java和PHP RSA加密实现互通
1:通过openssl 生成公钥和密钥文件(linux)
(1) 生产私钥文件命令
openssl genrsa -out rsa_private_key.pem 1024
生产结果
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbrbo/JaPJTJLl+6hfZm7uuLIr
t/hivaLfot32wq/nSzoSsYkoNk27Yy+n10ODoZ75/91Y8QoJKeoWe0Ik1H1DmMuw
Ef3eBoBCFn+eNjgZq6SIVBCNEnUaS0STmWqGPFKRFJ1Ujd4rJQ1tGFG3z3v9Cw2b
Kq41AAYMD7ZqLv2zfQIDAQAB
-----END PUBLIC KEY-----
(2) 通过私钥文件生成公钥命令
openssl rsa -in rsa_private_key.pem -out rsa_public_key.pem -pubout
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQCbrbo/JaPJTJLl+6hfZm7uuLIrt/hivaLfot32wq/nSzoSsYko
Nk27Yy+n10ODoZ75/91Y8QoJKeoWe0Ik1H1DmMuwEf3eBoBCFn+eNjgZq6SIVBCN
EnUaS0STmWqGPFKRFJ1Ujd4rJQ1tGFG3z3v9Cw2bKq41AAYMD7ZqLv2zfQIDAQAB
AoGAOzDkvZm8Go+I0vTKYet6hj2nUMQUJsbfpJQyPN5tL04E+JKUCbwL9hGSTwij
3OqYnYlRSb3sCOvs2ztmPMamEXOlLUb2SiFQ9hApie5r7ArdsiSz+OI+xrt8Q9zS
9dnYL/JMmaKnSHx3xVipSNrD4sxVaCLDv77k+54AtO7iZCkCQQDORC9B4UkfrfUd
t6FpOphctLbIejzl1oKb1bdowLsGD1Q78JGzU0nZIeaBTTIhFLjdcOXwOqdXYfhX
tmSRHIHTAkEAwTcCce1FM80mT4QOjdmAVaNPah1AjliuJBIDXN9vpP3+v0XMf4IS
9lEib/3eq+jXug0t9osdsHuIIVKc5A5TbwJBAI2iAjUhhb2MDJi4Q8xm4MIfkLb+
QJytfAeXa5YxaPqTQgraeKGDGl1PSuEUacyPVxUu9aTMEaYN7qID6vA9e+MCQQCa
2aeP/wUzWvuVRtUTQnnkKJqBBSiz7MbECdvAFyK3LQl56krW9jyURLpA30oSpO4g
Imfv69bDln2nlzo+XGzpAkBigEyscmneSvs9j78yhTKKiyvrkSRUuER3Xn1GmLIX
wnTJqJJchY7ZOd0SeFhwHGOUywb28+elra1yv9Pazany
-----END RSA PRIVATE KEY-----
(3) 将传统格式的私钥转换成 PKCS#8 格式的的密钥文件
openssl pkcs8 -topk8 -in rsa_private_key.pem -outpkcs8_rsa_private_key.pem -nocrypt
-----BEGIN PRIVATE KEY-----
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAJutuj8lo8lMkuX7
qF9mbu64siu3+GK9ot+i3fbCr+dLOhKxiSg2TbtjL6fXQ4Ohnvn/3VjxCgkp6hZ7
QiTUfUOYy7AR/d4GgEIWf542OBmrpIhUEI0SdRpLRJOZaoY8UpEUnVSN3islDW0Y
UbfPe/0LDZsqrjUABgwPtmou/bN9AgMBAAECgYA7MOS9mbwaj4jS9Mph63qGPadQ
xBQmxt+klDI83m0vTgT4kpQJvAv2EZJPCKPc6pidiVFJvewI6+zbO2Y8xqYRc6Ut
RvZKIVD2ECmJ7mvsCt2yJLP44j7Gu3xD3NL12dgv8kyZoqdIfHfFWKlI2sPizFVo
IsO/vuT7ngC07uJkKQJBAM5EL0HhSR+t9R23oWk6mFy0tsh6POXWgpvVt2jAuwYP
VDvwkbNTSdkh5oFNMiEUuN1w5fA6p1dh+Fe2ZJEcgdMCQQDBNwJx7UUzzSZPhA6N
2YBVo09qHUCOWK4kEgNc32+k/f6/Rcx/ghL2USJv/d6r6Ne6DS32ix2we4ghUpzk
DlNvAkEAjaICNSGFvYwMmLhDzGbgwh+Qtv5AnK18B5drljFo+pNCCtp4oYMaXU9K
4RRpzI9XFS71pMwRpg3uogPq8D174wJBAJrZp4//BTNa+5VG1RNCeeQomoEFKLPs
xsQJ28AXIrctCXnqStb2PJREukDfShKk7iAiZ+/r1sOWfaeXOj5cbOkCQGKATKxy
ad5K+z2PvzKFMoqLK+uRJFS4RHdefUaYshfCdMmoklyFjtk53RJ4WHAcY5TLBvbz
56WtrXK/09rNqfI=
-----END PRIVATE KEY-----
通过PHP代码进行RSA的加密解密
