Detailed explanation of php rsa encryption, decryption, signature, and signature verification

php rsa encryption, decryption, signature, signature verification

Since the third-party organization uses the Java version of rsa encryption and decryption method, I first found many PHP versions of rsa encryption and decryption on the Internet. But most of them are not suitable for docking with java.

The following php version is suitable for docking with the java interface. The java applicable key needs to be added when using the php language.

-----BEGIN CERTIFICATE-----
  
-----END CERTIFICATE-----

Use key:
Encryption public key public_key.cer

Decryption private key private_key.key

Signature private key sign_key.key

Verification public key verify.cer

<?php
class RSAUtils{
  //加密公钥
  function redPukey()
  {   
    //拼接加密公钥路径
    $encryptionKeyPath="D:/encryptions.cer";  
    $encryptionKey4Server = file_get_contents($encryptionKeyPath);
 
    $pem = chunk_split(base64_encode($encryptionKey4Server),64,"\n");//转换为pem格式的公钥
    $pem = "-----BEGIN CERTIFICATE-----\n".$pem."-----END CERTIFICATE-----\n";
    $publicKey = openssl_pkey_get_public($pem);
    return $publicKey;
  }
   
  //解密私钥
  function redPikey()
  {   
    //拼接解密私钥路径
    $decryptKeyPath="D:/decrypts.key";  
    $decryptKey4Server = file_get_contents($decryptKeyPath);
 
    $pem = chunk_split($decryptKey4Server,64,"\n");//转换为pem格式的私钥
    $pem = "-----BEGIN PRIVATE KEY-----\n".$pem."-----END PRIVATE KEY-----\n";
    $privateKey = openssl_pkey_get_private($pem);
    return $privateKey;
  }
   
  //签名私钥
  function redSignkey()
  {   
    //拼接签名路径
    $signKeyPath="D:/DEMO/sign.key";
    $signKey4Server = file_get_contents($signKeyPath);
 
    $pem = chunk_split($signKey4Server,64,"\n");//转换为pem格式的私钥
    $pem = "-----BEGIN PRIVATE KEY-----\n".$pem."-----END PRIVATE KEY-----\n";
    $signKey = openssl_pkey_get_private($pem);
    return $signKey;
  }
   
  //验签公钥
  function redVerifykey()
  {   
    //拼接验签路径
    $verifyKeyPath="D:/DEMO/verify.cer"; 
    $verifyKey4Server = file_get_contents($verifyKeyPath);
 
    $pem = chunk_split(base64_encode($verifyKey4Server),64,"\n");//转换为pem格式的公钥
    $pem = "-----BEGIN CERTIFICATE-----\n".$pem."-----END CERTIFICATE-----\n";
    $verifyKey = openssl_pkey_get_public($pem);
    return $verifyKey;
  }
   
  //公钥加密
  function pubkeyEncrypt($source_data, $pu_key) {
    $data = "";
    $dataArray = str_split($source_data, 117);
    foreach ($dataArray as $value) {
      $encryptedTemp = "";
      openssl_public_encrypt($value,$encryptedTemp,$pu_key);//公钥加密
      $data .= base64_encode($encryptedTemp);
    }
    return $data;
  }
   
  //私钥解密
  function pikeyDecrypt($eccryptData,$decryptKey) {
    $decrypted = "";
    $decodeStr = base64_decode($eccryptData);
    $enArray = str_split($decodeStr, 256);
 
    foreach ($enArray as $va) {
      openssl_private_decrypt($va,$decryptedTemp,$decryptKey);//私钥解密
      $decrypted .= $decryptedTemp;
    }
    return $decrypted;
  }
   
  
}
?>

Note:

Sometimes after encrypting with base64_encode, it is transmitted to other pages in the form of GET. When decrypted with base64_decode, garbled characters appear.

When I encountered this problem, I was wondering why some could be decrypted correctly, but some were garbled?

After checking later, I found that there were some Chinese characters in the GET format When passed over, the + sign will be replaced with a space.

In order to prevent garbled characters, I made a step of substitution and then decrypted it. Sure enough, the problem of garbled characters no longer exists!

For example, if you pass an oid variable in the form of GET, then when decrypting and restoring, first replace the spaces with + signs. Then the output will be normal.

is as follows: $oid=base64_decode(str_replace(" ","+",$_GET[oid]));

Thank you for reading, I hope it can help you, thank you for your support of this site!

For more php rsa encryption, decryption, signature, and signature verification related articles, please pay attention to the PHP Chinese website!