PHP implements RSA encryption class example_PHP tutorial-PHP Tutorial-php.cn

Home

Backend Development

PHP Tutorial

PHP implements RSA encryption class example_PHP tutorial

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jul 13, 2016 am 10:00 AM

phprsamainencryptionExampleCase Analysisaccomplisharticlekind

Example of RSA encryption class implemented in php

This article mainly introduces the implementation of RSA encryption class in php. The example analyzes the techniques of php custom RSA class to implement encryption and decryption, which is very useful. Practical value, friends in need can refer to it

The example in this article describes the implementation of RSA encryption class in PHP. Share it with everyone for your reference. The specific analysis is as follows:

Signature, signature verification, and asymmetric encryption and decryption implemented through openssl need to be used with x.509 certificate (such as crt and pem) files.
Due to various reasons, this class is not very complete, and various tests are welcome!

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

/**

* RSA algorithm class

* Signature and ciphertext encoding: base64 string/hex string/binary string stream

* Padding method: PKCS1Padding (encryption and decryption)/NOPadding (decryption)

* Notice:Only accepts a single block. Block size is equal to the RSA key size!

* If the key length is 1024 bit, the data during encryption must be less than 128 bytes, plus the 11 bytes of PKCS1Padding itself, so the plaintext must be less than 117 bytes

* @author: linvo

* @version: 1.0.0

* @date: 2013/1/23

class RSA{

private $pubKey = null;

private $priKey = null;

/**

* Custom error handling

private function _error($msg){

die('RSA Error:' . $msg); //TODO

}

/**

* Constructor

* @param string public key file (passed in during signature verification and encryption)

* @param string private key file (passed in when signing and decrypting)

public function __construct($public_key_file = '', $private_key_file = ''){

if ($public_key_file){

$this->_getPublicKey($public_key_file);

}

if ($private_key_file){

$this->_getPrivateKey($private_key_file);

}

/**

* Generate signature

* @param string signature material

* @param string signature encoding (base64/hex/bin)

* @return signature value

public function sign($data, $code = 'base64'){

$ret = false;

if (openssl_sign($data, $ret, $this->priKey)){

$ret = $this->_encode($ret, $code);

}

return $ret;

}

/**

* Verify signature

* @param string signature material

* @param string signature value

* @param string signature encoding (base64/hex/bin)

* @return bool

public function verify($data, $sign, $code = 'base64'){

$ret = false;

$sign = $this->_decode($sign, $code);

if ($sign !== false) {

switch (openssl_verify($data, $sign, $this->pubKey)){

case 1: $ret = true; break;

case 0:

case -1:

default: $ret = false;

}

return $ret;

}

/**

* Encryption

* @param string plain text

* @param string ciphertext encoding (base64/hex/bin)

* @param int filling method (it seems that PHP has a bug, so it currently only supports OPENSSL_PKCS1_PADDING)

* @return string ciphertext

public function encrypt($data, $code = 'base64', $padding = OPENSSL_PKCS1_PADDING){

$ret = false;

if (!$this->_checkPadding($padding, 'en')) $this->_error('padding error');

if (openssl_public_encrypt($data, $result, $this->pubKey, $padding)){

$ret = $this->_encode($result, $code);

}

return $ret;

}

/**

* Decryption

* @param string ciphertext

* @param string ciphertext encoding (base64/hex/bin)

* @param int padding method (OPENSSL_PKCS1_PADDING / OPENSSL_NO_PADDING)

* @param bool Whether to flip the plaintext (When passing Microsoft CryptoAPI-generated RSA cyphertext, revert the bytes in the block)

* @return string plain text

public function decrypt($data, $code = 'base64', $padding = OPENSSL_PKCS1_PADDING, $rev = false){

$ret = false;

$data = $this->_decode($data, $code);

if (!$this->_checkPadding($padding, 'de')) $this->_error('padding error');

if ($data !== false){

if (openssl_private_decrypt($data, $result, $this->priKey, $padding)){

$ret = $rev ? rtrim(strrev($result), "

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

How can you check if a PHP session has already started?Apr 30, 2025 am 12:20 AM

In PHP, you can use session_status() or session_id() to check whether the session has started. 1) Use the session_status() function. If PHP_SESSION_ACTIVE is returned, the session has been started. 2) Use the session_id() function, if a non-empty string is returned, the session has been started. Both methods can effectively check the session state, and choosing which method to use depends on the PHP version and personal preferences.

Describe a scenario where using sessions is essential in a web application.Apr 30, 2025 am 12:16 AM

Sessionsarevitalinwebapplications,especiallyfore-commerceplatforms.Theymaintainuserdataacrossrequests,crucialforshoppingcarts,authentication,andpersonalization.InFlask,sessionscanbeimplementedusingsimplecodetomanageuserloginsanddatapersistence.

How can you manage concurrent session access in PHP?Apr 30, 2025 am 12:11 AM

Managing concurrent session access in PHP can be done by the following methods: 1. Use the database to store session data, 2. Use Redis or Memcached, 3. Implement a session locking strategy. These methods help ensure data consistency and improve concurrency performance.

What are the limitations of using PHP sessions?Apr 30, 2025 am 12:04 AM

PHPsessionshaveseverallimitations:1)Storageconstraintscanleadtoperformanceissues;2)Securityvulnerabilitieslikesessionfixationattacksexist;3)Scalabilityischallengingduetoserver-specificstorage;4)Sessionexpirationmanagementcanbeproblematic;5)Datapersis

Explain how load balancing affects session management and how to address it.Apr 29, 2025 am 12:42 AM

Load balancing affects session management, but can be resolved with session replication, session stickiness, and centralized session storage. 1. Session Replication Copy session data between servers. 2. Session stickiness directs user requests to the same server. 3. Centralized session storage uses independent servers such as Redis to store session data to ensure data sharing.

Explain the concept of session locking.Apr 29, 2025 am 12:39 AM

Sessionlockingisatechniqueusedtoensureauser'ssessionremainsexclusivetooneuseratatime.Itiscrucialforpreventingdatacorruptionandsecuritybreachesinmulti-userapplications.Sessionlockingisimplementedusingserver-sidelockingmechanisms,suchasReentrantLockinJ

Are there any alternatives to PHP sessions?Apr 29, 2025 am 12:36 AM

Alternatives to PHP sessions include Cookies, Token-based Authentication, Database-based Sessions, and Redis/Memcached. 1.Cookies manage sessions by storing data on the client, which is simple but low in security. 2.Token-based Authentication uses tokens to verify users, which is highly secure but requires additional logic. 3.Database-basedSessions stores data in the database, which has good scalability but may affect performance. 4. Redis/Memcached uses distributed cache to improve performance and scalability, but requires additional matching

Define the term 'session hijacking' in the context of PHP.Apr 29, 2025 am 12:33 AM

Sessionhijacking refers to an attacker impersonating a user by obtaining the user's sessionID. Prevention methods include: 1) encrypting communication using HTTPS; 2) verifying the source of the sessionID; 3) using a secure sessionID generation algorithm; 4) regularly updating the sessionID.

See all articles