Home >Backend Development >PHP Tutorial >PHP generates certificates, keys and encrypts and decrypts data through OpenSSL

PHP generates certificates, keys and encrypts and decrypts data through OpenSSL

WBOY
WBOYOriginal
2016-07-25 08:45:161391browse

There is really little information about PHP generating certificate keys. After searching for a long time, I finally found the relevant information in the official documents. Based on my own understanding, I compiled the following code, which is divided into two parts: generating certificate keys and encryption. Decrypt data. Just copy it and make two files and run them. Detailed comments have been written, I believe all PHP programmers can understand them.

generate.php

  1. $dn = array(
  2. "countryName" => 'XX', //Name of the country where you are located
  3. "stateOrProvinceName" => 'State', //Name of the province where you are located
  4. "localityName" => 'SomewhereCity', //The name of the city
  5. "organizationName" => 'MySelf', //The name of the registrant
  6. "organizationalUnitName" => 'Whatever', //The name of the organization
  7. "commonName " => 'mySelf', //Public name
  8. "emailAddress" => 'user@domain.com' //Email
  9. );
  10. $privkeypass = '111111'; //Private key password
  11. $numberofdays = 365; //Validity period
  12. $cerpath = "./test.cer"; //Generate certificate path
  13. $pfxpath = "./test.pfx"; //Key file path
  14. //Generate certificate
  15. $ privkey = openssl_pkey_new();
  16. $csr = openssl_csr_new($dn, $privkey);
  17. $sscert = openssl_csr_sign($csr, null, $privkey, $numberofdays);
  18. openssl_x509_export($sscert, $csrkey); //Export Certificate $csrkey
  19. openssl_pkcs12_export($sscert, $privatekey, $privkey, $privkeypass); //Export key $privatekey
  20. //Generate certificate file
  21. $fp = fopen($cerpath, "w");
  22. fwrite($ fp, $csrkey);
  23. fclose($fp);
  24. //Generate key file
  25. $fp = fopen($pfxpath, "w");
  26. fwrite($fp, $privatekey);
  27. fclose($fp) ;
  28. ?>
Copy code

crypt.php
  1. $privkeypass = '111111'; //Private key password
  2. $pfxpath = " ./test.pfx"; //Key file path
  3. $priv_key = file_get_contents($pfxpath); //Get key file contents
  4. $data = "test"; //Encrypted data test test
  5. //Private key Encryption
  6. openssl_pkcs12_read($priv_key, $certs, $privkeypass); //Read public key and private key
  7. $prikeyid = $certs['pkey']; //Private key
  8. openssl_sign($data, $signMsg, $prikeyid ,OPENSSL_ALGO_SHA1); //Register to generate encrypted information
  9. $signMsg = base64_encode($signMsg); //base64 transcoded encrypted information
  10. //Public key decryption
  11. $unsignMsg=base64_decode($signMsg);//base64 decoded encryption Information
  12. openssl_pkcs12_read($priv_key, $certs, $privkeypass); //Read public key and private key
  13. $pubkeyid = $certs['cert']; //Public key
  14. $res = openssl_verify($data, $unsignMsg , $pubkeyid); //Verification
  15. echo $res; //Output the verification result, 1: verification successful, 0: verification failed
  16. ?>
Copy code


Encryption and decryption, PHP, OpenSSL


Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn