PHP uses OpenSSL to generate certificates and encrypt and decrypt sample code

Source: Internet
Author: User
Tags decrypt
OpenSSL is a Secure Sockets Layer cipher library that includes key cryptographic algorithms, common key and certificate encapsulation management functions, and SSL protocols, and provides a rich set of applications for testing or other purposes.

After being exposed to a critical security vulnerability, OpenSSL found that most websites encrypted via the SSL protocol use an open source package called OpenSSL. The OpenSSL vulnerability not only affects websites that start with HTTPS, but hackers can also use the vulnerability to initiate a "heart Bleed" (Heartbleed) attack directly on the PC. It is analyzed that there is a large number of software on windows that use a vulnerable OpenSSL code base that could be hacked to crawl memory data on a user's computer.

This article mainly introduces the use of OpenSSL in PHP to generate certificates and encryption decryption, the need for friends can refer to the following

Dependent on the OpenSSL extension

/* Encrypt decrypt */function authcode ($string, $operation = ' E ') {$ssl _public = file_get_contents (data_path. ")  /conf/cert_public.key "); $ssl _private = file_get_contents (data_path. ")  /conf/cert_private.pem "); $pi _key = openssl_pkey_get_private ($ssl _private);//This function can be used to determine if the private key is available, return the resource ID Resource ID $pu _key = openssl_pkey_get_  Public ($ssl _public);//This function can be used to determine if the key is available if (false = = ($pi _key | | $pu _key)) return ' certificate error ';  $data = ""; if ($operation = = ' D ') {Openssl_private_decrypt (Base64_decode ($string), $data, $pi _key);//private key decryption}else{Openssl_public_  Encrypt ($string, $data, $pu _key);//Public key Cryptography $data = Base64_encode ($data); } return $data;} /* Generate certificate */function exportopensslfile () {$config = Array ("Digest_alg" = "sha512", "private_key_bits" = 409  6,//bytes 512 1024 2048 4096 etc. "private_key_type" = Openssl_keytype_rsa,//encryption type);  $res = Openssl_pkey_new ($config);  if ($res = = false) return false;  Openssl_pkey_export ($res, $private _key); $public _key = Openssl_pkey_get_detailS ($res);  $public _key = $public _key["key"]; File_put_contents (Data_path. "  /conf/cert_public.key ", $public _key); File_put_contents (Data_path. "  /conf/cert_private.pem ", $private _key); Openssl_free_key ($res);}
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.