PHP implements asymmetric encryption

PHP implements asymmetric encryption

As for what is non-symmetric encryption, let alone Google. It is noted that, recently, an external recharge and encryption service has encountered several minor problems related to the encryption processing. Therefore, record the issue so that you can check it again later.

Code details

 _ KeyPath = $ path;}/*** create public key and private key **/public function createKey () {$ config = ["config" => 'd: \ wamp \ bin \ apache \ apache2.4.9 \ conf \ openssl. cnf ', "digest_alg" => "sha512", "private_key_bits" => 4096, "private_key_type" => OPENSSL_KEYTYPE_RSA,]; // Generate the private key $ rsa = openssl_pkey_new ($ config); openssl_pkey_export ($ rsa, $ privKey, NULL, $ config); file_put_contents ($ this-> _ keyPath. DIRECTORY_SEPARATOR. 'priv. Key', $ privKey); $ this-> _ privKey = openssl_pkey_get_public ($ privKey); // generate the public key $ rsaPri = openssl_pkey_get_details ($ r ); $ pubKey = $ rsaPri ['key']; file_put_contents ($ this-> _ keyPath. DIRECTORY_SEPARATOR. 'pub. key', $ pubKey); $ this-> _ pubKey = openssl_pkey_get_public ($ pubKey);}/*** set private key **/public function setupPrivKey () {if (is_resource ($ this-> _ privKey) {return true;} $ file = $ this-> _ keyPath. DIRECTORY_SEPARATOR. 'priv. key'; $ privKey = file_get_contents ($ file); $ this-> _ privKey = openssl_pkey_get_private ($ privKey); return true ;} /*** set public key **/public function setupPubKey () {if (is_resource ($ this-> _ pubKey) {return true ;} $ file = $ this-> _ keyPath. DIRECTORY_SEPARATOR. 'pub. key'; $ pubKey = file_get_contents ($ file); $ this-> _ pubKey = openssl_pkey_get_public ($ pubKey); return true; }/*** Encrypt with private key **/public function privEncrypt ($ data) {if (! Is_string ($ data) {return null;} $ this-> setupPrivKey (); $ result = openssl_private_encrypt ($ data, $ encrypted, $ this-> _ privKey ); if ($ result) {return base64_encode ($ encrypted);} return null;}/*** private key decryption **/public function privDecrypt ($ encrypted) {if (! Is_string ($ encrypted) {return null;} $ this-> setupPrivKey (); $ encrypted = base64_decode ($ encrypted); $ result = Encrypt ($ encrypted, $ decrypted, $ this-> _ privKey); if ($ result) {return $ decrypted;} return null;}/*** public key encryption **/public function pubEncrypt ($ data) {if (! Is_string ($ data) {return null;} $ this-> setupPubKey (); $ result = openssl_public_encrypt ($ data, $ encrypted, $ this-> _ pubKey ); if ($ result) {return base64_encode ($ encrypted);} return null;}/*** public key decryption ***/public function pubDecrypt ($ crypted) {if (! Is_string ($ crypted) {return null;} $ this-> setupPubKey (); $ crypted = base64_decode ($ crypted); $ result = openssl_public_decrypt ($ crypted, $ decrypted, $ this-> _ pubKey); if ($ result) {return $ decrypted;} return null;}/*** _ destruct **/public function _ struct () {@ fclose ($ this-> _ privKey); @ fclose ($ this-> _ pubKey) ;}}?>

Test

$ Rsa = new Rsa ('SSL-key'); // private key encryption, public key decryption echo "data to be encrypted: segmentfault.com \ n "; $ pre = $ rsa-> privEncrypt ("segmentfault.com"); echo "encrypted ciphertext: \ n ". $ pre. "\ n"; $ pud = $ rsa-> pubDecrypt ($ pre); echo "decrypted data :". $ pud. "\ n"; // public key encryption, private key decryption echo "data to be encrypted: segmentfault.com \ n"; $ pue = $ rsa-> pubEncrypt ("segmentfault.com "); echo "encrypted ciphertext: \ n ". $ pue. "\ n"; $ prd = $ rsa-> privDecrypt ($ pue); echo "decrypted data :". $ prd;

Important questions

Note that you must specify the file address of openssl. cnf in the configuration, or set an OPENSSL_CONF global variable.