php rsa加密解密實例 及簽名驗證-自己實踐
阿新 • • 發佈:2018-04-01
date wql bio eee resource haar ted can open
<?php /** * Created by PhpStorm. * User: Administrator * Date: 2018/4/1 * Time: 1:50 */ //註意格式一定要有下面的標識符 $pub_key = "-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCjwmQtK4aYLSL/aOSH4g4fdTBT1JLzeRchbR6fMylOvTjGMh4IngxCwi7NAbTm8Edr02s7HXmo7oweLfqDRHvYPz7aH5Kt6gtjGzokfIVo6nN+3jDfoNBws+pPDaro5KbeIVO0kK16m+51yPS4R3lFF6bZcrGb+xq8A/QrPHxWNQIDAQAB -----END PUBLIC KEY-----"; $pri_key = "-----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQCjwmQtK4aYLSL/aOSH4g4fdTBT1JLzeRchbR6fMylOvTjGMh4IngxCwi7NAbTm8Edr02s7HXmo7oweLfqDRHvYPz7aH5Kt6gtjGzokfIVo6nN+3jDfoNBws+pPDaro5KbeIVO0kK16m+51yPS4R3lFF6bZcrGb+xq8A/QrPHxWNQIDAQABAoGAemICn8dRlVTWPO7VK8ADMftQnLXXBOJQKQj1w6BmlJPRZD18OJB1NUcN1uQZoCWeGrUsBEfo7hko2j0eZQ+/RRCanxM34l0cHP4WQLVYzZ5jGcAyFl3f6Ra4MKELGD3daynfct8z5+XsnD7Fwg/kWNWZ8NJIKHICoqBrgF6wnJkCQQDZUBhAarJsMdebDPw/wj8ovTYZWJf0oqoL+FjDsJF4p8e0MDMIGmsBTPbv5wVaF+8/EFTQ7PDhD0oWRKBpeT6/AkEAwOmgUPXWmxi/TtwjFfX7290GXERjkCwGc5Yj8bVh4YdjPl2ijaFFrogvr3gCKFDd9AD/Oz5zKcrxSl4H5sZcCwJBAMiUuD3E/fkFrFduDeqf1YI52xRcBK4F8mToDq5ZbHxsiNUVZBUHpVrm+kqG9xaoXujbnx3UhaWGYkDZiSKxiasCQQCD7MEX3KcgdbIOqfjMgeX1G5fH7XTxGUpoLVrzZwlDBCVYdww9MvbGPpfttXI0Q+klfrEMwM5c3E5afyeEKE61AkA0m6sjb5ypwXMbXo5+uSEHkpL0Qqb87SCRVV/Bli7OJNuv9DrdwVO27AA192WxUoDfC23faeeETB1Su4M785U6 -----END RSA PRIVATE KEY-----"; $str = "這個是要加密的字符串888"; //這個例子是演示RSA加密 //非對稱加密 分為 公鑰和私鑰 //通常 公鑰加密 私鑰解密,私鑰加密,公鑰解密 /* * 用到的加密函數 openssl_private_decrypt — Decrypts data with private key openssl_private_encrypt — Encrypts data with private key openssl_public_decrypt — Decrypts data with public key openssl_public_encrypt — Encrypts data with public key **/ //echo $private_key; $pi_key = openssl_pkey_get_private($pri_key);//這個函數可用來判斷私鑰是否是可用的,可用返回資源id Resource id $pu_key = openssl_pkey_get_public($pub_key);//這個函數可用來判斷公鑰是否是可用的 //print_r($pi_key);echo "\n"; //print_r($pu_key);echo "\n"; //公鑰加密過程 $enStr = ‘‘; openssl_public_encrypt($str,$enStr,$pu_key); //加密後的字符 有些無法顯示 需要 base64_encode ( string $data ) ,解密的時候不需要要 base64_decode ( string $data ) echo base64_encode ($enStr); echo "<br/>"; //私鑰解密過程 $deStr = ‘‘; //$enStr = base64_decode ( $enStr); openssl_private_decrypt($enStr,$deStr,$pi_key); echo $deStr; echo "<br/>"; //下面是簽名驗證例子 $binary_signature = ""; // At least with PHP 5.2.2 / OpenSSL 0.9.8b (Fedora 7) // there seems to be no need to call openssl_get_privatekey or similar. // Just pass the key as defined above openssl_sign($str, $binary_signature, $pi_key, OPENSSL_ALGO_SHA1); // Check signature $ok = openssl_verify($str, $binary_signature, $pu_key, OPENSSL_ALGO_SHA1); echo "check #1: "; if ($ok == 1) { echo "signature ok (as it should be)\n"; } elseif ($ok == 0) { echo "bad (there‘s something wrong)\n"; } else { echo "ugly, error checking signature\n"; }
淘寶開放平臺,安全簽名就是用的此算法, 我自己(商家開發者)生成有商家私鑰和商家公鑰,支付寶那邊有支付寶私鑰和支付寶公鑰。具體是商家把商家公鑰給支付寶(支付寶用作解密和簽名驗證),我們獲取支付寶公鑰(用來對支付寶發來的信息進行解密和簽名校驗)。
註意,私鑰一定是自己用的,公鑰給其他人用.
參考地址 : http://php.net/manual/en/function.openssl-private-decrypt.php
https://docs.open.alipay.com/58/103242
php rsa加密解密實例 及簽名驗證-自己實踐