1.php RSA生成公私钥
// 生成密钥对
$config = array(
"digest_alg" => "sha256", // 加密算法
"private_key_bits" => 2048, // 密钥长度(位数)
);
// 创建并保存私钥到文件
$res = openssl_pkey_new($config);
if (!file_put_contents('private.key', $res)) {
die("无法将私钥写入文件");
}
// 获取公钥
$pubKey = openssl_pkey_get_details($res)['key'];
if (empty($pubKey)) {
die("无法从私钥中提取公钥");
}
echo '私钥内容:' . PHP_EOL;
var_dump($res);
echo '公钥内容:' . PHP_EOL;
var_dump($pubKey);
2.公钥用于对数据进行加密,私钥用于对数据进行解密;
私钥用于对数据进行签名,公钥用于对签名进行验证。
class Rsa
{
/**
* private key
*/
private $_privKey;
/**
* public key
*/
private $_pubKey;
/**
* the keys saving path
*/
private $_keyPath;
public function __construct ($path)
{
if (empty($path) || !is_dir($path)) {
throw new \Exception('Must set the keys save path');
}
//设置私钥
$this->_keyPath = $path;
$file = $this->_keyPath . DIRECTORY_SEPARATOR . 'rsa_private_key.pem';
$prk = file_get_contents($file);
$this->_privKey = openssl_pkey_get_private($prk);
//设置公钥
$file = $this->_keyPath . DIRECTORY_SEPARATOR . 'rsa_public_key.pem';
$puk = file_get_contents($file);
$this->_pubKey = openssl_pkey_get_public($puk);
}
/**
* setup the private key
*/
public function setupPrivKey ()
{
if (is_resource($this->_privKey)) {
return true;
}
$file = $this->_keyPath . DIRECTORY_SEPARATOR . 'rsa_private_key.pem';
$prk = file_get_contents($file);
$this->_privKey = openssl_pkey_get_private($prk);
return true;
}
/**
* setup the public key
*/
public function setupPubKey ()
{
if (is_resource($this->_pubKey)) {
return true;
}
$file = $this->_keyPath . DIRECTORY_SEPARATOR . 'rsa_public_key.pem';
$puk = file_get_contents($file);
$this->_pubKey = openssl_pkey_get_public($puk);
return true;
}
/**
* @function 私钥加密
* @param $data
* @return string|null
*/
public function privEncrypt ($data)
{
if (!is_string($data)) {
return null;
}
$r = openssl_private_encrypt($data, $encrypted, $this->_privKey);
if ($r) {
return base64_encode($encrypted);
}
return null;
}
/**
* @function 私钥解密
* @param $data
* @return string|null
*/
public function privDecrypt ($encrypted)
{
if (!is_string($encrypted)) {
return null;
}
$encrypted = base64_decode($encrypted);
$r = openssl_private_decrypt($encrypted, $decrypted, $this->_privKey);
if ($r) {
return $decrypted;
}
return null;
}
/**
* @function 公钥加密
* @param $data
* @return string|null
*/
public function pubEncrypt ($data)
{
if (!is_string($data)) {
return null;
}
$r = openssl_public_encrypt($data, $encrypted, $this->_pubKey);
if ($r) {
return base64_encode($encrypted);
}
return null;
}
/**
* @function 公钥解密
* @param $data
* @return string|null
*/
public function pubDecrypt ($crypted)
{
if (!is_string($crypted)) {
return null;
}
$crypted = base64_decode($crypted);
$r = openssl_public_decrypt($crypted, $decrypted, $this->_pubKey);
if ($r) {
return $decrypted;
}
return null;
}
/**
* @function 私钥加签
* @param $data
* @return string|null
*/
public function sign ($data)
{
if (!is_string($data)) {
return null;
}
openssl_sign($data, $sign, $this->_privKey);
//base64编码
$sign = base64_encode($sign);
return $sign;
}
/**
* @function 公钥验签
* @param $data
* @return string|null
*/
public function verify($data, $sign){
if (!is_string($data)) {
return null;
}
$result = (bool)openssl_verify($data, base64_decode($sign), $this->_pubKey);
return $result;
}
public function __destruct ()
{
empty($this->_privKey) ? '' : openssl_free_key($this->_privKey);
empty($this->_pubKey) ? '' : openssl_free_key($this->_pubKey);
}
}
使用例子:
class Index
{
public function index()
{
$RSA = new Rsa(config('key_path'));
//对数据公钥加密及私钥解密
$string = '快乐程序员';
$pubString = $RSA->pubEncrypt($string);
echo '用公钥加密后数据:'.$pubString .'<br/>';
$priDeString = $RSA->privDecrypt($pubString);
echo '用私钥解密数据:'.$priDeString .'<br/>';
//实现对数据私钥加签及公钥验签
$sign = $RSA->sign($string);
echo '用私钥加签后得到签名:'.$sign .'<br/>';
$result = $RSA->verify($string,$sign);
echo '验证签名是否正确:<br/>';
dump($result);
}
}