需要先了解的openssl系列函數(shù)

openssl_pkey_get_private 從證書中解析獲取私鑰，以供使用。成功，返回真實(shí)的密鑰資源標(biāo)識(shí)符(Resource ID),否則返回false

openssl_pkey_get_public 從證書中解析獲取公鑰，以供使用。成功，返回真實(shí)的密鑰資源標(biāo)識(shí)符(Resource ID),否則返回false

openssl_private_encrypt($data, $encrypted, $privateKeyResourceID, OPENSSL_PKCS1_PADDING)

//使用私鑰key加密數(shù)據(jù)data并且將結(jié)果保存至變量crypted中

openssl_public_decrypt(base64_decode($encrypted), $decrypted, $publicKeyResourceID, OPENSSL_PKCS1_PADDING)

//私鑰加密的內(nèi)容通過(guò)公鑰可用解密出來(lái)

/**

* Created by PhpStorm.

* User: zrj

* Date: 18-11-7

* Time: 上午10:22

*/

declare(strict_types=1);//開啟強(qiáng)類型模式

//私匙

$privateKeyString = <<

-----BEGIN RSA PRIVATE KEY-----

MIIEogIBAAKCAQEAxHS1H/9uMS+waaP8vkEHx0EJWqPnRjYIzHKrXeMQ3fjZmxPG

MJmzwKVdADQlaFbA/NePu7dVFyzFo2yrAFlJD9bWs6of79OM2QGxu/AL2GqwjaOZ

/+5tSkxqU8fj+/sb35U9kGxy/k4KPwlatTaHIkXb7qebCGX1hgNw2BkRrNfXWRX+

EVs8Oy/I/d1CMQMF3mvsCFvoUAE/UJVOOAjjQ6rBX+PorWXuTIKgWgSFWwzsRWJN

hQo6P6Y/amx2Jb6Nr0rHIJIREICdYMAp2DSC+uU+jl85NqT3U89BRRG+58feoUOL

DGiv0hRQ7+k1e47MfiwKpCpJOkldEJjywMhl1QIDAQABAoIBAHBQuOyeQAVm2ljL

JEgxLZ1BFXP4mNSPN+CK/mYi1xXQm7gJShmnBhlxcQYYyfoo/xSOuOH9ImypcCTK

j8kXQqoHjaAR90hJjhDS4yYrStpjxKR1kCm9ykXcAj373d/F5F2jGRtkpSm2vCzl

0DIiBogVoHOE5yGaCRChDva8/lnt3ACEurhiL37ZJbOnbZMj2FkNmtv7eCgVEUTH

Ydu9cU8mbC3g1WMDxKSBxwgRhZQYZQSRta4nkWN5xEcO7WAF3RWs1cFJ4ttCQaRy

J/Y0K8R9prLRwh51/jonQPCJN+NGmtpCq9+kgVxxLe7p45k4DO2VxaKzto5IDSZj

hdFTEAECgYEA43cRn8ISAlHQHxi2EOq5Ygk98Bf249WNuBzxOra5SpCBVbRGvTeY

Mrq86FY1PsFK+pOVeiiaaGanZDFtULEJyiZm3KaE2PVRsbfeYO9vSTHW8ikdmpCW

VALpL6B+Q7kRvA/1krnU9Uy8c9k+EpZOELI9Ja8H9pMErMVd7LX+HtUCgYEA3RnK

5gzXNNI4hfphepxXD/+qFxgd0mmwi/jLhc4c62V259sUR2R38jo+xDgBlDvrlmDi

e6H7q56Y3M1Zag+zHc8PgtqxY7CPt5rc8dHd8iYh0UxNCYjlM3QP8dULdPmlnPkC

70KyHNkCoesiDytbT50EN5KnqEO99Kgl3mhqqwECgYAHGQcOwiKHuf/RiJbdzkU8

nuc037qPf3FtplGMsHj1r66peveeHeb85kDQyyfcLnHlgcdvSWcQDOv6P2SW2P9i

NHKPPg71KiqDbiZdRftmAE0hv1CyKwLV2kVmfA6UlGjOQn06N9xCT0OuJcA/GjuT

X8xyqZSJCCtkLMByi3dDhQKBgFmRWk2phADk7Hrx/E1ESkyz4H6siWA06o05g5E3

9yUxHGM+r89gFussx0KMAa/AOmbX5sf4zdAvVnOUSJWbuI7p07nJyDS/UOkrNjhM

MWIoKmj0RP0I1PjsGo14JcUEYR/fDF5KoYboLpXTgB+vC7WLwSqWIY8bqjcTawvX

NucBAoGAPGAi11FCqx5R3r/3pJkySlNoj+m/J04mdYXJpmJV6P6PczJHd0aRjvJF

6ubuKot1pExuhEivYo7dYubr5clmh2S8bs9kyS5Q2Btz5kXhxf4EGmJRVD+CAmvi

EAHNljZQgkfonOZFqRXaxqAsqEziIfQqI7IjpTkcGgts4v43Tlo=

-----END RSA PRIVATE KEY-----

EOF;

