Detailed explanation of php rsa encryption, decryption, signature, and signature verification

php rsa encryption, decryption, signature, signature verification

Since the third-party organization uses the Java version of rsa encryption and decryption method, I initially found many PHP versions of rsa encryption and decryption on the Internet, but most of them cannot be connected to java. Be applicable.

The following php version is suitable for docking with the java interface. To use the java-applicable key in the php language, you need to add it

-----BEGIN CERTIFICATE----- 
-----END CERTIFICATE-----

Use the key:
encryption public key public_key.cer

decryption private key private_key.key

Signature private key sign_key.key

Verification public key verify.cer

<?php
class RSAUtils{
  //加密公钥
  function redPukey()
  {    
    //拼接加密公钥路径
    $encryptionKeyPath="D:/encryptions.cer";   
    $encryptionKey4Server = file_get_contents($encryptionKeyPath);
  
    $pem = chunk_split(base64_encode($encryptionKey4Server),64,"\n");//转换为pem格式的公钥
    $pem = "-----BEGIN CERTIFICATE-----\n".$pem."-----END CERTIFICATE-----\n";
    $publicKey = openssl_pkey_get_public($pem);
    return $publicKey;
  }
    
  //解密私钥
  function redPikey()
  {    
    //拼接解密私钥路径
    $decryptKeyPath="D:/decrypts.key";   
    $decryptKey4Server = file_get_contents($decryptKeyPath);
  
    $pem = chunk_split($decryptKey4Server,64,"\n");//转换为pem格式的私钥
    $pem = "-----BEGIN PRIVATE KEY-----\n".$pem."-----END PRIVATE KEY-----\n";
    $privateKey = openssl_pkey_get_private($pem);
    return $privateKey;
  }
    
  //签名私钥
  function redSignkey()
  {    
    //拼接签名路径
    $signKeyPath="D:/DEMO/sign.key";
    $signKey4Server = file_get_contents($signKeyPath);
  
    $pem = chunk_split($signKey4Server,64,"\n");//转换为pem格式的私钥
    $pem = "-----BEGIN PRIVATE KEY-----\n".$pem."-----END PRIVATE KEY-----\n";
    $signKey = openssl_pkey_get_private($pem);
    return $signKey;
  }
    
  //验签公钥
  function redVerifykey()
  {    
    //拼接验签路径
    $verifyKeyPath="D:/DEMO/verify.cer";  
    $verifyKey4Server = file_get_contents($verifyKeyPath);
  
    $pem = chunk_split(base64_encode($verifyKey4Server),64,"\n");//转换为pem格式的公钥
    $pem = "-----BEGIN CERTIFICATE-----\n".$pem."-----END CERTIFICATE-----\n";
    $verifyKey = openssl_pkey_get_public($pem);
    return $verifyKey;
  }
    
  //公钥加密
  function pubkeyEncrypt($source_data, $pu_key) {
    $data = "";
    $dataArray = str_split($source_data, 117);
    foreach ($dataArray as $value) {
      $encryptedTemp = ""; 
      openssl_public_encrypt($value,$encryptedTemp,$pu_key);//公钥加密
      $data .= base64_encode($encryptedTemp);
    }
    return $data;
  }
    
  //私钥解密
  function pikeyDecrypt($eccryptData,$decryptKey) {
    $decrypted = "";
    $decodeStr = base64_decode($eccryptData);
    $enArray = str_split($decodeStr, 256);
  
    foreach ($enArray as $va) {
      openssl_private_decrypt($va,$decryptedTemp,$decryptKey);//私钥解密
      $decrypted .= $decryptedTemp;
    }
    return $decrypted;
  }
    
   
}
?>

Note:

Sometimes after encrypting with base64_encode, it is transmitted to other pages in the form of GET. When decrypted with base64_decode, garbled characters appear.

When I encountered this problem, I was wondering why some could be decrypted correctly, but some were garbled?

Later, after checking, I found that there were some Chinese characters. When they were passed in the GET format, + The number will be replaced with spaces.

In order to prevent garbled characters, I made a step of substitution and then decrypted it. Sure enough, the problem of garbled characters no longer exists!

For example, if you pass an oid variable in the form of GET , then when decrypting and restoring, first replace the spaces with + signs. Then the output will be normal.

As follows: $oid=base64_decode(str_replace(" ","+",$_GET[oid]));

Thank you for reading. I hope it can help you. Thank you for your support of this site. For more related content, please pay attention to the PHP Chinese website (www.php.cn) !