Detailed explanation of how PHP uses openssl encryption and decryption examples

Summary: php uses openssl encryption and decryption

Referenced other people’s articles and made notes myself

①Preparation
Find php.ini and remove the ';' in front of openssl.dll.
Find the location of openssl.cnf, mine is in D:\xampp\apache\conf.
Configure apache to support SSL: Open apache's configuration file conf/httpd.conf
LoadModule ssl_module modules/mod_ssl.so, Include conf/extra/httpd-ssl.conf
Remove the ## in front of the two lines ##Pay attention to modifying two fields in the httpd-ssl.conf file:
SSLCertificateFile "C:/Apache2.2/conf/server.crt"
SSLCertificateKeyFile "C:/Apache2.2/conf/server. key"

② Code

<?php
$config = array(    "private_key_bits" => 1024,                     //字节数    512 1024  2048   4096 等
    "private_key_type" => OPENSSL_KEYTYPE_RSA,     //加密类型
    "config" => "D:/xampp/apache/conf/openssl.cnf");
    $privkeypass = '123456789'; //私钥密码
    $numberofdays = 365;     //有效时长
    $cerpath = "./test.cer"; //生成证书路径
    $pfxpath = "./test.pfx"; //密钥文件路径
    $dn = array(    "countryName" => "UK",    "stateOrProvinceName" => "Somerset",    "localityName" => "Glastonbury",    "organizationName" => "The Brain Room Limited",    "organizationalUnitName" => "PHP Documentation Team",    "commonName" => "Wez Furlong",    "emailAddress" => "wez@example.com");// 生成公钥私钥资源$res = openssl_pkey_new($config);// 导出私钥 
$priKeyopenssl_pkey_export($res, $priKey,null,$config);//  导出公钥 
$pubKey$pubKey = openssl_pkey_get_details($res);
$pubKey = $pubKey["key"];
//print_r($priKey); 私钥
//print_r($pubKey); 公钥
//直接测试私钥 公钥
$data = '直接测试成功!';// 加密
openssl_public_encrypt($data, $encrypted, $pubKey);// 解密
openssl_private_decrypt($encrypted, $decrypted, $priKey);
echo $decrypted;//生成文件
$csr = openssl_csr_new($dn, $priKey,$config); //基于$dn生成新的 CSR （证书签名请求）
$sscert = openssl_csr_sign($csr, null, $priKey, 365,$config);//根据配置对证书进行签名
openssl_x509_export($sscert, $csrkey); //将公钥 证书存储到一个文件$sscert，由 PEM 编码格式命名。
openssl_pkcs12_export($sscert, $privatekey, $priKey, $privkeypass); //将私钥存储到名为的出 PKCS12 文件格式的字符串。 导出密钥$privatekey//生成证书文件$fp = fopen($cerpath, "w");
fwrite($fp, $csrkey);
fclose($fp);//生成密钥文件$fp = fopen($pfxpath, "w");
fwrite($fp, $privatekey);
fclose($fp);// 测试私钥 秘钥
$privkeypass = '123456789'; //私钥密码
$pfxpath = "./test.pfx"; //密钥文件路径
$priv_key = file_get_contents($pfxpath); //获取密钥文件内容
$data = "测试数据！"; 
//加密数据测试test
//私钥加密
openssl_pkcs12_read($priv_key, $certs, $privkeypass); //读取公钥、私钥
$prikeyid = $certs['pkey']; //私钥
openssl_sign($data, $signMsg, $prikeyid,OPENSSL_ALGO_SHA1); //注册生成加密信息
$signMsg = base64_encode($signMsg); //base64转码加密信息
//公钥解密
$unsignMsg=base64_decode($signMsg);//base64解码加密信息
openssl_pkcs12_read($priv_key, $certs, $privkeypass); //读取公钥、私钥
$pubkeyid = $certs['cert']; //公钥
$res = openssl_verify($data, $unsignMsg, $pubkeyid); //验证
echo $res?'证书测试成功！':'证书测试失败！';; //输出验证结果，1：验证成功，0：验证失败

The above is the detailed content of Detailed explanation of how PHP uses openssl encryption and decryption examples. For more information, please follow other related articles on the PHP Chinese website!