php pki Encryption Technology of openssl details
- 2020-07-21 07:01:34
- OfStack
<?php
//pki encryption
// use pki Encryption needs to be on openssl extension
//php.ini extension = php_openssl.dll extension
/*pki Model is
* Public key encryption, private key decryption;
* Private key encryption, public key decryption;
*/
// Private key encryption, public key decryption
// The client
//$data data
$data = 'abcd';
// Access to the private key $priv_key_id
$priv_key_id = openssl_get_privatekey(file_get_contents('99bill-rsa.pem', r));
// To obtain the public key $pub_key_id
$pub_key_id = openssl_get_publickey(file_get_contents('99bill-rsa.cer', r));
//$data The preferred by SHA1 Hash encrypts and then passes $priv_key_id The private key is encrypted to generate a signature $signature
//$signature It's an encrypted signature
//openssl_sign() Encryption function, as for its decryption method I do not know???????????????????
openssl_sign($data, $signature, $priv_key_id, OPENSSL_ALGO_SHA1);
// There are two other encryption functions, and these two encryption functions have decryption methods, ok
// The first 1 Kind: Private key encryption, public key decryption
//$data The data to be encrypted, $crypted It's encrypted data, $decrypted Is the data generated by decryption; $data with $decrypted The same value
// through $priv_key_id Private key encryption, generated $crypted;
openssl_private_encrypt($data, $crypted, $priv_key_id);
echo $crypted;
// through $pub_key_id The public key is decrypted and generated $decrypted
openssl_public_decrypt($crypted, $decrypted , $pub_key_id);
// The first 2 Kinds: public key encryption, private key decryption
//$data The data to be encrypted, $crypted It's encrypted data, $decrypted Is the data generated by decryption; $data with $decrypted The same value
// through $pub_key_id Public key encryption, generated $crypted;
openssl_public_encrypt($data, $crypted, $pub_key_id);
// through $priv_key_id The private key is decrypted and generated $decrypted
openssl_private_decrypt($crypted, $decrypted, $priv_key_id);
// Note that my public key and private key file do not correspond
// Normally, getting public and private key files is 11 So I'm going to use the fast money here.
// The fast money is given to the private key generation file, and the corresponding public key generation file is on the fast money side
// The fast money is given to the public key generation file, and the corresponding private key generation file is on the fast money side
// So it's missing 1 Public key generation file and 1 A private key generation file
// I never found it 1 a 11 Corresponding private key, public key generation file, if you find send me 1 A: Thank you.
// openssl_verify() Method to verify that the signature is correct (the data generated by private key encryption is returned and verified with the corresponding public key), only this 1 Kind of situation.
// $signature The public key encrypts the data generated, $data Raw data, returned successfully 1 , return after failure 0 , error return -1
// $pub_key_id The public key
openssl_verify($data, $signature, $pub_key_id);
// To release a private or public key from memory
openssl_free_key($priv_key_id);
openssl_free_key($pub_key_id);
Generate private and public keys
genrsa -out private-rsa.pem
rsa -in private-rsa.pem -pubout -out pubic-rsa.cer