標籤:scm rsa 非對稱式加密 info 公開金鑰加密 微軟雅黑 md5 cipher 資料格式
1、檢查伺服器是否已安裝了openssl組件,沒有則先安裝好
openssl version [-a]
2、對稱式加密
查詢openssl支援的對稱式加密演算法
openssl_get_cipher_methods();
加密:openssl_encrypt($data, $method, $passwd, $options, $iv);
參數說明:
$data: 加密明文
$method: 加密方法
$passwd: 加密金鑰
$options: 資料格式選項(可選)
$iv: 加密初始化向量(可選)
解密:openssl_decrypt($data, $method, $passwd, $options, $iv);
參數說明:
$data: 解密密文
$method: 解密加密方法
$passwd: 解密密鑰
$options: 資料格式選項(可選)
$iv: 解密初始化向量(可選)
3、產生公開金鑰、私密金鑰對
(1)產生原始RSA私密金鑰檔案rsa_private_key.pem
openssl genrsa -out rsa_private_key.pem 1024
(2)將原始的RSA私密金鑰轉換為pkcs8模式
openssl pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt -out private_key.pem
(3)產生RSA公開金鑰 rsa_public_key.pem
openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
4、使用私密金鑰加密、公開金鑰解密
使用的私密金鑰為上述產生的rsa_private_key.pem檔案內容
使用的公開金鑰為上述產生的rsa_public_key.pem檔案內容
1 // 產生密鑰資源id 2 $pi_key = openssl_pkey_get_private($private_key); 3 $pu_key = openssl_pkey_get_public($public_key); 4 5 // 私密金鑰加密 6 $encrypted = ‘’; 7 openssl_private_encrypt($data, $encrypted, $pi_key); 8 9 // 轉碼,這裡的$encrypted就是私密金鑰加密的字串10 $encrypted = base64_encode($encrypted);11 12 // 公開金鑰解密,$decrypted即為公開金鑰解密後私密金鑰加密前的明文13 $decrypted = ‘’;14 $encrypted = base64_decode($encrypted);15 openssl_public_decrypt($encrypted, $decrypted, $pu_key);
5、使用公開金鑰加密、私密金鑰解密
使用的私密金鑰為上述產生的rsa_private_key.pem檔案內容
使用的公開金鑰為上述產生的rsa_public_key.pem檔案內容
1 // 產生密鑰資源id 2 $pi_key = openssl_pkey_get_private($private_key); 3 $pu_key = openssl_pkey_get_public($public_key); 4 5 // 公開金鑰加密 6 $encrypted = ‘’; 7 openssl_public_encrypt($data, $encrypted, $pu_key); 8 9 // 轉碼,這裡的$encrypted就是公開金鑰加密的字串10 $encrypted = base64_encode($encrypted);11 12 // 私密金鑰解密,$decrypted即為私密金鑰解密後公開金鑰加密前的明文13 $decrypted = ‘’;14 $encrypted = base64_decode($encrypted);15 openssl_private_decrypt($encrypted, $decrypted, $pu_key);
完整代碼示範:
1 <?php 2 /** 3 * Created by PhpStorm. 4 * User: ahao 5 * Date: 2016/11/20 6 * Time: 10:12 7 */ 8 // 列出openssl加密擴充支援的對稱式加密方法 9 /*$methods = openssl_get_cipher_methods();10 echo "<pre>";11 var_dump($methods);12 13 $iv = substr(md5(‘test‘),0,8);14 $encrypt_data = openssl_encrypt(‘codeman is a good man‘,‘des-cbc‘,‘passwd‘,OPENSSL_RAW_DATA,$iv);15 $encrypt_data = openssl_encrypt(‘codeman is a good man‘,‘des-cbc‘,‘passwd‘,OPENSSL_RAW_DATA);16 echo $encrypt_data;17 echo "<br/>";18 19 $decrypt_data = openssl_decrypt($encrypt_data,‘des-cbc‘,‘passwd‘,OPENSSL_RAW_DATA,$iv);20 echo $decrypt_data;*/21 22 // 私密金鑰23 $private_key = ‘-----BEGIN RSA PRIVATE KEY-----24 MIICXAIBAAKBgQDS6VbgEpOwVc8jXYx/uL6ItMS6aBPVo8fvw0pd90jLJYvfJcFJ25 dYVFh6JPRdpGhlIrED45VdsktcJvJj0cLNI5ZIZ680aS6JTFe3ScBY4Mi7bLKzBN26 YtMBtnkAFbMmWlCXV4qzZYg8+xNktY5ClZZCvZzzlaU5djtUSoxTLkxcmwIDAQAB27 AoGAZT944gZo+bynvH17JhEk/nFxA19VLjj6kSH6AFPmkQcMN2pjeIU/Hhq3k0Cg28 QTzYEy4wAMwzcFME7OC5c14c6GsnOQVEbzT3jA5lNuMnrvb+ehyE0w/O7ah8sSLQ29 3B42GFKkaKiuY2ufsVC4pv6LMn5Sh26ApW332yO0dXZXagECQQDvAWV+n41R9pUp30 iB0+ycBvkuE6yjlohc2MqAxdD+EYNgO4jb1F21pZcqasd/SbpiQwVUKk/uxlOvl931 3dBlcOWbAkEA4eiMv8UiGwBxjBGrz+I/tBq56gcnjvlOkJFyAyxbKaA1C9C51eVv32 39OftI9DqCzcuAYZsCmspb6XEPBIB01VAQJAZVyAQM1Fz+b1p6F0VbaWiDsQjjBJ33 XIyyed6jL6yWWABAX7qs9L1sedbn3OkashAp9N2T4AnFE8GJIdo6kWrp1QJAGOiF34 LFfWDNgdrO393av6jicsPIuRZwhCC1qeEY+AdbR+ZNEczGLB1RIGV+g7830O0ROL35 HYtax+Od0HZN2tBCAQJBANIg+HO5+Qy5hgRO3+uRHERgUQxqHzheLdo5GnoQ/sfT36 sex4mxgze6oq+HldvNWzVjBu9g9417T5WMgyWQ8Unhw=37 -----END RSA PRIVATE KEY-----‘;38 39 // 公開金鑰40 $public_key = ‘-----BEGIN PUBLIC KEY-----41 MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS6VbgEpOwVc8jXYx/uL6ItMS642 aBPVo8fvw0pd90jLJYvfJcFJdYVFh6JPRdpGhlIrED45VdsktcJvJj0cLNI5ZIZ643 80aS6JTFe3ScBY4Mi7bLKzBNYtMBtnkAFbMmWlCXV4qzZYg8+xNktY5ClZZCvZzz44 laU5djtUSoxTLkxcmwIDAQAB45 -----END PUBLIC KEY-----‘;46 47 //這個函數可用來判斷私密金鑰是否是可用的,可用返回資源id Resource id48 $pi_key = openssl_pkey_get_private($private_key);49 50 //這個函數可用來判斷公開金鑰是否是可用的51 $pu_key = openssl_pkey_get_public($public_key);//這個函數可用來判斷公開金鑰是否是可用的52 53 print_r($pi_key); echo "<br/>";54 print_r($pu_key); echo "<br/>";55 56 // 未經處理資料57 $data = ‘codeman‘;58 $encrypted = ‘‘;59 $decrypted = ‘‘;60 61 echo "source data:",$data,"<br/>";62 echo "private key encrypt:<br/>";63 echo "私密金鑰加密,公開金鑰解密:<br/>";64 65 // 私密金鑰加密66 openssl_private_encrypt($data, $encrypted, $pi_key);67 $encrypted = base64_encode($encrypted);//加密後的內容通常含有特殊字元,需要編碼轉換下,在網路間通過url傳輸時要注意base64編碼是否是url安全的68 echo $encrypted,"<br/>";69 70 // 公開金鑰解密71 echo "public key decrypt:<br/>";72 openssl_public_decrypt(base64_decode($encrypted),$decrypted,$pu_key);//私密金鑰加密的內容通過公開金鑰可用解密出來73 echo $decrypted,"<br/><br/>";74 75 echo "公開金鑰加密,私密金鑰解密:<br/>";76 //公開金鑰加密77 openssl_public_encrypt($data, $encrypted, $pu_key);78 $encrypted = base64_encode($encrypted);79 echo $encrypted,"<br/>";80 81 // 私密金鑰解密82 echo "private key decrypt:<br/>";83 openssl_private_decrypt(base64_decode($encrypted),$decrypted,$pi_key);//私密金鑰解密84 echo $decrypted,"<br/>";
6、PHP openssl和mcrypt擴充的區別
openssl是一種公私密金鑰的網路通訊安全性通訊協定,也算一種加密模式,php的openssl擴充是為了用這個協議加密和解密傳輸資料用的。與mcrypt相比,openssl支援更多的加密方法,使用更加簡單,支援非對稱式加密解密,是安裝簽名https的核心組件。
PHP openssl加密擴充使用總結
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
