(PHP ActiveX) DSA R,S Signature Values

See more DSA Examples

Creates a DSA signature. Gets r,s values from the signature. Re-creates the DSA signature ASN.1 from the r,s values. Then verifies the signature using the re-created ASN.1 DSA signature.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows Note: The php_com_dotnet.dll may need to be enabled inside of php.ini.

<?php

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Crypt2')
$crypt = new COM("Chilkat.Crypt2");

$crypt->EncodingMode = 'hex';
$crypt->HashAlgorithm = 'sha-1';

$hashStr = $crypt->hashFileENC('qa_data/hamlet.xml');
print 'hash to sign: ' . $hashStr . "\n";

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Dsa')
$dsa = new COM("Chilkat.Dsa");

$pemPrivateKey = $dsa->loadText('qa_data/dsa/dsaPrivKey2.pem');
$success = $dsa->FromPem($pemPrivateKey);
if ($success == 0) {
    print $dsa->LastErrorText . "\n";
    exit;
}

// Load the hash to be signed into the DSA object:
$success = $dsa->SetEncodedHash('hex',$hashStr);
if ($success == 0) {
    print $dsa->LastErrorText . "\n";
    exit;
}

// Sign the hash.
$success = $dsa->SignHash();
if ($success == 0) {
    print $dsa->LastErrorText . "\n";
    exit;
}

// Get the ASN.1 signature.
$asnSig = $dsa->getEncodedSignature('base64');
print 'Signature: ' . $asnSig . "\n";

// Examine the details of the ASN.1 signature.
// We want to get the r,s values as hex strings..
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Asn')
$asn = new COM("Chilkat.Asn");
$success = $asn->LoadEncoded($asnSig,'base64');
if ($success == 0) {
    print $asn->LastErrorText . "\n";
    exit;
}

// Get the ASN.1 as XML.
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Xml')
$xml = new COM("Chilkat.Xml");
$success = $xml->LoadXml($asn->asnToXml());
print 'Signature as XML: ' . "\n";
print $xml->getXml() . "\n";

// Sample XML shown here.
// The r and s values are the two hex strings in the XML.

// <?xml version="1.0" encoding="utf-8"?>
// <sequence>
//     <int>2C187F3AB6E47A66497B86CE97BB39E2133810F5</int>
//     <int>588E53D3F7B69636B48FD7175E99A3961BD7D775</int>
// </sequence>

// Pretend we're starting with r,s
$r = '2C187F3AB6E47A66497B86CE97BB39E2133810F5';
$s = '588E53D3F7B69636B48FD7175E99A3961BD7D775';

// Build the XML that will be converted to ASN.1
$xml->Clear();
$xml->Tag = 'sequence';
$xml->NewChild2('int',$r);
$xml->NewChild2('int',$s);

// Convert the XML to ASN.1
$success = $asn->LoadAsnXml($xml->getXml());

// Emit the signature as DER encoded ASN.1 (base64)
$asnSig = $asn->getEncodedDer('base64');

// --------------------------------------------------------------------
// Verify the signature using the asnSig we built from the r,s values
// --------------------------------------------------------------------

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Dsa')
$dsa2 = new COM("Chilkat.Dsa");

// Load the DSA public key to be used for verification:

$pemPublicKey = $dsa2->loadText('qa_data/dsa/dsaPubKey2.pem');
$success = $dsa2->FromPublicPem($pemPublicKey);
if ($success == 0) {
    print $dsa2->LastErrorText . "\n";
    exit;
}

// Load the hash to be verified.
$success = $dsa2->SetEncodedHash('hex',$hashStr);
if ($success == 0) {
    print $dsa2->LastErrorText . "\n";
    exit;
}

// Load the ASN.1 signature:
$success = $dsa2->SetEncodedSignature('base64',$asnSig);
if ($success == 0) {
    print $dsa2->LastErrorText . "\n";
    exit;
}

// Verify:
$success = $dsa2->Verify();
if ($success == 0) {
    print $dsa2->LastErrorText . "\n";
}
else {
    print 'DSA Signature Verified!' . "\n";
}


?>