PHP RSA2048加密解密以及接口的签名与验签
墨初 编程开发 1100阅读
上一篇文章说了一下在linux系统中生成RSA2048公钥与对应私钥文件的方法,那么这篇文章就说一说在php脚本中使用RSA2048加密/解密以及接口签名与验签的方法。
PHP RSA2048加密/解密的方法
1、php使用RSA2048公钥进行加密的方法
例:
# https://www.73so.com // 这里rsa2048 公钥 $publicKey = '-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRJ6it8Vnl3BUfJok8JYPMkAra vmjj/cUElcBgp9Ez4hw9rzloqszOye1cyYdkH9EJhp55wwhZl2B6Mx7kahu08wJn h90j0IVArKUYau9u2hOQ52+VvEAbTYh8LkWfN1gvtcquSVwqKRjmBApo1LTpOooD FrLRji8oiE7bLXHNgQIDAQAB -----END PUBLIC KEY-----'; //需要加密的数据 $data = [ 'order_id' => 'N2020020212345689232', 'money' => 1000000, 'user_id' => 1982, 'pay_type' => 'alipay', 'pay_time' => 1583213421 ]; $publicKey = openssl_pkey_get_public($publicKey); //解析公钥 $rs = openssl_public_encrypt(json_encode($data), $encrypted, $publicKey) ? base64_encode($encrypted) : null; echo $rs;
加密后的数据输出如下:
SZPCBda66jSwlR4G3lbhpoqFf3Q0+hFjv8ZeKfO6do2D22Tk+tRWYg9LNrdPK8DCQJaqnGlZ0Dzgf5Pa9AiYRrLESfBqiNCTf0OfvjuqXPF/TmNuIHnAw6hpgtAB7ORHIafG2HXEr1XExoEMePjae5/Eowoa5ofP86aPUz2+FXo=
2、php使用RSA2048私钥进行解密
例:
# https://www.73so.com // 加密后的数据 $encrypted = 'SZPCBda66jSwlR4G3lbhpoqFf3Q0+hFjv8ZeKfO6do2D22Tk+tRWYg9LNrdPK8DCQJaqnGlZ0Dzgf5Pa9AiYRrLESfBqiNCTf0OfvjuqXPF/TmNuIHnAw6hpgtAB7ORHIafG2HXEr1XExoEMePjae5/Eowoa5ofP86aPUz2+FXo='; // 这里rsa2048 公钥 $privateKey = '-----BEGIN PRIVATE KEY----- MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANEnqK3xWeXcFR8m iTwlg8yQCtq+aOP9xQSVwGCn0TPiHD2vOWiqzM7J7VzJh2Qf0QmGnnnDCFmXYHoz HuRqG7TzAmeH3SPQhUCspRhq727aE5Dnb5W8QBtNiHwuRZ83WC+1yq5JXCopGOYE CmjUtOk6igMWstGOLyiITtstcc2BAgMBAAECgYBmCrlLE+NON8++QOjXhV4GIYiK LDe0dAz5La6L+ZQhggFRPvn9TMdbZDz/9fquKK+tvBX5ReP/AdG6DNLXkcUt4yuG JomQ0qiUw8e2J5xglb0lfgMvFJAUAnBRr8bOwg6YrUcRI9PiXM/bwOnjjX9eA/Ox Bf7rmvQtfvSWqpEqgQJBAO++2sCInm8Mdy/RrN9A8CLx2Utzbb5e3K5i6Qr3H3As ++Gxx6RVhKhBoF2Kpy2abQclFnzuURH2d8Smun9yDjkCQQDfVdu0zi1OsX5mUuJa AUfali+eF+HK7uYte9oTJULn1ykJaBkUFYFK08bWURc/SKN4WT4wf537clFVbCl2 KbmJAkEAjR8KAwUoRXPQAJzqpmvCLr+vycMDWWjbe+cLCIJYxh4kkkCkpK4WLTic HhPMvoJFJUyGhTl/DRTIgUAnTXekuQJAP3FLZVRAaJ9hMb4P0NOWTtDlG/rayGQO /RK2w0ONewCTBroMjbkCLnh0foMwoGiJD3ICiZJnFXvHAQYlzQxTSQJAFHFi5UmT 99AX8DZ7gRnjFqrzjkEMIY2klKv26x6fSGcoQ7pYhbnj4S9pmUMthfdACWp9kTkW w5gQhVfGr8dOXA== -----END PRIVATE KEY-----'; $key = openssl_pkey_get_private($privateKey); //解析私钥 $encrypted = base64_decode($encrypted); //先base解密 //解密 $mydata = openssl_private_decrypt($encrypted, $decrypted, $key) ? $decrypted : null; echo $mydata;
解密后的数据如下:
{"order_id":"N2020020212345689232","money":1000000,"user_id":1982,"pay_type":"alipay","pay_time":1583213421}PS:
1、RSA2048的公钥与私钥可以直接放到php页面中加载
2、RSA2048的公钥与私钥也可以保存为文件使用
3、在php中可以使用fopen()函数读取保存为文件的公钥与私钥
PHP RSA2048的签名与验签的方法
1、php RSA2048签名的方法
在提交数据时,为了防止数据被人截取或篡改,需要在数据的发送与接受时,需要进行签名的验证,而数据的签名原理也很简单,客户端和服务端使用同样的签名算法,来计算签名,当客户端提交的签名,和服务端提供的签名一致的时候,就签名成功。
下面的示例是以RSA2048的私钥进行签名。
# https://www.73so.com
$privateKey = fopen("privateKey.key","r"); //读取私钥
$data = [
'order_id' => 'N2020020212345689232',
'money' => 1000000,
'user_id' => 1982,
'pay_type' => 'alipay',
'pay_time' => 1583213421
];
$privateKey = openssl_pkey_get_private($privateKey);
$signature = openssl_sign(json_encode($data), $sign, $privateKey, OPENSSL_ALGO_SHA256) ? base64_encode($sign) : null;
echo $signature;2、php RSA2048验签的方法
数据的签名验证可以使用RSA2048公钥进行签名验证。
# https://www.73so.com
$sign = 'eYg6ss/iOuie8....'; //接收客户端的签名
//接收客户端的原始数据
$publicKey = fopen("publicKey.key","r"); //读取公钥
$data = [
'order_id' => 'N2020020212345689232',
'money' => 1000000,
'user_id' => 1982,
'pay_type' => 'alipay',
'pay_time' => 1583213421
];
$publicKey = openssl_pkey_get_public($publicKey);
$rs = openssl_verify(json_encode($data), base64_decode($sign), $publicKey, OPENSSL_ALGO_SHA256);
var_dump($rs);
if ($rs) {
echo 'ok';
} else {
echo 'fail...';
}以上就是在php脚本中RSA2048加密/解密以及签名/验签的方法。