Home >Backend Development >PHP Tutorial >php RAS encryption class code

php RAS encryption class code

WBOY
WBOYOriginal
2016-07-25 08:43:161116browse
Signature, signature verification, and asymmetric encryption and decryption implemented through openssl need to be used with x.509 certificate (such as crt and pem) files.
  1. /**
  2. * RSA algorithm class
  3. * Signature and ciphertext encoding: base64 string/hex string/binary string stream
  4. * Padding method: PKCS1Padding (encryption and decryption)/NOPadding (decryption)
  5. *
  6. * Notice:Only accepts a single block. Block size is equal to the RSA key size!
  7. * If the key length is 1024 bit, the data during encryption must be less than 128 bytes, plus the 11 bytes of information of PKCS1Padding itself, so the plaintext must be less than 117 Bytes
  8. *
  9. * @author: linvo
  10. * @version: 1.0.0
  11. * @date: 2013/1/23
  12. */
  13. class RSA{
  14. private $pubKey = null;
  15. private $priKey = null;
  16. /**
  17. * Custom error handling
  18. */
  19. private function _error($msg){
  20. die('RSA Error:' . $msg); //TODO
  21. }
  22. /**
  23. * Constructor
  24. *
  25. * @param string public key file (passed in during signature verification and encryption)
  26. * @param string private key file (passed in during signature and decryption)
  27. */
  28. public function __construct($public_key_file = '', $private_key_file = ''){
  29. if ($public_key_file){
  30. $this->_getPublicKey($public_key_file);
  31. }
  32. if ($private_key_file){
  33. $this->_getPrivateKey($private_key_file);
  34. }
  35. }
  36. /**
  37. * Generate signature
  38. *
  39. * @param string signature material
  40. * @param string signature encoding (base64/hex/bin)
  41. * @return signature value
  42. */
  43. public function sign($data, $code = 'base64'){
  44. $ret = false;
  45. if (openssl_sign($data, $ret, $this->priKey)){
  46. $ret = $this->_encode($ret, $code);
  47. }
  48. return $ret;
  49. }
  50. /**
  51. * Verify signature
  52. *
  53. * @param string signature material
  54. * @param string signature value
  55. * @param string signature encoding (base64/hex/bin)
  56. * @return bool
  57. */
  58. public function verify($data, $sign, $code = 'base64'){
  59. $ret = false;
  60. $sign = $this->_decode($sign, $code);
  61. if ($sign !== false) {
  62. switch (openssl_verify($data, $sign, $this->pubKey)){
  63. case 1: $ret = true; break;
  64. case 0:
  65. case -1:
  66. default: $ret = false;
  67. }
  68. }
  69. return $ret;
  70. }
  71. /**
  72. * Encryption
  73. *
  74. * @param string plaintext
  75. * @param string ciphertext encoding (base64/hex/bin)
  76. * @param int padding method (it seems that PHP has a bug, so currently only OPENSSL_PKCS1_PADDING is supported)
  77. * @return string Secret text
  78. */
  79. public function encrypt($data, $code = 'base64', $padding = OPENSSL_PKCS1_PADDING){
  80. $ret = false;
  81. if (!$this->_checkPadding($padding, 'en')) $this->_error('padding error');
  82. if (openssl_public_encrypt($data, $result, $this->pubKey, $padding)){
  83. $ret = $this->_encode($result, $code);
  84. }
  85. return $ret;
  86. }
  87. /**
  88. * Decryption
  89. *
  90. * @param string ciphertext
  91. * @param string ciphertext encoding (base64/hex/bin)
  92. * @param int padding method (OPENSSL_PKCS1_PADDING / OPENSSL_NO_PADDING)
  93. * @param bool whether to flip the plaintext (When passing Microsoft CryptoAPI-generated RSA cyphertext, revert the bytes in the block)
  94. * @return string plaintext
  95. */
  96. public function decrypt($data, $code = 'base64', $padding = OPENSSL_PKCS1_PADDING, $rev = false){
  97. $ret = false;
  98. $data = $this->_decode($data, $code);
  99. if (!$this->_checkPadding($padding, 'de')) $this->_error('padding error');
  100. if ($data !== false){
  101. if (openssl_private_decrypt($data, $result, $this->priKey, $padding)){
  102. $ret = $rev ? rtrim(strrev($result), "
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn