首页 ? PHP ? RSA加密的公钥、私钥、签名、验签代码示例——RSA在通信过程的应用(PHP)

RSA加密的公钥、私钥、签名、验签代码示例——RSA在通信过程的应用(PHP)

添加评论 次下载365游戏棋牌游戏_365棋牌辅助透视好用吗_365手游棋牌免费送金币

【提示】 非法信息举报请联系本站小编 QQ:5.4069748.5

RSA加密、解密过程个人理解

用户A要传输字符串a给B的步骤:

1、拿到B的公钥加密a并加密成content

2、给字符串a打上标签sign表示这是A发出来的,此时sign打标的key是自己的私钥(因为A不可能把自己的私钥给别人看,别人要看我的签证,你拿我给的公钥去解密,如果能够正常解签,那就是正常的)

3、把content和sign并传输给B


用户B得到content和sign后的步骤:

1、 把content用自己的私钥解密,得到常规字符串a

2、 把sign和a通过A的公钥进行解签,如果返回true,表示验签成功,通信成功。


总结一下:

1、公钥是大家都可以看的,私钥是自己私有的,不可能给除了自己以外的任何人看到。

2、要给别人的东西,就用别人提供过来的公钥加密(因为别人的私钥不可能给你)。

3、给别人东西的同时,还需要跟别人说这是我给的(用自己的私钥给传输的内容加上签名),别人通过我的公钥,就能解签之后发现这个真是我的

4、既然都知道是谁的了,鉴权就通过啦。


RSA公钥、私钥生成方法(Linux)

openssl?genrsa?-out?rsa_private_key.pem?1024
openssl?pkcs8?-topk8?-inform?PEM?-in?rsa_private_key.pem?-outform?PEM?-nocrypt?-out?private_key.pem
openssl?rsa?-in?rsa_private_key.pem?-pubout?-out?rsa_public_key.pem

当前目录下:rsa_private_key.pem是私钥,rsa_public_key.pem是公钥


RSA加密、解密PHP代码实现如下


public?=?$public;
????????$this->private?=?$private;
????}
????public?function?getPublic(){
????????return?$this->public;
????}
????public?function?getPrivate(){
????????return?$this->private;
????}
}

class?RsaClient{

????private?$keySender;
????private?$keyReceiver;
????public?function?__construct(RsaKeys?$sender,RsaKeys?$receiver)
????{
????????$this->keySender?=?$sender;
????????$this->keyReceiver?=?$receiver;
????}

????public?function?receiveParams($data)
????{
????????$content?=?$data['content'];
????????$sign?=?$data['sign'];
????????$res?=?$this->decrypt($content,$this->keyReceiver->getPrivate());
????????$verify?=?$this->verify($res,$sign,$this->keySender->getPublic());
????????return?array($verify,$res);
????}

????public?function?sendParams($data)
????{
????????$paramStr?=?http_build_query($data);

????????$aDepositApiData?=?array();

????????if(
????????????($content?=?$this->encrypt($paramStr,$this->keyReceiver->getPublic()))
????????????&&?($sign?=?$this->sign($paramStr,$this->keySender->getPrivate()))
????????){
????????????$aDepositApiData?=?array(
????????????????'content'???????=>?$content,
????????????????'sign'??????????=>?$sign,
????????????);
????????}
????????return?$aDepositApiData;
????}

????public?function?encrypt($paramStr,$encryptKey)
????{
????????$encryptData?=?'';
????????foreach?(str_split($paramStr,?117)?as?$chunk){
????????????if?(openssl_public_encrypt($chunk,?$encrypted,?$encryptKey))?{
????????????????$encryptData?.=?$encrypted;
????????????}
????????}
????????return?base64_encode($encryptData);
????}

????public?function?decrypt($response,$encryptKey)
????{
????????$crypto?=?'';
????????foreach?(str_split(base64_decode($response),?128)?as?$chunk)?{

????????????openssl_private_decrypt($chunk,?$decryptData,?$encryptKey);

????????????$crypto?.=?$decryptData;
????????}

????????return?$crypto;
????}

????public?function?sign($paramStr,$key)
????{
????????openssl_sign($paramStr,?$sign,?$key);
????????return?base64_encode($sign);

????}

????public?function?verify($data,?$sign,$key)
????{
????????$publicKey?=?openssl_get_publickey($key);
????????$sign?=?base64_decode($sign);
????????return?(bool)openssl_verify($data,?$sign,?$publicKey);
????}

}

$sender?=?new?RsaKeys(P1_Public,P1_Private);
$receiver?=?new?RsaKeys(P2_Public,P2_Private);

$d?=?array();
$d['username']?=?'';
$d['password']?=?rand(1000,9999);

$client?=?new?RsaClient($receiver,$sender);

$res?=?$client->sendParams($d);
var_dump($res);

$result?=?$client->receiveParams($res);

var_dump($result);

rsa.php.tar.gz