Build PHP Version 1password

Many Web sites previously registered passwords use simple passwords, but because of the frequent exposure to password insecurity this year, use more complex passwords. But a good number of accounts, passwords can not be set to the same, to prevent a stolen all unsafe, remember the password has become a very headache of opinion.

There is a 1password software on the phone, very good, but the fee. In the spirit of saving and using their own skills, I think of developing an encrypted account function

There is an SSL encryption function in PHP, this is the function of this article. Steps are as follows

Premise: What kind of secret is safe

1. Password is not absolutely safe to say

2. Numbers, characters, special characters combined, length greater than 10 bits

3. Regular password change

One: Generate the private key and public key

$config = Array ("Digest_alg" = "sha512", "private_key_bits" = 4096, "private_key_type" = Openssl_keytyp E_rsa,);//Create The private and public key$res = Openssl_pkey_new ($config);//Extract the private key from $res to $priv Keyopenssl_pkey_export ($res, $privKey); File_put_contents ("./account_private_key.pem", $privKey);//Extract the Public key from $res to $pubKey $pubkey = Openssl_pkey_get_details ($res); $pubKey = $pubKey ["Key"];file_put_contents (" Account_public_key.pem ", $pubKey);

Two: Encryption and decryption functions

Decryption function, using the generated private key Private function decrypt (  $txt  ) {     $txt  =  Base64_decode ($txt);     $fp =fopen  ( yii:: $app->params[' account '] [' Private_key _path '], "R");     $priv _key2=fread  ($fp, 8192);     fclose ($FP);      $PK 2=openssl_get_privatekey ($priv _key2);     $ret  =  Openssl_private_decrypt ($txt, $output, $PK 2);    if  ( ! $ret  )  {         return false;    }     return  $output;} Cryptographic functions, using the generated public key Private function encrypt (  $txt  ) {     $fp =fopen  (Yii :: $app->params[' account ' [' Public_key_path '], "R");     $pub _key=fread  ($fp, 8192);     fclose ($fp);     $PK  = openssl_get_publickey ($pub _key);     if  (! $PK)  {       return false;     }     $output = "";     openssl_public_encrypt ($txt, $output, $ PK);    if  (!empty ($output))  {         Openssl_free_key ($PK);         return base64_encode ($output);     }    return false;}

Three: Data table design

create table  ' account_list '   (   ' id '  int (one)  unsigned not null  AUTO_INCREMENT,   ' title '  varchar  NOT NULL DEFAULT  '   comment  ' title for search ',   ' account '  varchar '  NOT NULL DEFAULT  '   comment  ' account ',   ' Password '  varchar ($)  NOT NULL DEFAULT  '   comment  ' pass code ',   ' description '  varchar ($)  NOT NULL DEFAULT  '  COMMENT  ' description ',   ' updated_time '  timestamp NOT NULL DEFAULT  ' 0000-00-00 00:00:00 '  COMMENT  ' last update time ',   ' Created_time '  timestamp not  NULL DEFAULT  ' 0000-00-00 00:00:00 '  COMMENT  ' creation time ',   primary key   (' id '),  key  ' idx_title '   (' title '))  ENGINE=InnoDB  DEFAULT  Charset=utf8 comment= ' account List ';

Effect Show

Existing passwords in the database are encrypted, even if the database does not have a private key, can not be decrypted

Reference

Random password generator, click here

Original address: Build PHP version 1password
Tags: 1password php password Password

Build PHP Version 1password