Home > Developer > PHP

PhpRAS encryption code

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
PhpRAS encryption code
Openssl-based signatures, signatures, and asymmetric encryption and decryption must be used with x.509 certificates (such as crt and pem) files.

  1. /**
  2. * RSA algorithm
  3. * Signature and ciphertext encoding: base64 string/hexadecimal string/binary string stream
  4. * Filling mode: PKCS1Padding (encryption and decryption)/NOPadding (decryption)
  5. *
  6. * Notice: Only accepts a single block. Block size is equal to the RSA key size!
  7. * If the key length is 1024 bits, the encrypted data size must be less than 128 bytes, and the PKCS1Padding's own 11 bytes. Therefore, the plaintext length must be less than 117 bytes.
  8. *
  9. * @ Author: linvo
  10. * @ Version: 1.0.0
  11. * @ Date: 2013/1/23
  12. */
  13. Class RSA {
  15. Private $ pubKey = null;
  16. Private $ priKey = null;
  18. /**
  19. * Custom error handling
  20. */
  21. Private function _ error ($ msg ){
  22. Die ('RSA Error: '. $ msg); // TODO
  23. }
  25. /**
  26. * Constructor
  27. *
  28. * @ Param string Public Key File (passed during signature verification and encryption)
  29. * @ Param string private key File (input during signature and decryption)
  30. */
  31. Public function _ construct ($ public_key_file = '', $ private_key_file = ''){
  32. If ($ public_key_file ){
  33. $ This-> _ getPublicKey ($ public_key_file );
  34. }
  35. If ($ private_key_file ){
  36. $ This-> _ getPrivateKey ($ private_key_file );
  37. }
  38. }
  41. /**
  42. * Generate a signature
  43. *
  44. * @ Param string signature material
  45. * @ Param string signature encoding (base64/hex/bin)
  46. * @ Return signature value
  47. */
  48. Public function sign ($ data, $ code = 'base64 '){
  49. $ Ret = false;
  50. If (openssl_sign ($ data, $ ret, $ this-> priKey )){
  51. $ Ret = $ this-> _ encode ($ ret, $ code );
  52. }
  53. Return $ ret;
  54. }
  56. /**
  57. * Verify the signature
  58. *
  59. * @ Param string signature material
  60. * @ Param string signature value
  61. * @ Param string signature encoding (base64/hex/bin)
  62. * @ Return bool
  63. */
  64. Public function verify ($ data, $ sign, $ code = 'base64 '){
  65. $ Ret = false;
  66. $ Sign = $ this-> _ decode ($ sign, $ code );
  67. If ($ sign! = False ){
  68. Switch (openssl_verify ($ data, $ sign, $ this-> pubKey )){
  69. Case 1: $ ret = true; break;
  70. Case 0:
  71. Case-1:
  72. Default: $ ret = false;
  73. }
  74. }
  75. Return $ ret;
  76. }
  78. /**
  79. * Encryption
  80. *
  81. * @ Param string plaintext
  82. * @ Param string ciphertext encoding (base64/hex/bin)
  83. * @ Param int fill mode (it seems that php has a bug, so currently only OPENSSL_PKCS1_PADDING is supported)
  84. * @ Return string ciphertext
  85. */
  86. Public function encrypt ($ data, $ code = 'base64', $ padding = OPENSSL_PKCS1_PADDING ){
  87. $ Ret = false;
  88. If (! $ This-> _ checkPadding ($ padding, 'en') $ this-> _ error ('padding error ');
  89. If (openssl_public_encrypt ($ data, $ result, $ this-> pubKey, $ padding )){
  90. $ Ret = $ this-> _ encode ($ result, $ code );
  91. }
  92. Return $ ret;
  93. }
  95. /**
  96. * Decryption
  97. *
  98. * @ Param string ciphertext
  99. * @ Param string ciphertext encoding (base64/hex/bin)
  100. * @ Param int fill mode (OPENSSL_PKCS1_PADDING/OPENSSL_NO_PADDING)
  101. * @ Param bool whether to flip the plaintext (When passing Microsoft CryptoAPI-generated RSA cyphertext, revert the bytes in the block)
  102. * @ Return string plaintext
  103. */
