search
Homephp教程php手册php实现RSA加密类实例

php实现RSA加密类实例

Jun 13, 2016 am 09:09 AM
phprsamainencryptionExampleCase Analysisaccomplisharticlekind

php实现RSA加密类实例

 这篇文章主要介绍了php实现RSA加密类,实例分析了php自定义RSA类实现加密与解密的技巧,非常具有实用价值,需要的朋友可以参考下

 

 

本文实例讲述了php实现RSA加密类。分享给大家供大家参考。具体分析如下:

通过openssl实现的签名、验签、非对称加解密,需要配合x.509证书(如crt和pem)文件使用。
由于各种原因,该类并不十分完善,欢迎各种测试!

?

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

/**

* RSA算法类

* 签名及密文编码:base64字符串/十六进制字符串/二进制字符串流

* 填充方式: PKCS1Padding(加解密)/NOPadding(解密)

*

* Notice:Only accepts a single block. Block size is equal to the RSA key size!

* 如密钥长度为1024 bit,则加密时数据需小于128字节,加上PKCS1Padding本身的11字节信息,所以明文需小于117字节

*

* @author: linvo

* @version: 1.0.0

* @date: 2013/1/23

*/

class RSA{

private $pubKey = null;

private $priKey = null;

/**

* 自定义错误处理

*/

private function _error($msg){

die('RSA Error:' . $msg); //TODO

}

/**

* 构造函数

*

* @param string 公钥文件(验签和加密时传入)

* @param string 私钥文件(签名和解密时传入)

*/

public function __construct($public_key_file = '', $private_key_file = ''){

if ($public_key_file){

$this->_getPublicKey($public_key_file);

}

if ($private_key_file){

$this->_getPrivateKey($private_key_file);

}

}

/**

* 生成签名

*

* @param string 签名材料

* @param string 签名编码(base64/hex/bin)

* @return 签名值

*/

public function sign($data, $code = 'base64'){

$ret = false;

if (openssl_sign($data, $ret, $this->priKey)){

$ret = $this->_encode($ret, $code);

}

return $ret;

}

/**

* 验证签名

*

* @param string 签名材料

* @param string 签名值

* @param string 签名编码(base64/hex/bin)

* @return bool

*/

public function verify($data, $sign, $code = 'base64'){

$ret = false;

$sign = $this->_decode($sign, $code);

if ($sign !== false) {

switch (openssl_verify($data, $sign, $this->pubKey)){

case 1: $ret = true; break;

case 0:

case -1:

default: $ret = false;

}

}

return $ret;

}

/**

* 加密

*

* @param string 明文

* @param string 密文编码(base64/hex/bin)

* @param int 填充方式(貌似php有bug,所以目前仅支持OPENSSL_PKCS1_PADDING)

* @return string 密文

*/

public function encrypt($data, $code = 'base64', $padding = OPENSSL_PKCS1_PADDING){

$ret = false;

if (!$this->_checkPadding($padding, 'en')) $this->_error('padding error');

if (openssl_public_encrypt($data, $result, $this->pubKey, $padding)){

$ret = $this->_encode($result, $code);

}

return $ret;

}

/**

* 解密

*

* @param string 密文

* @param string 密文编码(base64/hex/bin)

* @param int 填充方式(OPENSSL_PKCS1_PADDING / OPENSSL_NO_PADDING)

* @param bool 是否翻转明文(When passing Microsoft CryptoAPI-generated RSA cyphertext, revert the bytes in the block)

* @return string 明文

*/

public function decrypt($data, $code = 'base64', $padding = OPENSSL_PKCS1_PADDING, $rev = false){

$ret = false;

$data = $this->_decode($data, $code);

if (!$this->_checkPadding($padding, 'de')) $this->_error('padding error');

if ($data !== false){

if (openssl_private_decrypt($data, $result, $this->priKey, $padding)){

$ret = $rev ? rtrim(strrev($result), "\0") : ''.$result;

}

}

return $ret;

}

// 私有方法

/**

* 检测填充类型

* 加密只支持PKCS1_PADDING

* 解密支持PKCS1_PADDING和NO_PADDING

*

* @param int 填充模式

* @param string 加密en/解密de

* @return bool

*/

private function _checkPadding($padding, $type){

if ($type == 'en'){

switch ($padding){

case OPENSSL_PKCS1_PADDING:

$ret = true;

break;

default:

$ret = false;

}

} else {

switch ($padding){

case OPENSSL_PKCS1_PADDING:

case OPENSSL_NO_PADDING:

$ret = true;

break;

default:

$ret = false;

}

}

return $ret;

}

private function _encode($data, $code){

switch (strtolower($code)){

case 'base64':

$data = base64_encode(''.$data);

break;

case 'hex':

$data = bin2hex($data);

break;

case 'bin':

default:

}

return $data;

}

private function _decode($data, $code){

switch (strtolower($code)){

case 'base64':

$data = base64_decode($data);

break;

case 'hex':

$data = $this->_hex2bin($data);

break;

case 'bin':

default:

}

return $data;

}

private function _getPublicKey($file){

$key_content = $this->_readFile($file);

if ($key_content){

$this->pubKey = openssl_get_publickey($key_content);

}

}

private function _getPrivateKey($file){

$key_content = $this->_readFile($file);

if ($key_content){

$this->priKey = openssl_get_privatekey($key_content);

}

}

private function _readFile($file){

$ret = false;

if (!file_exists($file)){

$this->_error("The file {$file} is not exists");

} else {

$ret = file_get_contents($file);

}

return $ret;

}

private function _hex2bin($hex = false){

$ret = $hex !== false && preg_match('/^[0-9a-fA-F]+$/i', $hex) ? pack("H*", $hex) : false;

return $ret;

}

}

测试demo:

?

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

header('Content-Type:text/html;Charset=utf-8;');

include "rsa.php";

echo '

';
            <p>$a = isset($_GET['a']) ? $_GET['a'] : '测试123';</p>
            <p>//////////////////////////////////////</p>
            <p>$pubfile = 'E:\ssl\cert\pwd.crt';</p>
            <p>$prifile = 'E:\ssl\cert\pwd.pem';</p>
            <p>$m = new RSA($pubfile, $prifile);</p>
            <p>$x = $m->sign($a);</p>
            <p>$y = $m->verify($a, $x);</p>
            <p>var_dump($x, $y);</p>
            <p>$x = $m->encrypt($a);</p>
            <p>$y = $m->decrypt($x);</p>
            <p>var_dump($x, $y);</p>
            
            

希望本文所述对大家的php程序设计有所帮助。

Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

Video Face Swap

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Tools

DVWA

DVWA

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software

EditPlus Chinese cracked version

EditPlus Chinese cracked version

Small size, syntax highlighting, does not support code prompt function

MinGW - Minimalist GNU for Windows

MinGW - Minimalist GNU for Windows

This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.

SecLists

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor