日期:2014-05-17  浏览次数:20530 次

php 关于pkcs7签名验证。
<?php
// the message you want to sign so that recipient can be sure it was you that
// sent it
$data = <<<EOD

You have my authorization to spend $10,000 on dinner expenses.

The CEO
EOD;
// save message to file
$fp = fopen("msg.txt", "w");
fwrite($fp, $data);
fclose($fp);
// encrypt it
if (openssl_pkcs7_sign("msg.txt", "signed.txt", "mycert.pem",
  array("file://mycert.pem", "mypassphrase"),
  array("To" => "joes@example.com", // keyed syntax
  "From: HQ <ceo@example.com>", // indexed syntax
  "Subject" => "Eyes only")
  )) {
  // message signed - send it!
  exec(ini_get("sendmail_path") . " < signed.txt");
}
?> 
使用该函数做签名,涉及到文件的读写,可能会牵涉到文件的高并发性,对于php有什么好的处理方法吗?
具体点就是,我只需要传递需要签名的原始数据$data,而此函数每次都要把原始数据$data保存到文件里,然后再做签名,最后把签名后产生的串保存到signed.txt里,在实际中这肯定会触发文件操作的问题,该如何解决呢?

------解决方案--------------------
不要用相同的文件名,可以用md5(uniqid) .".txt"作为msg.txt和signed.txt的文件名。