PHP PKI encryption Technology (OpenSSL) detailed

Source: Internet
Author: User
Tags decrypt openssl sha1 hash
This article is a PHP in the PKI encryption Technology (OpenSSL) for a detailed analysis of the introduction, the need for a friend reference copy code code as follows:


<?php


//PKI Encryption
//Use PKI encryption to open OpenSSL extensions


//php.ini extension = php_openssl.dll extension


/*pki mode is


* Public key encryption, private key decryption;


* Private key encryption, public key decryption;


*/


//private key encryption, public key decryption


//Client


//$data data


$data = ' ABCD ';


//Get private key $priv _key_id


$priv _key_id = Openssl_get_privatekey (file_get_contents (' 99bill-rsa.pem ', r));


//Get public key $pub _key_id


$pub _key_id = Openssl_get_publickey (file_get_contents (' 99bill-rsa.cer ', r));


//$data preferred through SHA1 hash encryption and then encrypted by $priv_key_id private key to generate signature $signature


//$signature is the encrypted signature


//openssl_sign () encryption function, as for its decryption method I do not know????????????????????????????????????


openssl_sign ($data, $signature, $priv _key_id, OPENSSL_ALGO_SHA1);


There are also two cryptographic functions, and these two cryptographic functions have the decryption method, know


//First: Private key encryption, public key decryption
//$data The data to be encrypted, $crypted encrypt the generated data, $decrypted decrypt the generated data, $data the same as the $decrypted value


///through $PRIV_KEY_ID private key encryption, generate $crypted;


Openssl_private_encrypt ($data, $crypted, $priv _key_id);


Echo $crypted;


//decrypted by $pub_key_id public key to generate $decrypted


Openssl_public_decrypt ($crypted, $decrypted, $pub _key_id);


//second: Public key encryption, private key decryption
//$data The data to be encrypted, $crypted encrypt the generated data, $decrypted decrypt the generated data, $data the same as the $decrypted value


///By $PUB_KEY_ID public key encryption, generate $crypted;


Openssl_public_encrypt ($data, $crypted, $pub _key_id);


//decrypted by $priv_key_id private key to generate $decrypted


Openssl_private_decrypt ($crypted, $decrypted, $priv _key_id);


//Note that my side of the file to get the public key and private key is not corresponding


//Normal, get the public key and private key file is one by one corresponding, here I use the fast money.


//Quick money gives the private key generate file, corresponding public key generate file on the quick Money side


//Quick Money gives the public key to generate the file, the corresponding private key generates the file on the quick Money side


That is, a public key generation file and a private key generation file are missing


//I never found a one by one corresponding private key, public key generated file, if you find a send me, thank you.

The
//Openssl_verify () method verifies that the signature is correct (the data generated by the private key encryption is returned and validated with the corresponding public key).


//$signature Public key encryption generated data, $data raw data, successfully returned 1, failed to return 0, error return-1


//$pub _key_id public key


openssl_verify ($data, $signature, $pub _key_id);


//Releases the private key or public key from memory


Openssl_free_key ($priv _key_id);


Openssl_free_key ($pub _key_id);


generate private and public key
genrsa-out Private-rsa.pem
Rsa-in Private-rsa.pem-pubout-out Pubic-rsa.cer

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.