©
This document uses PHP Chinese website manual Release
(PHP 4 >= 4.0.6, PHP 5)
openssl_private_encrypt — Encrypts data with private key
$data
, string &$crypted
, mixed $key
[, int $padding
= OPENSSL_PKCS1_PADDING
] ) openssl_private_encrypt() encrypts data
with private key
and stores the result into
crypted
. Encrypted data can be decrypted via
openssl_public_decrypt() .
This function can be used e.g. to sign data (or its hash) to prove that it is not written by someone else.
data
crypted
key
padding
padding
can be one of
OPENSSL_PKCS1_PADDING
,
OPENSSL_NO_PADDING
.
成功时返回 TRUE
, 或者在失败时返回 FALSE
。
[#1] adityasingh at techknowtrends dot com [2012-04-02 21:18:11]
Here is a over simplified version of using the crypt capabilities for getting started:
$res = openssl_pkey_new();
// Get private key
openssl_pkey_export($res, $privkey);
// Get public key
$pubkey = openssl_pkey_get_details($res);
$pubkey = $pubkey["key"];
var_dump($privkey);
var_dump($pubkey);
// get some text from command line to work with
$tocrypt = trim(fgets(STDIN));
// some variables to work with
$encryptedviaprivatekey = ""; //holds text encrypted with the private key
$decryptedviapublickey = ""; // holds text which was decrypted by the public key after being encrypted with the private key, should be same as $tocrypt
$encryptedviapublickey = ""; // holds text that was encrypted with the public key
$decryptedviaprivatekey = ""; // holds text that was decrypted with the private key after being encrypted with the public key, should be the same as $tocrypt
openssl_private_encrypt($tocrypt, $encryptedviaprivatekey, $privkey);
echo $tocrypt . "->" . $encryptedviaprivatekey;
echo "\n\n";
openssl_public_decrypt($encryptedviaprivatekey, $decryptedviapublickey, $pubkey);
echo $encryptedviaprivatekey . "->" . $decryptedviapublickey;
echo "\n\n";
openssl_public_encrypt($tocrypt,$encryptedviapublickey, $pubkey);
echo $tocrypt . "->" . $encryptedviapublickey;
echo "\n\n";
openssl_private_decrypt($encryptedviapublickey, $decryptedviaprivatekey, $privkey);
echo $encryptedviapublickey . "->" . $decryptedviaprivatekey;
Output:
string(887) "-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCy745x8AqGKlTWBu2Ub80boPaQxo/midZ4LHZ0zbPpiCAfkADN
VYSe8OckPKutdjPX7SNAx66PgQRH1xrz1gysbRrf8K/mA0LQ00MKBFaFottWt5cC
IaUS9zvCgPw7prwng3hkGShnvTSMXiKFyt1E3RTvpXRk0u46D6hKiy+TSQIDAQAB
AoGBAJe1jjNCDtoz19vi4doBdIhhT8vt3iHbafBX2lMr+MceeAXqpRNy10+e9op9
uh0G4+vGDialZnYbMBLs6Ngl+nVnzn+cN1MMJ18brgf3biZKzVzK9wmOW4eycWaR
9eLa7/+ns8Cw5GsLJdG+OHR2gXRXU4hzUFdf90UUbP+kuqK1AkEA2X04XznFDNmT
NuhyCixwinlziazJBp/81jjaBhYj3cG0nTF0Gactc/yD0yudbrMqjLBfts+FbG3Z
yFHKrAB/cwJBANKetll3M3aCGsermEK+9hbB8yMihCju6pAwClUNkrAgrm9zU4LP
WkC81RDzXbz+pfIqpopfn34F3+U2iMiOe1MCQCXpTgpLZ631v1Oy8S4U0QlSYnF9
TQ16lfhBsL+e3GGrgnBkTniqS6IMQm5tC+RgFuqvU//p7LgZ7fydRVb2P0ECQFp9
YADuKskmutTAj6lVnCtI5upYgQmJJHQQf8/tBfHwCKHPnbic17zqpGwk80go7Ckw
U98tmDuv0HMNTBVGygsCQALck7VNBRjL9iFzJMFis+alcP1ZC88wOLPvIxYbevUH
c8rZwRqt1aHwaWOoxcVom+tyzRC6gEYoBarmU1bX4No=
-----END RSA PRIVATE KEY-----
"
string(272) "-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCy745x8AqGKlTWBu2Ub80boPaQ
xo/midZ4LHZ0zbPpiCAfkADNVYSe8OckPKutdjPX7SNAx66PgQRH1xrz1gysbRrf
8K/mA0LQ00MKBFaFottWt5cCIaUS9zvCgPw7prwng3hkGShnvTSMXiKFyt1E3RTv
pXRk0u46D6hKiy+TSQIDAQAB
-----END PUBLIC KEY-----
"
this is a test for crypting
( ?E@n?u?7F???+-M???k?7?;t?8[j??r???-T?++?YG?-????}9+k8OJn_??x??
d??+a??v.c??-?`,????5u?p%Z????I?? ?
( ?E@n?u?7F???+-M???k?7?;t?8[j??r???-T?++?YG?-????}9+k8OJn_??x??
d??+a??v.c??-?`,????5u?p%Z????I?? ?->this is a test for crypting
this is a test for crypting->hT!?_
#+?-????o???Ss+??Sn??-(??Ikl[???=?????+Uy??N,=b=+?T??meNo?A~???t???@????SV5??*????U?oP?Fq
-? O{????|,?IN)+_-?F+*?{|??G-???/????"PFL
hT!?_
#+?-????o???Ss+??Sn??-(??Ikl[???=?????+Uy??N,=b=+?T??meNo?A~???t???@????SV5??*????U?oP?Fq
-? O{????|,?IN)+_-?F+*?{|??G-???/????"PFL->this is a test for crypting
[#2] wfredkNOSPAM at L5DevelopmentNOSPAM dot com [2002-03-08 15:50:14]
Encrypt using private key, decrypt using public key.
Use this for posting signed messages: Anyone with access to
your public key can read it, but they can't create one with
your signature.
<?php
echo "Source: $source";
$fp=fopen("/path/to/private.key","r");
$priv_key=fread($fp,8192);
fclose($fp);
// $passphrase is required if your key is encoded (suggested)
$res = openssl_get_privatekey($priv_key,$passphrase);
openssl_private_encrypt($source,$crypttext,$res);
echo "String crypted: $crypttext";
$fp=fopen ("/path/to/certificate.crt","r");
$pub_key=fread($fp,8192);
fclose($fp);
openssl_get_publickey($pub_key);
openssl_public_decrypt($crypttext,$newsource,$pub_key);
echo "String decrypt : $newsource";
?>
[#3] billnet at tiscalinet dot it [2002-01-28 10:47:59]
<?php
$fp=fopen ("/path/to/key.pem","r");
$priv_key=fread ($fp,8192);
fclose($fp);
openssl_get_privatekey ($priv_key);
openssl_private_encrypt($source,$finaltext,$priv_key);
echo "String crypted: $finaltext";
?>
CIAO !