//公匙

$publicKeyString = <<

-----BEGIN PUBLIC KEY-----

MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHS1H/9uMS+waaP8vkEH

x0EJWqPnRjYIzHKrXeMQ3fjZmxPGMJmzwKVdADQlaFbA/NePu7dVFyzFo2yrAFlJ

D9bWs6of79OM2QGxu/AL2GqwjaOZ/+5tSkxqU8fj+/sb35U9kGxy/k4KPwlatTaH

IkXb7qebCGX1hgNw2BkRrNfXWRX+EVs8Oy/I/d1CMQMF3mvsCFvoUAE/UJVOOAjj

Q6rBX+PorWXuTIKgWgSFWwzsRWJNhQo6P6Y/amx2Jb6Nr0rHIJIREICdYMAp2DSC

+uU+jl85NqT3U89BRRG+58feoUOLDGiv0hRQ7+k1e47MfiwKpCpJOkldEJjywMhl

1QIDAQAB

-----END PUBLIC KEY-----

EOF;

$data = "helloworld";

try {

//從證書中解析獲取私鑰。成功，返回真實(shí)的密鑰資源標(biāo)識(shí)符

$privateKeyResourceID = openssl_pkey_get_private($privateKeyString);

if ($privateKeyResourceID === false) throw new \Exception('private key string is wrong');

//從證書中解析獲取公鑰，以供使用。成功，返回真實(shí)的密鑰資源標(biāo)識(shí)符

$publicKeyResourceID = openssl_pkey_get_public($publicKeyString);//這個(gè)函數(shù)可用來(lái)判斷公鑰是否是可用的

if ($publicKeyResourceID === false) throw new \Exception('public key string is wrong');

//使用私鑰key加密數(shù)據(jù)data并且將結(jié)果保存至變量crypted中。

//加密后的數(shù)據(jù)可以通過(guò)openssl_public_decrypt()函數(shù)來(lái)解密。

openssl_private_encrypt($data, $encrypted, $privateKeyResourceID, OPENSSL_PKCS1_PADDING);

//私鑰加密

$encrypted = base64_encode($encrypted);//加密之后的結(jié)果,base64只是為了避免特殊字符

openssl_public_decrypt(base64_decode($encrypted), $decrypted, $publicKeyResourceID, OPENSSL_PKCS1_PADDING);//私鑰加密的內(nèi)容通過(guò)公鑰可用解密出來(lái)

echo $decrypted . PHP_EOL;

} catch (\Exception $e) {

die($e->getMessage());

}

加密、解密系列

公鑰加密 openssl_public_encrypt,私鑰解密 openssl_private_decrypt

私鑰加密 openssl_private_encrypt,公鑰解密 openssl_public_decrypt

封裝

/**

* Created by PhpStorm.

* User: zrj

* Date: 18-11-5

* Time: 下午8:32

*/

declare(strict_types=1);//開啟強(qiáng)類型模式

class RSA

{

private $publicKeyResourceID = false;//公鑰資源

private $privateKeyresourceID = false;//私鑰資源

private $publicKeyContent = '';

private $privateKeyContent = '';

public function __construct(string $publicKeyPath, string $privatePath)

{

$this->checkFilePath($publicKeyPath);

$this->checkFilePath($privatePath);

$this->publicKeyContent = file_get_contents($publicKeyPath);

$this->privateKeyContent = file_get_contents($privatePath);

if (empty($this->publicKeyContent)) throw new \Exception('Public key is empty');

if (empty($this->privateKeyContent)) throw new \Exception('Private key is empty');

$this->publicKeyResourceID = !empty($this->publicKeyContent) ? openssl_pkey_get_public($this->getPublicKey()) : false;

$this->privateKeyresourceID = !empty($this->privateKeyContent) ? openssl_pkey_get_private($this->getPrivatekey()) : false;

if ($this->publicKeyResourceID === false) throw new \Exception('解析公鑰內(nèi)容失敗');

if ($this->privateKeyresourceID === false) throw new \Exception('解析私鑰內(nèi)容失敗');

}

/**

* 校驗(yàn)文件路徑

* @param string $filePath

* @throws Exception

*/

public function checkFilePath(string $filePath)

{

if (!is_file($filePath)) throw new \Exception($filePath . ' is not a regular file');

if (!file_exists($filePath)) throw new \Exception($filePath . ' is not exists');

}

//獲取私有key字符串,重新格式化,為保證任何key都可以識(shí)別

public function getPrivatekey(): string

{

$search = [

"-----BEGIN RSA PRIVATE KEY-----",

"-----END RSA PRIVATE KEY-----",

"\n",

"\r",

"\r\n"

];

$privateKey = str_replace($search, "", $this->privateKeyContent);

//打斷字符串為指定數(shù)量的字串

return $search[0] . PHP_EOL . wordwrap($privateKey, 64, "\n", true) . PHP_EOL . $search[1];

}

/**

*

* 獲取公共key字符串,重新格式化,為保證任何key都可以識(shí)別

*/

public function getPublicKey()

{

$search = [

"-----BEGIN PUBLIC KEY-----",

"-----END PUBLIC KEY-----",

"\n",

"\r",

"\r\n"

];

$publicKey = str_replace($search, "", $this->publicKeyContent);

//打斷字符串為指定數(shù)量的字串

return $search[0] . PHP_EOL . wordwrap($publicKey, 64, "\n", true) . PHP_EOL . $search[1];

}

public function createKey()

{

$result = openssl_pkey_new();// 生成一個(gè)新的私鑰和公鑰對(duì),

if ($result === false) return false;

openssl_pkey_export($result, $privateKey);//將key當(dāng)作PEM編碼字符串導(dǎo)出并且將之保存到$privateKey(通過(guò)引用傳遞的)中。

$publicKey = openssl_pkey_get_details($result);//返回包含密鑰詳情的數(shù)組

return array('public_key' => $publicKey["key"], 'private_key' => $this->getPrivatekey());

}

//使用私鑰加密

public function encryptByPrivateKey(string $data): string

{

openssl_private_encrypt($data, $output, $this->privateKeyresourceID);

return base64_encode($output);

}

//使用公鑰解密

public function decryptByPublicKey(string $data): string

{

openssl_public_decrypt(base64_decode($data), $output, $this->publicKeyResourceID);

return $output;

}

//使用公鑰加密

public function encryptByPublicKey(string $data): string

{

openssl_public_encrypt($data, $output, $this->publicKeyResourceID);

return base64_encode($output);

}

//使用私鑰解密

public function decryptByPrivateKey(string $data): string

{

openssl_private_decrypt(base64_decode($data), $output, $this->privateKeyresourceID);

return $output;

}

//生成簽名

public function generateSignature(string $data, int $signType = OPENSSL_ALGO_SHA1): string

{

openssl_sign($data, $outSignature, $this->privateKeyresourceID, $signType);//Generate signature

return base64_encode($outSignature);

}

//校驗(yàn)簽名 OPENSSL_ALGO_SHA256為RSA2

public function checkSignature(string $originalData, string $signature, int $signType = OPENSSL_ALGO_SHA1): bool

{

//如果簽名正確返回 1, 簽名錯(cuò)誤返回 0, 內(nèi)部發(fā)生錯(cuò)誤則返回-1

$result = openssl_verify($originalData, base64_decode($signature), $this->publicKeyResourceID, $signType);

return $result == 1;

}

public function __destruct()

{

openssl_free_key($this->publicKeyResourceID);

openssl_free_key($this->privateKeyresourceID);

}

}

$rsaObj = new RSA('/home/zrj/.ssh/rsa_public.key', '/home/zrj/.ssh/rsa_private.key');

$str = 'Hello world';

echo '原始數(shù)據(jù):' . $str . PHP_EOL;

echo '公鑰加密私鑰解密如下:' . PHP_EOL;

$tmpstr = $rsaObj->encryptByPublicKey($str); //用公鑰加密

echo '加密后的數(shù)據(jù):' . PHP_EOL;

echo $tmpstr . PHP_EOL;

$tmpstr = $rsaObj->decryptByPrivateKey($tmpstr); //用私鑰解密

echo '解密結(jié)果:' . $tmpstr . PHP_EOL;

echo PHP_EOL;

echo PHP_EOL;

echo '私鑰加密公鑰解密如下:' . PHP_EOL;

$tmpstr = $rsaObj->encryptByPrivateKey($str); //用私鑰加密

echo '私鑰加密后的數(shù)據(jù):' . PHP_EOL;

echo $tmpstr . PHP_EOL;

$tmpstr = $rsaObj->decryptByPublicKey($tmpstr); //用公鑰解密

echo '公鑰解密結(jié)果:' . $tmpstr . PHP_EOL;

echo PHP_EOL;

echo PHP_EOL;

$signature = $rsaObj->generateSignature($tmpstr);

echo '簽名結(jié)果為：' . $signature . PHP_EOL;

var_dump($rsaObj->checkSignature($tmpstr, $signature));

總結(jié)

以上是生活随笔為你收集整理的php signature解密,openssl RSA非对称加密、解密、签名、验签的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。