Asymmetric encryption
As for what is asymmetric encryption, do not say here, everyone Google go. Here is that, recently in doing an external recharge encryption service, then involved in this encryption processing, in the middle encounter a few small problems, so record, convenient for their next review.
Detailed code
_keypath = $path; /** * * * * * * * Public Function CreateKey () {$config = ["config" = "d:\" Wamp\bin\apache\apache2.4.9\conf\openssl.cnf ', "digest_alg" = "sha512", "private_key_bits" and "=" 4096, "private_key_type" = Openssl_keytype_rsa,]; Generate private key $rsa = Openssl_pkey_new ($config); Openssl_pkey_export ($rsa, $privKey, NULL, $config); File_put_contents ($this->_keypath. Directory_separator. ' Priv.key ', $privKey); $this->_privkey = Openssl_pkey_get_public ($privKey); Generate public Key $rsaPri = Openssl_pkey_get_details ($r); $pubKey = $rsaPri [' key ']; File_put_contents ($this->_keypath. Directory_separator. ' Pub.key ', $pubKey); $this->_pubkey = Openssl_pkey_get_public ($pubKey); }/** * * * */Public Function Setupprivkey () {if (Is_resource ($this->_privkey)) { return true; } $file = $this->_keypath. Directory_separator. ' Priv.key '; $privKey = file_get_contents ($file); $this->_privkey = openssl_pkey_get_private ($privKey); return true; }/** * Set the public key * * * * Setuppubkey () {if (Is_resource ($this->_pubkey)) { return true; } $file = $this->_keypath. Directory_separator. ' Pub.key '; $pubKey = file_get_contents ($file); $this->_pubkey = Openssl_pkey_get_public ($pubKey); return true; }/** * * * * */Public Function Privencrypt ($data) {if (!is_string ($data)) {R Eturn null; } $this->setupprivkey (); $result = Openssl_private_encrypt ($data, $encrypted, $this->_privkey); if ($result) {return base64_encode ($encrypted); } return null; /** * * * Private key decryption * */Public Function Privdecrypt ($encrypted) {if (!is_string ($encrypted)) {return null; } $this->setupprivkey (); $encrypted = Base64_decode ($encrypted); $result = Openssl_private_decrypt ($encrypted, $decrypted, $this->_privkey); if ($result) {return $decrypted; } return null; * * * Public Key/** * * * PUBENCRYPT ($data) {if (!is_string ($data)) {RET Urn null; } $this->setuppubkey (); $result = Openssl_public_encrypt ($data, $encrypted, $this->_pubkey); if ($result) {return base64_encode ($encrypted); } return null; * * * Public Key decryption * * * */** pubdecrypt ($crypted) {if (!is_string ($crypted)) { return null; } $this->setuppubkey (); $crypted = Base64_decode ($crypted); $result = Openssl_public_decrypt ($crypted, $decrypted, $this->_pubkey); if ($result) { return $decrypted; } return null; }/** * * * * */Public Function __destruct () {@fclose ($this->_privkey); @fclose ($this->_pubkey); }}?>
Test
$rsa = new RSA (' Ssl-key ');//private key encryption, public key decryption echo "data to encrypt: segmentfault.com\n"; $pre = $rsa->privencrypt ("segmentfault.com") echo "Encrypted ciphertext: \ n". $pre. "\ n"; $pud = $rsa->pubdecrypt ($pre); echo "decrypted data:". $pud. "\ n";//public key encryption, private key decryption echo "Encrypted data: segmentfault.com\n"; $pue = $rsa->pubencrypt ("segmentfault.com"); echo "ciphertext after encryption: \ n". $pue. "\ n"; $prd = $rsa->privdecrypt ($pue); echo "decrypted data:". $PRD;
Important Questions
In particular, it is important to note that the file address of the OPENSSL.CNF is specified in the configuration, or a openssl_conf global variable is set.