  104. Public function decrypt ($ data, $ code = 'base64', $ padding = OPENSSL_PKCS1_PADDING, $ rev = false ){
  105. $ Ret = false;
  106. $ Data = $ this-> _ decode ($ data, $ code );
  107. If (! $ This-> _ checkPadding ($ padding, 'de') $ this-> _ error ('padding error ');
  108. If ($ data! = False ){
  109. If (openssl_private_decrypt ($ data, $ result, $ this-> priKey, $ padding )){
  110. $ Ret = $ rev? Rtrim (strrev ($ result), "\ 0"): ''. $ result;
  111. }
  112. }
  113. Return $ ret;
  114. }
  117. // Private method
  119. /**
  120. * Check filling type
  121. * Encryption only supports PKCS1_PADDING.
  122. * Supports PKCS1_PADDING and NO_PADDING for decryption.
  123. *
  124. * @ Param int fill mode
  125. * @ Param string encrypt en/decrypt de
  126. * @ Return bool
  127. */
  128. Private function _ checkPadding ($ padding, $ type ){
  129. If ($ type = 'en '){
  130. Switch ($ padding ){
  131. Case OPENSSL_PKCS1_PADDING:
  132. $ Ret = true;
  133. Break;
  134. Default:
  135. $ Ret = false;
  136. }
  137. } Else {
  138. Switch ($ padding ){
  139. Case OPENSSL_PKCS1_PADDING:
  140. Case OPENSSL_NO_PADDING:
  141. $ Ret = true;
  142. Break;
  143. Default:
  144. $ Ret = false;
  145. }
  146. }
  147. Return $ ret;
  148. }
  150. Private function _ encode ($ data, $ code ){
  151. Switch (strtolower ($ code )){
  152. Case 'base64 ':
  153. $ Data = base64_encode (''. $ data );
  154. Break;
  155. Case 'Hex ':
  156. $ Data = bin2hex ($ data );
  157. Break;
  158. Case 'bin ':
  159. Default:
  160. }
  161. Return $ data;
  162. }
  164. Private function _ decode ($ data, $ code ){
  165. Switch (strtolower ($ code )){
  166. Case 'base64 ':
  167. $ Data = base64_decode ($ data );
  168. Break;
  169. Case 'Hex ':
  170. $ Data = $ this-> _ hex2bin ($ data );
  171. Break;
  172. Case 'bin ':
  173. Default:
  174. }
  175. Return $ data;
  176. }
  178. Private function _ getPublicKey ($ file ){
  179. $ Key_content = $ this-> _ readFile ($ file );
  180. If ($ key_content ){
  181. $ This-> pubKey = openssl_get_publickey ($ key_content );
  182. }
  183. }
  185. Private function _ getPrivateKey ($ file ){
  186. $ Key_content = $ this-> _ readFile ($ file );
  187. If ($ key_content ){
  188. $ This-> priKey = openssl_get_privatekey ($ key_content );
  189. }
  190. }
  192. Private function _ readFile ($ file ){
  193. $ Ret = false;
  194. If (! File_exists ($ file )){
  195. $ This-> _ error ("The file {$ file} is not exists ");
  196. } Else {
  197. $ Ret = file_get_contents ($ file );
  198. }
  199. Return $ ret;
  200. }
  203. Private function _ hex2bin ($ hex = false ){
  204. $ Ret = $ hex! = False & preg_match ('/^ [0-9a-fA-F] + $/I', $ hex )? Pack ("H *", $ hex): false;
  205. Return $ ret;
  206. }
  210. }


Test example

  1. Header ('content-Type: text/html; Charset = utf-8 ;');
  3. Include "rsa. php ";
  5. Echo'
    ';
  6. $ A = isset ($ _ GET ['A'])? $ _ GET ['A']: 'Test 100 ';
  7. //////////////////////////////////////
  8. $ Pubfile = 'E: \ ssl \ cert \ pwd. crt ';
  9. $ Prifile = 'E: \ ssl \ cert \ pwd. pem ';
  10.    
  11. $ M = new RSA ($ pubfile, $ prifile );
  12. $ X = $ m-> sign ($ );
  13. $ Y = $ m-> verify ($ a, $ x );
  14. Var_dump ($ x, $ y );
  15.    
  16.    
  17. $ X = $ m-> encrypt ($ );
  18. $ Y = $ m-> decrypt ($ x );
  19. Var_dump ($ x, $ y );

Php, RAS

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
example of encryption code php code encryption software rsa encryption php source code rc4 encryption code in c encryption and decryption in php code disc encryption chap encryption

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More