This article is a PHP in the PKI encryption Technology (OpenSSL) for a detailed analysis of the introduction, the need for a friend reference
copy code code as follows:
<?php
//PKI Encryption
//Use PKI encryption to open OpenSSL extensions
//php.ini extension = php_openssl.dll extension
/*pki mode is
* Public key encryption, private key decryption;
* Private key encryption, public key decryption;
*/
//private key encryption, public key decryption
//Client
//$data data
$data = ' ABCD ';
//Get private key $priv _key_id
$priv _key_id = Openssl_get_privatekey (file_get_contents (' 99bill-rsa.pem ', r));
//Get public key $pub _key_id
$pub _key_id = Openssl_get_publickey (file_get_contents (' 99bill-rsa.cer ', r));
//$data preferred through SHA1 hash encryption and then encrypted by $priv_key_id private key to generate signature $signature
//$signature is the encrypted signature
//openssl_sign () encryption function, as for its decryption method I do not know????????????????????????????????????
openssl_sign ($data, $signature, $priv _key_id, OPENSSL_ALGO_SHA1);
There are also two cryptographic functions, and these two cryptographic functions have the decryption method, know
//First: Private key encryption, public key decryption
//$data The data to be encrypted, $crypted encrypt the generated data, $decrypted decrypt the generated data, $data the same as the $decrypted value
///through $PRIV_KEY_ID private key encryption, generate $crypted;
Openssl_private_encrypt ($data, $crypted, $priv _key_id);
Echo $crypted;
//decrypted by $pub_key_id public key to generate $decrypted
Openssl_public_decrypt ($crypted, $decrypted, $pub _key_id);
//second: Public key encryption, private key decryption
//$data The data to be encrypted, $crypted encrypt the generated data, $decrypted decrypt the generated data, $data the same as the $decrypted value
///By $PUB_KEY_ID public key encryption, generate $crypted;
Openssl_public_encrypt ($data, $crypted, $pub _key_id);
//decrypted by $priv_key_id private key to generate $decrypted
Openssl_private_decrypt ($crypted, $decrypted, $priv _key_id);
//Note that my side of the file to get the public key and private key is not corresponding
//Normal, get the public key and private key file is one by one corresponding, here I use the fast money.
//Quick money gives the private key generate file, corresponding public key generate file on the quick Money side
//Quick Money gives the public key to generate the file, the corresponding private key generates the file on the quick Money side
That is, a public key generation file and a private key generation file are missing
//I never found a one by one corresponding private key, public key generated file, if you find a send me, thank you.
The
//Openssl_verify () method verifies that the signature is correct (the data generated by the private key encryption is returned and validated with the corresponding public key).
//$signature Public key encryption generated data, $data raw data, successfully returned 1, failed to return 0, error return-1
//$pub _key_id public key
openssl_verify ($data, $signature, $pub _key_id);
//Releases the private key or public key from memory
Openssl_free_key ($priv _key_id);
Openssl_free_key ($pub _key_id);
generate private and public key
genrsa-out Private-rsa.pem
Rsa-in Private-rsa.pem-pubout-out Pubic-rsa.cer