JSEncrypt can sign and verify but PHP openssl_verify fails
Using JSEncrypt to sign/verify a message works fine. However when I send the data to a PHP server for verification using openssl_verify it returns:
error:0906D06C:PEM routines:PEM_read_bio:no start line
Any idea why?
//////////////browser side
var signatory = new JSEncrypt();
var privateKey = document.getElementById("privkey").value;
signatory.setPrivateKey(privateKey);
var message = document.getElementById("pseudo").value;
var rsa_sha256_signature = signatory.sign(message, CryptoJS.SHA256);
document.getElementById("email").value = rsa_sha256_signature;
console.log("signature: " + rsa_sha256_signature);
/* verify */
var verifier = new JSEncrypt();
var publicKey = document.getElementById("pubkey").value;
verifier.setPublicKey(publicKey);
if (verifier.verify(message, rsa_sha256_signature, CryptoJS.SHA256)) {
console.log("valid signature !");
}else{
console.log("invalid signature!")
}
/////////////data is sent to server:
req.open("POST", "sign.php", true);
req.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
var donnees = "message=" + document.getElementById('pseudo').value +
"&signature=" + document.getElementById('email').value +
"&key_pub=" + document.getElementById("pubkey").value;
req.send(donnees );
/////////////server side
$message = $_POST ['message'];
$entityBody = file_get_contents('php://input');
$detach = explode("&",$entityBody);
$cherche_signature = 'signature=';
$cherche_key_pub = 'key_pub=';
$foundEncryptedText="no";
foreach($detach as $value){
if (strpos($value, $cherche_signature) !== false) {
$found_signature = substr($value, strlen($cherche_signature));
}
if (strpos($value, $cherche_key_pub) !== false) {
$foundkey_pub = substr($value, strlen($cherche_key_pub));
}
}
$result = openssl_verify( $message , $found_signature , $foundkey_pub , OPENSSL_ALGO_SHA256 );
echo "valid= " . $result;
echo "erreur : <br>".openssl_error_string();
