PHP uses OpenSSL to generate certificates and encrypt and decrypt sample code

OpenSSL is a Secure Sockets Layer cipher library that includes key cryptographic algorithms, common key and certificate encapsulation management functions, and SSL protocols, and provides a rich set of applications for testing or other purposes.

After being exposed to a critical security vulnerability, OpenSSL found that most websites encrypted via the SSL protocol use an open source package called OpenSSL. The OpenSSL vulnerability not only affects websites that start with HTTPS, but hackers can also use the vulnerability to initiate a "heart Bleed" (Heartbleed) attack directly on the PC. It is analyzed that there is a large number of software on windows that use a vulnerable OpenSSL code base that could be hacked to crawl memory data on a user's computer.

This article mainly introduces the use of OpenSSL in PHP to generate certificates and encryption decryption, the need for friends can refer to the following

Dependent on the OpenSSL extension

/* Encrypt decrypt */function authcode ($string, $operation = ' E ') {$ssl _public = file_get_contents (data_path. ")  /conf/cert_public.key "); $ssl _private = file_get_contents (data_path. ")  /conf/cert_private.pem "); $pi _key = openssl_pkey_get_private ($ssl _private);//This function can be used to determine if the private key is available, return the resource ID Resource ID $pu _key = openssl_pkey_get_  Public ($ssl _public);//This function can be used to determine if the key is available if (false = = ($pi _key | | $pu _key)) return ' certificate error ';  $data = ""; if ($operation = = ' D ') {Openssl_private_decrypt (Base64_decode ($string), $data, $pi _key);//private key decryption}else{Openssl_public_  Encrypt ($string, $data, $pu _key);//Public key Cryptography $data = Base64_encode ($data); } return $data;} /* Generate certificate */function exportopensslfile () {$config = Array ("Digest_alg" = "sha512", "private_key_bits" = 409  6,//bytes 512 1024 2048 4096 etc. "private_key_type" = Openssl_keytype_rsa,//encryption type);  $res = Openssl_pkey_new ($config);  if ($res = = false) return false;  Openssl_pkey_export ($res, $private _key); $public _key = Openssl_pkey_get_detailS ($res);  $public _key = $public _key["key"]; File_put_contents (Data_path. "  /conf/cert_public.key ", $public _key); File_put_contents (Data_path. "  /conf/cert_private.pem ", $private _key); Openssl_free_key ($res);}