PHP rsa encryption and decryption method, phprsa encryption and decryption

PHP rsa encryption and decryption method, phprsa encryption and decryption

When the php server interacts with the client and provides open APIs, it usually needs to encrypt sensitive part of api data transmission. At this time, rsa asymmetric encryption can be used, the following example shows how to use php to encrypt and decrypt data.

1. The first step of encryption and decryption is to generate a public key and private key pair. The content encrypted by the private key can be decrypted through the Public Key (or vice versa)

Download the open-source RSA key generation tool openssl (usually the program is provided in Linux), decompress it to an independent folder, enter the bin directory, and execute the following command:

openssl genrsa -out rsa_private_key.pem 1024openssl pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt -out private_key.pemopenssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem

The first command generates the original RSA private key file rsa_private_key.pem. The second command converts the original RSA private key to pkcs8. The third command generates the RSA public key rsa_public_key.pem.
We can see from the above that the corresponding public key can be generated through the private key, so we use the private key private_key.pem on the server side, and the Public Key is issued to the android and ios frontend.

2. Use the generated public key and private key in php for encryption and decryption, and directly upload the code

<? Php $ private_key = '----- begin rsa private key ----- MIICXQIBAAKBgQC3 // combined + keys/Gqx7/IRia3zQfxGv/qEkyGOx + keys/keys + keys/+ x/gaqdeJU/keys /OTv1a3SqcCE1f + kernel + Y8SgCCs73qixrU1YpJy9yKA/meG9smsl4Oh9IOIGI + kernel/kernel ----- end rsa private key -----'; $ public_key = '----- begin public key ----- users // users + users/Gqx7/IRia3zQfxGv/qEkyGOx + users + tD3amHsK7QIDAQAB ----- end public key -----'; // echo $ private_key; $ pi_key = openssl_pkey_get_private ($ private_key); // this function can be used to determine whether the private key is available. The Resource id $ pu_key = openssl_pkey_get_public ($ public_key) can be returned ); // this function can be used to determine whether the public key is available print_r ($ pi_key); echo "\ n"; print_r ($ pu_key); echo "\ n "; $ data = "aassssasssddd"; // raw data $ encrypted = ""; $ decrypted = ""; echo "source data:", $ data, "\ n "; echo "private key encrypt: \ n"; openssl_private_encrypt ($ data, $ encrypted, $ pi_key); // private key Encryption $ encrypted = base64_encode ($ encrypted ); // The encrypted content usually contains special characters and requires encoding and conversion. During url transmission between networks, pay attention to whether base64 encoding is url-safe echo $ encrypted, "\ n "; echo "public key decrypt: \ n"; openssl_public_decrypt (base64_decode ($ encrypted), $ decrypted, $ pu_key ); // The private key can be decrypted through the public key. echo $ decrypted, "\ n"; echo "----------------------------------------- \ n"; echo "public key encrypt: \ n "; openssl_public_encrypt ($ data, $ encrypted, $ pu_key); // public key encryption $ encrypted = base64_encode ($ encrypted); echo $ encrypted, "\ n"; echo "private key decrypt: \ n "; openssl_private_decrypt (base64_decode ($ encrypted), $ decrypted, $ pi_key); // Private Key decryption echo $ decrypted," \ n ";