PHP PKI encryption Technology (OpenSSL) instance detailed

Source: Internet
Author: User
Tags sha1 hash
This article is a detailed analysis of the PKI encryption Technology (OpenSSL) in PHP, which requires a friend's reference

The code is as follows:

<?PHP//PKI encryption//Use PKI encryption need to open the OpenSSL extension//php.ini extension = Php_openssl.dll extended/*pki mode is * Public key encryption, private key decryption; * Private key encryption, public key decryption; */// Private key encryption, public key decryption//client//$data data $data = ' ABCD ';//Get private key $priv _key_id$priv_key_id = Openssl_get_privatekey (file_get_contents (' 99bill-rsa.pem ', R));//Get public key $pub _key_id$pub_key_id = Openssl_get_publickey (file_get_contents (' 99bill-rsa.cer ', R)) ;//$data preferred by SHA1 Hash encryption, and then through the $PRIV_KEY_ID private key encryption, generate signature $signature//$signature is the encrypted signature//openssl_sign () encryption function, as to its decryption method I do not know???????????????????????? ?????????? Openssl_sign ($data, $signature, $priv _key_id, OPENSSL_ALGO_SHA1);//There are two cryptographic functions, and the two cryptographic functions have a decryption method, know//First: Private key encryption, public key decryption//$ Data to be encrypted, $crypted is the data generated by the encryption, $decrypted is to decrypt the generated data, $data the same as the $decrypted value//$priv_key_id private key encryption, generate $CRYPTED;OPENSSL_ Private_encrypt ($data, $crypted, $priv _key_id); echo $crypted;//Decrypt by $pub_key_id public key, generate $DECRYPTEDOPENSSL_PUBLIC_ Decrypt ($crypted, $decrypted, $pub _key_id);//second: Public key encryption, private key decryption//$data the data to be encrypted, $crypted is the data generated by the encryption, $decrypted is to decrypt the generated data; Data is the same as $decrypted value//encrypted by $pub_key_id Public key, generates $crypted;openssl_public_encrypt ($data, $cryptEd, $pub _key_id);//Decrypt by $priv_key_id private key, Generate $decryptedopenssl_private_decrypt ($crypted, $decrypted, $priv _key_id);// Note, my side of the access to the public key and the private key file is not corresponding//normal situation, get the public key and the private key file is one by one corresponding, here I use fast money. Fast money to the private key generated files, corresponding public key generated files in the fast Money yonder//fast money to the public key generation file, the corresponding private key generation file in the Fast Money Yonder//is missing a public key generation file and a private key generation file//I never found a one by one corresponding private key, public key generation file, If you look for one, send me a copy, thank you. The Openssl_verify () method verifies that the signature is correct (the data generated by the private key encryption is returned and validated with the corresponding public key), only in this case. $signature the public key to encrypt the generated data, $data the original data, successfully returned 1, failed to return 0, error returned -1//$pub _key_id public key openssl_verify ($data, $signature, $pub _key_id) ;//Release the private key or public key Openssl_free_key ($priv _key_id) from memory; Openssl_free_key ($pub _key_id);

generate private key and public key
genrsa-out PRIVATE-RSA.PEM
rsa-in Private-rsa.pem-pubout-out Pubic-rsa.cer

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.