What is RSA2? How to implement PHP-RSA2 signature verification?-PHP Tutorial-php.cn

What is RSA2?

RSA2 is based on the original SHA1WithRSA signature algorithm and adds a new signature algorithm that supports SHA256WithRSA.

This algorithm has stronger security capabilities than SHA1WithRSA in terms of digest algorithm.

The SHA1WithRSA signature algorithm will continue to be supported, but for the security of your application, it is strongly recommended to use the SHA256WithRSA signature algorithm.

##RSA2SHA256WithRSA (strongly recommended), it is mandatory that the RSA key length is at least 2048RSASHA1WithRSAThere is no limit on the length of the RSA key, it is recommended to use more than 2048 bits

Development platform algorithm name	Standard signature algorithm name	Remarks

What companies are using it?

The development platforms of some large companies, such as Alipay and Sina Weibo.

Create private key and public key

//Generate the original RSA private key file

openssl genrsa -out rsa_private_key.pem 1024
//Convert the original RSA private key to pkcs8 Format
openssl pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt -out private_key.pem
//Generate RSA public key
openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key .pem
//We use the private key rsa_private_key.pem on the server side, and the public key is distributed to front-ends such as android and ios.

PHP-RSA2 signature verification

class Rsa2
{
    private static $PRIVATE_KEY = 'rsa_private_key.pem 内容';
    private static $PUBLIC_KEY  = 'rsa_public_key.pem 内容';

    /**
     * 获取私钥
     * @return bool|resource
     */
    private static function getPrivateKey()
    {
        $privKey = self::$PRIVATE_KEY;
        return openssl_pkey_get_private($privKey);
    }

    /**
     * 获取公钥
     * @return bool|resource
     */
    private static function getPublicKey()
    {
        $publicKey = self::$PUBLIC_KEY;
        return openssl_pkey_get_public($publicKey);
    }

    /**
     * 创建签名
     * @param string $data 数据
     * @return null|string
     */
    public function createSign($data = '')
    {
        if (!is_string($data)) {
            return null;
        }
        return openssl_sign(
                    $data,
                    $sign,
                    self::getPrivateKey(),
                    OPENSSL_ALGO_SHA256
                  ) ? base64_encode($sign) : null;
    }

    /**
     * 验证签名
     * @param string $data 数据
     * @param string $sign 签名
     * @return bool
     */
    public function verifySign($data = '', $sign = '')
    {
        if (!is_string($sign) || !is_string($sign)) {
            return false;
        }
        return (bool)openssl_verify(
                      $data,
                      base64_decode($sign),
                      self::getPublicKey(),
                      OPENSSL_ALGO_SHA256
                    );
    }
}

PHP call

require_once "Rsa2.php";
$rsa2 = new Rsa2();

$data = 'my data'; //待签名字符串

$strSign = $rsa2->createSign($data);      //生成签名
var_dump($strSign);

$is_ok = $rsa2->verifySign($data, $sign); //验证签名
var_dump($is_ok);

Recommended learning: "

PHP Video Tutorial"

The above is the detailed content of What is RSA2? How to implement PHP-RSA2 signature verification?. For more information, please follow other related articles on the PHP Chinese website!

What is RSA2? How to implement PHP-RSA2 signature verification?

Related articles