating an X509 certificate chain in php seems to be possible with openssl_x509_checkpurpose()
To Top