When the PHP server interacts with the client and provides an open API, it is often necessary to encrypt the sensitive part of the API data transfer, at which point RSA Asymmetric encryption can be used, and an example to illustrate how to use PHP to encrypt and decrypt data.
1, the first step of encryption and decryption is to generate a public key, a private key pair, the private key encrypted content can be decrypted by the public key (in turn, can also)
Download the open source RSA key generation tool OpenSSL (usually the Linux system comes with the program), unzip to a separate folder, enter the Bin directory, and execute the following command:
OpenSSL genrsa-out Rsa_private_key.pem 1024
OpenSSL pkcs8-topk8-inform pem-in rsa_private_key.pem-outformpem-nocrypt-out Private_key.pem
OpenSSL rsa-in Rsa_private_key.pem-pubout-outrsa_public_key.pem
The first command generates the original RSA private key file Rsa_private_key.pem, the second command converts the original RSA private key to the PKCS8 format, and the third generates the RSA public key Rsa_public_key.pem
From the above, we can generate the corresponding public key through the private key, so we use the private key Private_key.pem on the server side, the public key is issued to the Android and iOS and other front
2, PHP with the generated public key, the private key for encryption and decryption, directly on the code
$private _key = '-----BEGIN RSA private Key-----
Miicxqibaakbgqc3//sr2txw0wrc2dysx8vnglqt3y7ldu9+lbli6e1ks5lfc5jl
tgf7kbtskchbm3ouehwqp1zj85ije59af5gib2klbd6h4wrbbha2xe1sq21ykja/
Gqx7/iria3zqfxgv/qekygox+xalvoolzqdwh76o2n1vp1d+td3amhsk7qidaqab
Aogbakh14bmitesqd4pywodwmy7rrrvyfpenjjtecljvkb7ikrvxvdkp1xijngkh
2h5syhq5qslpsgyj1m/xkdnginwalvhvd3bokkgkg1bzn7ao5pxt+herqxavwws6
Ga63yvsic8jcodxiuvxjnumqrlaqof6aub/2vwc2t5mdmxlhakea3pwgpvxgliwl
3h7qlyzlrlrbfrurn4cyl4uyaakokkavzly04glle8ycgoc2dzl4eil4l/+x/gaq
deju/chlrqjbanozy0meovkwhu4bscsdnfm6usqowybewhyyh/otv1a3sqcce1f+
qbaclcqenihajccdmgyj53lfigyv0wcs54kcqaxapkahclrkqladquv5iwyyj25f
Oiq+y8sgccs73qixru1ypjy9yka/meg9smsl4oh9ioigi+zuygh9ydsmeq0cqqc2
4g3ip2g3lndrdzim5nz7pfnmyrabxk/ugvuwdk47iwtzhfkdhxkfc8qepuhbsahl
Qjifgxy4ejkubm3fpdgjakafwuxyssijjvrhwnhfbg0rfkvvy63osmnrxil4x6ey
yi9lblcsyfpl25l7l5zmjrahn45zaioobrwqpm5edu7c
-----END RSA PRIVATE KEY-----';
$public _key = '-----BEGIN Public Key-----
Migfma0gcsqgsib3dqebaquaa4gnadcbiqkbgqc3//sr2txw0wrc2dysx8vnglqt
3y7ldu9+lbli6e1ks5lfc5jltgf7kbtskchbm3ouehwqp1zj85ije59af5gib2kl
bd6h4wrbbha2xe1sq21ykja/gqx7/iria3zqfxgv/qekygox+xalvoolzqdwh76o
2n1vp1d+td3amhsk7qidaqab
-----END Public KEY-----';
echo $private _key;
$pi _key = openssl_pkey_get_private ($private _key);//This function can be used to determine if the private key is available, return the resource Idresource ID
$pu _key =openssl_pkey_get_public ($public _key);//This function can be used to determine whether the public key is available
Print_r ($pi _key); echo "\ n";
Print_r ($pu _key); echo "\ n";
$data = "AASSSSASSSDDD";//RAW data
$encrypted = "";
$decrypted = "";
echo "Source data:", $data, "\ n";
echo "Private key encrypt:\n";
Openssl_private_encrypt ($data, $encrypted, $pi _key);//private key encryption
$encrypted =base64_encode ($encrypted);//The contents of the encryption usually contain special characters, need to encode the conversion, the transmission between the network through the URL to pay attention to base64 encoding is URL-safe
echo $encrypted, "\ n";
echo "Public key decrypt:\n";
Openssl_public_decrypt (Base64_decode ($encrypted), $decrypted, $pu _key);//private key encrypted content can be decrypted by public key
echo $decrypted, "\ n";
echo "---------------------------------------\ n";
echo "Public key encrypt:\n";
Openssl_public_encrypt ($data, $encrypted, $pu _key);//Public key encryption
$encrypted = Base64_encode ($encrypted);
echo $encrypted, "\ n";
echo "Private key decrypt:\n";
Openssl_private_decrypt (Base64_decode ($encrypted), $decrypted, $pi _key);//private key decryption
echo $decrypted, "\ n";
PHP RSA encryption and decryption instance