1, Check whether the server has installed the OpenSSL components, not installed first
OpenSSL version [-A]
2. Symmetric encryption
querying The symmetric encryption algorithm supported by OpenSSL
Openssl_get_cipher_methods ();
encryption:openssl_encrypt ($data, $method, $passwd, $options, $IV);
Parameter description:
$data: Encrypting plaintext
$method: Encryption method
$PASSWD: Encryption Key
$options: Data format options (optional)
$IV: Encryption initialization vector (optional)
decryption:openssl_decrypt ($data, $method, $passwd, $options, $IV);
Parameter description:
$data: Decryption text
$method: Decrypting encryption methods
$PASSWD: Decryption key
$options: Data format options (optional)
$IV: Decrypt initialization vector (optional)
3. generate public key, private key pair
(1) generate the original RSA private key File Rsa_private_key.pem
OpenSSL genrsa-out Rsa_private_key.pem 1024
(2) Convert the original RSA private key to PKCS8 mode
OpenSSL pkcs8-topk8-inform pem-in rsa_private_key.pem-outform pem-nocrypt-out Private_key.pem
(3) generating RSA public key Rsa_public_key.pem
OpenSSL rsa-in rsa_private_key.pem-pubout-out Rsa_public_key.pem
4, the use of private key encryption, public key decryption
The private key used is the content of the Rsa_private_key.pem file generated above
the public key used is the content of the Rsa_public_key.pem file generated above
1 //generate key Resource ID2 $pi _key= Openssl_pkey_get_private ($private _key);3 $pu _key= Openssl_pkey_get_public ($public _key);4 5 //private key Encryption6 $encrypted=";7Openssl_private_encrypt ($data,$encrypted,$pi _key);8 9 //transcoding, where the $encrypted is the private key encrypted stringTen $encrypted=Base64_encode($encrypted); One A //public key decryption, $decrypted is the plaintext before the private key is encrypted after the public key is decrypted - $decrypted="; - $encrypted=Base64_decode($encrypted); theOpenssl_public_decrypt ($encrypted,$decrypted,$pu _key);
5. using public key encryption, private key decryption
The private key used is the content of the Rsa_private_key.pem file generated above
the public key used is the content of the Rsa_public_key.pem file generated above
1 //generate key Resource ID2 $pi _key= Openssl_pkey_get_private ($private _key);3 $pu _key= Openssl_pkey_get_public ($public _key);4 5 //Public Key Cryptography6 $encrypted=";7Openssl_public_encrypt ($data,$encrypted,$pu _key);8 9 //transcoding, where the $encrypted is a public-key encrypted stringTen $encrypted=Base64_encode($encrypted); One A //private key decryption, $decrypted is the plaintext of the public key before the private key is decrypted - $decrypted="; - $encrypted=Base64_decode($encrypted); theOpenssl_private_decrypt ($encrypted,$decrypted,$pu _key);
Full Code Demo:
1<?PHP2 /**3 * Created by Phpstorm.4 * User:ahao5 * DATE:2016/11/206 * Time:10:127 */8 //lists the symmetric encryption methods supported by the OpenSSL encryption extension9 /*$methods = Openssl_get_cipher_methods ();Ten echo "<pre>"; One Var_dump ($methods); A - $iv = substr (MD5 (' Test '), 0,8); - $encrypt _data = Openssl_encrypt (' Codeman is a good man ', ' DES-CBC ', ' passwd ', Openssl_raw_data, $iv); the $encrypt _data = Openssl_encrypt (' Codeman is a good man ', ' DES-CBC ', ' passwd ', openssl_raw_data); - echo $encrypt _data; - echo "<br/>"; - + $decrypt _data = Openssl_decrypt ($encrypt _data, ' DES-CBC ', ' passwd ', Openssl_raw_data, $iv); - echo $decrypt _data;*/ + A //private Key at $private _key=-----BEGIN RSA PRIVATE KEY----- - MIICXAIBAAKBGQDS6VBGEPOWVC8JXYX/UL6ITMS6ABPVO8FVW0PD90JLJYVFJCFJ - dyvfh6jprdpghlired45vdsktcjvjj0clni5ziz680as6jtfe3scby4mi7blkzbn - Ytmbtnkafbmmwlcxv4qzzyg8+xnkty5clzzcvzzzlau5djtusoxtlkxcmwidaqab - AOGAZT944GZO+BYNVH17JHEK/NFXA19VLJJ6KSH6AFPMKQCMN2PJEIU/HHQ3K0CG - QTZYEY4WAMWZCFME7OC5C14C6GSNOQVEBZT3JA5LNUMNRVB+EHYE0W/O7AH8SSLQ in 3b42gfkkakiuy2ufsvc4pv6lmn5sh26apw332yo0dxzxagecqqdvawv+n41r9pup - Ib0+ycbvkue6yjlohc2mqaxdd+eyngo4jb1f21pzcqasd/sbpiqwvukk/uxlovl9 to 3DBLCOWBAKEA4EIMV8UIGWBXJBGRZ+I/TBQ56GCNJVLOKJFYAYXBKAA1C9C51EVV + 39OFTI9DQCZCUAYZSCMSPB6XEPBIB01VAQJAZVYAQM1FZ+B1P6F0VBAWIDSQJJBJ - xiyyed6jl6ywwabax7qs9l1sedbn3okashap9n2t4anfe8gjido6kwrp1qjagoif the Lffwdngdro393av6jicspiurzwhcc1qeey+adbr+zneczglb1rigv+g7830o0rol * hytax+od0hzn2tbcaqjbanig+ho5+qy5hgro3+urherguqxqhzheldo5gnoq/sft $ sex4mxgze6oq+hldvnwzvjbu9g9417t5wmgywq8unhw=Panax Notoginseng-----END RSA PRIVATE KEY-----'; - the //Public Key + $public _key=-----BEGIN Public KEY----- A MIGFMA0GCSQGSIB3DQEBAQUAA4GNADCBIQKBGQDS6VBGEPOWVC8JXYX/UL6ITMS6 the abpvo8fvw0pd90jljyvfjcfjdyvfh6jprdpghlired45vdsktcjvjj0clni5ziz6 + 80as6jtfe3scby4mi7blkzbnytmbtnkafbmmwlcxv4qzzyg8+xnkty5clzzcvzzz - Lau5djtusoxtlkxcmwidaqab $-----END Public KEY-----'; $ - //This function can be used to determine if the private key is available, and can be used to return the resource ID Resource ID - $pi _key= Openssl_pkey_get_private ($private _key); the - //This function can be used to determine if the public key is availableWuyi $pu _key= Openssl_pkey_get_public ($public _key);//This function can be used to determine if the public key is available the - Print_r($pi _key);Echo"<br/>"; Wu Print_r($pu _key);Echo"<br/>"; - About //Raw Data $ $data= ' Codeman '; - $encrypted= ' '; - $decrypted= ' '; - A Echo"Source data:",$data, "<br/>"; + Echo"Private Key Encrypt:<br/>"; the Echo"Private key encryption, public key decryption:<br/>"; - $ //private key Encryption theOpenssl_private_encrypt ($data,$encrypted,$pi _key); the $encrypted=Base64_encode($encrypted);//The encrypted content usually contains special characters that need to be encoded for conversion and to be aware that the Base64 encoding is URL-safe when transmitted over a network through a URL. the Echo $encrypted, "<br/>"; the - //Public Key Decryption in Echo"Public Key Decrypt:<br/>"; theOpenssl_public_decrypt (Base64_decode($encrypted),$decrypted,$pu _key);//private key encrypted content can be decrypted by public key the Echo $decrypted, "<br/><br/>"; About the Echo"Public key encryption, private key decryption:<br/>"; the //Public Key Cryptography theOpenssl_public_encrypt ($data,$encrypted,$pu _key); + $encrypted=Base64_encode($encrypted); - Echo $encrypted, "<br/>"; the Bayi //private Key Decryption the Echo"Private Key Decrypt:<br/>"; theOpenssl_private_decrypt (Base64_decode($encrypted),$decrypted,$pi _key);//private Key Decryption - Echo $decrypted, "<br/>";
6, PHP OpenSSL and mcrypt extension of the difference
OpenSSL is a public private key network communication security protocol, also is a cryptographic mode, PHP's OpenSSL extension is to use this protocol to encrypt and decrypt the transmission of data. Compared with MCrypt, OpenSSL supports more encryption methods, simpler to use, and supports asymmetric encryption decryption, which is the core component of installing signed HTTPS.
PHP OpenSSL encryption Extension Usage summary