php使用openssl加密解密数据步骤分解
<?php
/**
* PHP使用OpenSSL生成证书及加密解密
* Class Rsa
*/
class Rsa {
public $publicKey = '';
public $privateKey = '';
/**
* 获取证书文件
* @param $publicKey
* @param $privateKey
*/
public function __construct($publicKey, $privateKey) {
$this->publicKey = $publicKey;
$this->privateKey = $privateKey;
}
/**
* 加密解密
* @param $string
* @param string $operation
* @return string
*/
public function authcode($string, $operation = 'encrypt') {
if (!(file_exists($this->publicKey) || file_exists($this->privateKey))) {
echo '秘钥文件不存在';
return false;
}
$publicKey = openssl_pkey_get_public(file_get_contents($this->publicKey));
$privateKey = openssl_pkey_get_private(file_get_contents($this->privateKey));
if (!($privateKey || $publicKey)) {
echo '证书错误';
return false;
}
$data = "";
if ($operation == 'decrypt') {
openssl_private_decrypt(base64_decode($string), $data, $privateKey);
}
else {
openssl_public_encrypt($string, $data, $publicKey);
$data = base64_encode($data);
}
return $data;
}
/**
* 生成证书
* @return bool
*/
public function exportOpenSSLFile() {
$publicKey = $privateKey = '';
//参数设置
$config = [
"digest_alg" => "sha512",
//文件路径根据自己的要求进行填充
"config" => "./conf/openssl.cnf",
//字节数 512 1024 2048 4096 等
"private_key_bits" => 1024,
//加密类型
"private_key_type" => OPENSSL_KEYTYPE_RSA,
];
//创建私钥和公钥
$res = openssl_pkey_new($config);
if ($res == false) {
//创建失败,请检查openssl.cnf文件是否存在
echo '生成秘钥失败';
return false;
}
//将密钥导出为PEM编码的字符串,并输出(通过引用传递)。
openssl_pkey_export($res, $privateKey, null, $config);
$publicKey = openssl_pkey_get_details($res);
$publicKey = $publicKey["key"];
//生成证书
$createPublicFileRet = file_put_contents($this->publicKey, $publicKey);
$createPrivateFileRet = file_put_contents($this->privateKey, $privateKey);
if (!($createPublicFileRet || $createPrivateFileRet)) {
echo '创建秘钥文件失败';
return false;
}
openssl_free_key($res);
return true;
}
}
$certPublic = "./conf/cert_public.key";
$certPrivate = "./conf/cert_private.key";
$rsaObj = new Rsa($certPublic, $certPrivate);
//生成一个证书
$rsaObj->exportOpenSSLFile();
//原始数据
$sourceDat = '{"name":"jack","age":"22","address":"beijing"}';
echo 'source data:' . PHP_EOL, $sourceDat . PHP_EOL;
//加密
$encryptStr = $rsaObj->authcode($sourceDat);
echo 'string encrypt:' . PHP_EOL, $encryptStr . PHP_EOL;
//解密
$decryptStr = $rsaObj->authcode($encryptStr, 'decrypt');
echo 'string decrypt:' . PHP_EOL, $decryptStr . PHP_EOL;
/*
打印结果:
source data:
{"name":"jack","age":"22","address":"beijing"}
string encrypt:
teZXimlTfb3lqttxMoYd9L+0mSa2CiZ1UZdzYhZio4vZgxTXzBkZ0ruPv67l6CfgiSr87awMiHiC3RAFOCSpRxh9Ls03D2ZyRh6Va1oZboMf7Cz6L/oBiXFn3eki22U8dP0KIe
mVljLOP6L35Iy6WQpxTg49pRX3T78FEW0H2xo3VIUD4By6Z9UnW2QYNMad8lB0qKYnjPIzUf+UTDl0jyeFrAsKXaltCJMnuDcuCvEtS68v0+aL50Ce8H7hMQInxSAk0jBwC9bv
J0fhZD42h8x2mHqa+UlEWb7YUcsrWAfDFiEancLEZL7v50I1H4u50Ex22grb/fkLyD8JeaqnLrwVS4y4J8Ih+r1W0uVbW6HM5jbnTc6VKf9EpEjOYIg20JTpMRY4gBxZdl7SVI
kov5eMeCH4KKuNEUUXYQpsUGTx+rl5nt7f4RHZiQXTYEQN6Z/FN/cTo2rxDvOPRPq2G2G9uzHy8z6aU1N280iZdLbg6SJWZMk/2qH5CmCksVA2UkkAZaAa3Df5RHxe/I1NwVML
dNxQbwluS2XNPeFKZj2lFndtofhTwdWSq7F2TEKz2mUtAFWWVYMY5FxRKEA6mxmUMvVQm9P+YIqm/3+5LMqFLLVZVBHW+JbVcP9aQC1tYkK3hHXFZqMWOh6klLifQOUXHa5Qd0
Nz5LumIzrIv4k=
string decrypt:
{"name":"jack","age":"22","address":"beijing"}
*/
网友评论