摘要:php 利用openssl加密解密
参考了别人的文章,自己做了笔记
①准备工作
找到php.ini 去掉openssl.dll前面的';'。
找到openssl.cnf的位置,我的在D:\xampp\apache\conf。
配置apache以支持SSL:打开apache的配置文件conf/httpd.conf
LoadModule ssl_module modules/mod_ssl.so、Include conf/extra/httpd-ssl.conf
去掉两行前面的#
注意修改httpd-ssl.conf 文件里的两个字段:
SSLCertificateFile "C:/Apache2.2/conf/server.crt"
SSLCertificateKeyFile "C:/Apache2.2/conf/server.key"
② 代码
<?php $config = array( "private_key_bits" => 1024, //字节数 512 1024 2048 4096 等 "private_key_type" => OPENSSL_KEYTYPE_RSA, //加密类型 "config" => "D:/xampp/apache/conf/openssl.cnf"); $privkeypass = '123456789'; //私钥密码 $numberofdays = 365; //有效时长 $cerpath = "./test.cer"; //生成证书路径 $pfxpath = "./test.pfx"; //密钥文件路径 $dn = array( "countryName" => "UK", "stateOrProvinceName" => "Somerset", "localityName" => "Glastonbury", "organizationName" => "The Brain Room Limited", "organizationalUnitName" => "PHP Documentation Team", "commonName" => "Wez Furlong", "emailAddress" => "wez@example.com");// 生成公钥私钥资源$res = openssl_pkey_new($config);// 导出私钥 $priKeyopenssl_pkey_export($res, $priKey,null,$config);// 导出公钥 $pubKey$pubKey = openssl_pkey_get_details($res); $pubKey = $pubKey["key"]; //print_r($priKey); 私钥 //print_r($pubKey); 公钥 //直接测试私钥 公钥 $data = '直接测试成功!';// 加密 openssl_public_encrypt($data, $encrypted, $pubKey);// 解密 openssl_private_decrypt($encrypted, $decrypted, $priKey); echo $decrypted;//生成文件 $csr = openssl_csr_new($dn, $priKey,$config); //基于$dn生成新的 CSR (证书签名请求) $sscert = openssl_csr_sign($csr, null, $priKey, 365,$config);//根据配置对证书进行签名 openssl_x509_export($sscert, $csrkey); //将公钥 证书存储到一个文件$sscert,由 PEM 编码格式命名。 openssl_pkcs12_export($sscert, $privatekey, $priKey, $privkeypass); //将私钥存储到名为的出 PKCS12 文件格式的字符串。 导出密钥$privatekey//生成证书文件$fp = fopen($cerpath, "w"); fwrite($fp, $csrkey); fclose($fp);//生成密钥文件$fp = fopen($pfxpath, "w"); fwrite($fp, $privatekey); fclose($fp);// 测试私钥 秘钥 $privkeypass = '123456789'; //私钥密码 $pfxpath = "./test.pfx"; //密钥文件路径 $priv_key = file_get_contents($pfxpath); //获取密钥文件内容 $data = "测试数据!"; //加密数据测试test //私钥加密 openssl_pkcs12_read($priv_key, $certs, $privkeypass); //读取公钥、私钥 $prikeyid = $certs['pkey']; //私钥 openssl_sign($data, $signMsg, $prikeyid,OPENSSL_ALGO_SHA1); //注册生成加密信息 $signMsg = base64_encode($signMsg); //base64转码加密信息 //公钥解密 $unsignMsg=base64_decode($signMsg);//base64解码加密信息 openssl_pkcs12_read($priv_key, $certs, $privkeypass); //读取公钥、私钥 $pubkeyid = $certs['cert']; //公钥 $res = openssl_verify($data, $unsignMsg, $pubkeyid); //验证 echo $res?'证书测试成功!':'证书测试失败!';; //输出验证结果,1:验证成功,0:验证失败
以上是有关php如何利用openssl加密解密实例详解的详细内容。更多信息请关注PHP中文网其他相关文章!