(PHP ActiveX) ECDSA Sign and Verify Data using Different Hash Algorithms

Demonstrates how to create ECDSA signatures on data using different hash algorithms.

Note: This example requires Chilkat v9.5.0.85 or greater because the SignBd and VerifyBd methods were added in v9.5.0.85.

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows Note: The php_com_dotnet.dll may need to be enabled inside of php.ini.

<?php

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// First load an ECDSA private key to be used for signing.
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.PrivateKey')
$privKey = new COM("Chilkat.PrivateKey");
$success = $privKey->LoadEncryptedPemFile('qa_data/ecc/secp256r1-key-pkcs8-secret.pem','secret');
if ($success == 0) {
    print $privKey->LastErrorText . "\n";
    exit;
}

// Load some data to be signed.
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.BinData')
$bd = new COM("Chilkat.BinData");
$success = $bd->LoadFile('qa_data/hamlet.xml');
if ($success == 0) {
    print 'Failed to load file to be hashed.' . "\n";
    exit;
}

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Ecc')
$ecdsa = new COM("Chilkat.Ecc");
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Prng')
$prng = new COM("Chilkat.Prng");

// Sign the sha256 hash of the data.  Return the ECDSA signature in the base64 encoding.
print 'ECDSA signing the sha256 hash of the data...' . "\n";
$sig = $ecdsa->signBd($bd,'sha256','base64',$privKey,$prng);
print 'sig = ' . $sig . "\n";

// Verify the signature against the original data.
// (We must use the same hash algorithm that was used when signing.)

// Load the public key that corresponds to the private key used for signing.
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.PublicKey')
$pubKey = new COM("Chilkat.PublicKey");
$success = $pubKey->LoadFromFile('qa_data/ecc/secp256r1-pub.pem');
if ($success == 0) {
    print $pubKey->LastErrorText . "\n";
    exit;
}

// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Ecc')
$ecc2 = new COM("Chilkat.Ecc");
$result = $ecc2->VerifyBd($bd,'sha256',$sig,'base64',$pubKey);
if ($result != 1) {
    print $ecc2->LastErrorText . "\n";
    exit;
}

print 'Verified!' . "\n";

// ----------------------------------------------------------------------------------------
// Let's do the same thing, but with sha384 hashing...

print '--------------------------------------------' . "\n";
print 'ECDSA signing the sha384 hash of the data...' . "\n";

$sig = $ecdsa->signBd($bd,'sha384','base64',$privKey,$prng);
print 'sig = ' . $sig . "\n";

$result = $ecc2->VerifyBd($bd,'sha384',$sig,'base64',$pubKey);
if ($result != 1) {
    print $ecc2->LastErrorText . "\n";
    exit;
}

print 'Verified!' . "\n";

?>