This article describes how to use openssl to implement rsa asymmetric encryption algorithms.
The code is as follows:
/**
* Use openssl for asymmetric encryption
* @ Since 2010-07-08
*/
Class Rsa
{
/**
* Private key
*/
Private $ _ privKey;
/**
* Public key
*/
Private $ _ pubKey;
/**
* The keys saving path
*/
Private $ _ keyPath;
/**
* The construtor, the param $ path is the keys saving path
*/
Public function _ construct ($ path)
{
If (empty ($ path) |! Is_dir ($ path )){
Throw new Exception ('must set the keys save path ');
}
$ This-> _ keyPath = $ path;
}
/**
* Create the key pair, save the key to $ this-> _ keyPath
*/
Public function createKey ()
{
$ R = openssl_pkey_new ();
Openssl_pkey_export ($ r, $ privKey );
File_put_contents ($ this-> _ keyPath. DIRECTORY_SEPARATOR. 'priv. key', $ privKey );
$ This-> _ privKey = openssl_pkey_get_public ($ privKey );
$ Rp = openssl_pkey_get_details ($ r );
$ PubKey = $ rp ['key'];
File_put_contents ($ this-> _ keyPath. DIRECTORY_SEPARATOR. 'pub. key', $ pubKey );
$ This-> _ pubKey = openssl_pkey_get_public ($ pubKey );
}
/**
* Setup the private key
*/
Public function setupPrivKey ()
{
If (is_resource ($ this-> _ privKey )){
Return true;
}
$ File = $ this-> _ keyPath. DIRECTORY_SEPARATOR. 'priv. key ';
$ Prk = file_get_contents ($ file );
$ This-> _ privKey = openssl_pkey_get_private ($ prk );
Return true;
}
/**
* Setup the public key
*/
Public function setupPubKey ()
{
If (is_resource ($ this-> _ pubKey )){
Return true;
}
$ File = $ this-> _ keyPath. DIRECTORY_SEPARATOR. 'pub. key ';
$ Puk = file_get_contents ($ file );
$ This-> _ pubKey = openssl_pkey_get_public ($ puk );
Return true;
}
/**
* Encrypt with the private key
*/
Public function privEncrypt ($ data)
{
If (! Is_string ($ data )){
Return null;
}
$ This-> setupPrivKey ();
$ R = openssl_private_encrypt ($ data, $ encrypted, $ this-> _ privKey );
If ($ r ){
Return base64_encode ($ encrypted );
}
Return null;
}
/**
* Decrypt with the private key
*/
Public function privDecrypt ($ encrypted)
{
If (! Is_string ($ encrypted )){
Return null;
}
$ This-> setupPrivKey ();
$ Encrypted = base64_decode ($ encrypted );
$ R = openssl_private_decrypt ($ encrypted, $ decrypted, $ this-> _ privKey );
If ($ r ){
Return $ decrypted;
}
Return null;
}
/**
* Encrypt with public key
*/
Public function pubEncrypt ($ data)
{
If (! Is_string ($ data )){
Return null;
}
$ This-> setupPubKey ();
$ R = openssl_public_encrypt ($ data, $ encrypted, $ this-> _ pubKey );
If ($ r ){
Return base64_encode ($ encrypted );
}
Return null;
}
/**
* Decrypt with the public key
*/
Public function pubDecrypt ($ crypted)
{
If (! Is_string ($ crypted )){
Return null;
}
$ This-> setupPubKey ();
$ Crypted = base64_decode ($ crypted );
$ R = openssl_public_decrypt ($ crypted, $ decrypted, $ this-> _ pubKey );
If ($ r ){
Return $ decrypted;
}
Return null;
}
Public function _ destruct ()
{
@ Fclose ($ this-> _ privKey );
@ Fclose ($ this-> _ pubKey );
}
}
// The following is a simple test demo. delete it if you do not need it.
$ Rsa = new Rsa ('SSL-key ');
// Private key encryption and public key decryption
Echo 'Source: I'm an old man
';
$ Pre = $ rsa-> privEncrypt ('I am a newbie ');
Echo 'private encrypted:
'. $ Pre .'
';
$ Pud = $ rsa-> pubDecrypt ($ pre );
Echo 'public decrypted: '. $ pud .'
';
// Public key encryption and private key decryption
Echo 'Source: dry IT
';
$ Pue = $ rsa-> pubEncrypt ('dry IT ');
Echo 'public encrypt:
'. $ Pue .'
';
$ Prd = $ rsa-> privDecrypt ($ pue );
Echo 'private decrypt: '. $ prd;
?>
Note that apache must support OpenSSL