由于php 进行openssl_public_encrypt 加密后返回的是二进制数据,需要对其返回的加密后的数据进行二进制16进制编码base64_encode才可以显示,相应的java生产加密后生产的16进制加密字符串需要进行base64_decode进行机密后在进行openssl_private_decrypt,例如:openssl_private_decrypt(base64_decode($encryptData), $decryptData,$privateKey);
<?php
$privateKeyFilePath = '-----BEGIN RSAPRIVATE KEY-----
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAJutuj8lo8lMkuX7
qF9mbu64siu3+GK9ot+i3fbCr+dLOhKxiSg2TbtjL6fXQ4Ohnvn/3VjxCgkp6hZ7
QiTUfUOYy7AR/d4GgEIWf542OBmrpIhUEI0SdRpLRJOZaoY8UpEUnVSN3islDW0Y
UbfPe/0LDZsqrjUABgwPtmou/bN9AgMBAAECgYA7MOS9mbwaj4jS9Mph63qGPadQ
xBQmxt+klDI83m0vTgT4kpQJvAv2EZJPCKPc6pidiVFJvewI6+zbO2Y8xqYRc6Ut
RvZKIVD2ECmJ7mvsCt2yJLP44j7Gu3xD3NL12dgv8kyZoqdIfHfFWKlI2sPizFVo
IsO/vuT7ngC07uJkKQJBAM5EL0HhSR+t9R23oWk6mFy0tsh6POXWgpvVt2jAuwYP
VDvwkbNTSdkh5oFNMiEUuN1w5fA6p1dh+Fe2ZJEcgdMCQQDBNwJx7UUzzSZPhA6N
2YBVo09qHUCOWK4kEgNc32+k/f6/Rcx/ghL2USJv/d6r6Ne6DS32ix2we4ghUpzk
DlNvAkEAjaICNSGFvYwMmLhDzGbgwh+Qtv5AnK18B5drljFo+pNCCtp4oYMaXU9K
4RRpzI9XFS71pMwRpg3uogPq8D174wJBAJrZp4//BTNa+5VG1RNCeeQomoEFKLPs
xsQJ28AXIrctCXnqStb2PJREukDfShKk7iAiZ+/r1sOWfaeXOj5cbOkCQGKATKxy
ad5K+z2PvzKFMoqLK+uRJFS4RHdefUaYshfCdMmoklyFjtk53RJ4WHAcY5TLBvbz
56WtrXK/09rNqfI=
-----END RSA PRIVATE KEY-----';
/**
* 公钥文件的路径
*/
$publicKeyFilePath = '-----BEGIN PUBLICKEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbrbo/JaPJTJLl+6hfZm7uuLIr
t/hivaLfot32wq/nSzoSsYkoNk27Yy+n10ODoZ75/91Y8QoJKeoWe0Ik1H1DmMuw
Ef3eBoBCFn+eNjgZq6SIVBCNEnUaS0STmWqGPFKRFJ1Ujd4rJQ1tGFG3z3v9Cw2b
Kq41AAYMD7ZqLv2zfQIDAQAB
-----END PUBLIC KEY-----';
extension_loaded('openssl') or die('php需要openssl扩展支持');
/**
* 生成Resource类型的密钥,如果密钥文件内容被破坏,openssl_pkey_get_private函数返回false
*/
$privateKey =openssl_pkey_get_private($privateKeyFilePath);
/**
* 生成Resource类型的公钥,如果公钥文件内容被破坏,openssl_pkey_get_public函数返回false
*/
$publicKey =openssl_pkey_get_public($publicKeyFilePath);
($privateKey) or die('密钥不可用');
($publicKey) or die('公钥不可用');
/**
* 原数据
*/
$originalData = '我是PHP版本';
/**
* 加密以后的数据,用于在网路上传输
*/
$encryptData = '';
echo '原数据为:', $originalData, '<br />';
///用公钥加密
if (openssl_public_encrypt($originalData,$encryptData, $publicKey)) {
echo '加密成功,加密后数据(base64_encode后)为:', base64_encode($encryptData), '<br />';
echo '加密成功,加密后数据(bin2hex后)为:',bin2hex($encryptData), '<br/>';
} else {
die('加密失败');
}
///用私钥解密
$decryptData ='';
if (openssl_private_decrypt($encryptData,$decryptData, $privateKey)) {
echo '解密成功,解密后数据为:',$decryptData, '<br />';
} else {
die('解密成功');
}
?>