问题描述

我最近尝试将PHP openssl扩展与我使用本教程颁发的ecdsa自签名证书一起使用创建一个自签名的ecc证书.我已经使用了PHP手册中所述的openssl_sign()函数.我注意到每次刷新网页时，都会得到不同的签名输出.谁能解释会发生什么?每次使用ecdsa证书都可以通过任何方式获得相同的签名输出吗?

I recent tried to use PHP openssl extension with an ecdsa self signed certificate that i've issued using this tutorial create-a-self-signed-ecc-certificate. I have used function openssl_sign() as described in PHP manual. I've notice every time i refresh the web page , i got different signature output. Can anyone explain what happen? And is there any manner to get the same signature output every time with ecdsa certificate?

推荐答案

生成ECDSA签名的一个组件是生成随机数(k).

A component of generating an ECDSA signature is generating a random number (k).

由于每次调用签名都会生成一个不同的随机数，因此无法用ECDSA生成确定性证书(除了自己进行所有ECC数学运算并选择k；或者在某个地方找到可以指定k的库) ).

Since each call to sign will generate a distinct random number, there's no way to produce a deterministic certificate with ECDSA (aside from doing all of the ECC math yourself, and choosing k; or finding a library somewhere which lets k be specified).

这篇关于在PHP中使用openssl_sign()时的不同输出的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！