An example of MD5 combined with RSA signature algorithm implemented by PHP
- 2021-08-10 07:05:22
- OfStack
In this paper, the MD5 combined with RSA signature algorithm implemented by PHP is described as an example. Share it for your reference, as follows:
<?php
class Md5RSA{
/**
* Generate a digital signature using convention data and private key
* @param $data Data to be signed
* @return String Return signature
*/
public function sign($data='')
{
if (empty($data))
{
return False;
}
$private_key = file_get_contents(dirname(__FILE__).'/rsa_private_key.pem');
if (empty($private_key))
{
echo "Private Key error!";
return False;
}
$pkeyid = openssl_get_privatekey($private_key);
if (empty($pkeyid))
{
echo "private key resource identifier False!";
return False;
}
$verify = openssl_sign($data, $signature, $pkeyid, OPENSSL_ALGO_MD5);
openssl_free_key($pkeyid);
return $signature;
}
/**
* Validate legitimacy with public key and digital signature and contract data
* @param $data Data to be verified
* @param $signature Digital signature
* @return -1:error Validation error 1:correct Verification succeeded 0:incorrect Validation failed
*/
public function isValid($data='', $signature='')
{
if (empty($data) || empty($signature))
{
return False;
}
$public_key = file_get_contents(dirname(__FILE__).'/rsa_public_key.pem');
if (empty($public_key))
{
echo "Public Key error!";
return False;
}
$pkeyid = openssl_get_publickey($public_key);
if (empty($pkeyid))
{
echo "public key resource identifier False!";
return False;
}
$ret = openssl_verify($data, $signature, $pkeyid, OPENSSL_ALGO_MD5);
switch ($ret)
{
case -1:
echo "error";
break;
default:
echo $ret==1 ? "correct" : "incorrect";//0:incorrect
break;
}
return $ret;
}
}
Attached: openssl instructions for generating certificates and obtaining public and private keys
1. RSA mode
1. Create an CA root certificate 1) Create a directory RSA 2) Create the following subdirectories certs, crl, newcerts 3) Do the following under the RSA directory:
echo 01
>
serial
touch index.txt
openssl req-new-x509-newkey rsa: 1024-keyout CA. key-out CA. pem (Generate a self-signed CA certificate)
2. Client Certificate Request
openssl req-new-newkey rsa: 1024-keyout ddmdd_a. key-out ddmdd_a. req (generate the key and certificate request for ddmdd_a, note: the user information filled in here must be exactly the same as the CA certificate information)
openssl rsa-in ddmdd_a. key-pubout-out ddmdd_a. pub (export public key)
3. Issue certificates for customers
openssl ca-keyfile CA. key-cert CA. pem-ddmdd_a. req-out ddmdd_a. pem-pem (issue certificate ddmdd_a using CA key and certificate for ddmdd_a)
openssl ca-keyfile CA. key-cert CA. pem-in subca_rsareq. pem-out subca. pem-notext (issue Level 2 CA certificate)
4. Convert the certificate format
openssl x509 -inform pem -outform der -in ddmdd_a.pem -out ddmdd_a.der
openssl pkcs12 -export -in ddmdd_a.pem -inkey ddmdd_a_rsakey.pem -out ddmdd_a.pfx
openssl pkcs12 -in ddmdd_a.pfx -out ddmdd_a.pem
openssl rsa-in ddmdd_a. key-out ddmdd_a_open. key (Remove private key cryptography)
5. Generate a certificate revocation list
echo 01
>
crlnumber
openssl ca-keyfile CA. key-cert CA. pem-revoke ddmdd_a. pem (Revoke certificate ddmdd_a. pem from CA)
openssl ca-gencrl-keyfile CA. key-cert CA. pem-out CA. crl (Generate or update certificate revocation list)
6. View certificate information
openssl x 509-in CA. pem-noout text
2. DSA mode
1. Create an CA root certificate 1) Create a directory DSA 2) Create the following subdirectories certs, crl, newcerts 3) Do the following under the DSA directory:
echo 01
>
serial
touch index.txt
openssl dsaparam-out CA. para 1024 (Generate dsa Parameter File)
openssl req-new-x509-newkey dsa: CA. para-keyout CA. key-out CA. pem (Generate a self-signed CA certificate using the dsa parameter)
2. Client Certificate Request
openssl dsaparam-out ddmdd_b. para 1024 (Generate dsa Parameter File)
openssl req-new-newkey dsa: ddmdd_b. para-keyout ddmdd_b. key-out ddmdd_b. req (Use dsa parameter to generate ddmdd_b key and certificate request, note: the user information filled in here must be exactly the same as CA certificate information)
openssl dsa-in ddmdd_b. key-pubout-out ddmdd_b. pub (export public key)
3. Issue certificates for customers
openssl ca-keyfile CA. key-cert CA. pem-ddmdd_b. req-out ddmdd_b. pem (issue certificate ddmdd_b for ddmdd_b using CA key and certificate)
3. Get public and private keys
a) If the certificate is generated by the above method, the public key and private key can be obtained by 1 command.
Export public key:
DSA Mode: openssl dsa-in ddmdd_b. key-pubout-out ddmdd_b. pub. pem
RSA Mode: openssl rsa-in ddmdd_a. key-pubout-out ddmdd_a. pub. pem
Export private key:
openssl rsa -in server.key -text > private.pem
b) Generates public and private keys directly:
openssl genrsa -out private.pem 1024
openssl pkcs8 -nocrypt -topk8 -in private.pem -out pkcs8.pem
openssl rsa -pubout -in private.pem public.pem
Another: I don't know the recommendation of RSA algorithm. See Mr. Ruan's http://www.ruanyifeng.com/blog/2013/06/rsa _ algorithm _ part _ one. html
PS: Friends who are interested in encryption and decryption can also refer to the online tools of this site:
Text online encryption and decryption tools (including AES, DES, RC4, etc.):
http://tools.ofstack.com/password/txt_encode
MD5 Online Encryption Tool:
http://tools.ofstack.com/password/CreateMD5Password
Online hash/hash algorithm encryption tool:
http://tools.ofstack.com/password/hash_encrypt
Online MD5/hash/SHA-1/SHA-2/SHA-256/SHA-512/SHA-3/RIPEMD-160 Encryption Tool:
http://tools.ofstack.com/password/hash_md5_sha
Online sha1/sha224/sha256/sha384/sha512 Encryption Tool:
http://tools.ofstack.com/password/sha_encode
For more readers interested in PHP related contents, please check the special topics of this site: "Summary of php Encryption Methods", "Summary of PHP Encoding and Transcoding Operation Skills", "Summary of PHP Mathematical Operation Skills", "Encyclopedia of PHP Array (Array) Operation Skills", "Summary of php String (string) Usage", "Tutorial of PHP Data Structure and Algorithm", "Summary of php Programming Algorithm" and "Summary of php Regular Expression Usage"
I hope this article is helpful to everyone's PHP programming.