介绍
RSA算法属于非对称加密算法,非对称加密算法需要两个秘钥:公开密钥(publickey)和私有秘钥(privatekey).公开密钥和私有秘钥是一对,如果公开密钥对数据进行加密,只有用对应的私有秘钥才能解密;如果私有秘钥对数据进行加密那么只有用对应的公开密钥才能解密.因为加密解密使用的是两个不同的秘钥,所以这种算法叫做非对称加密算法.简单的说就是公钥加密私钥解密,私钥加密公钥解密
准备
需要给PHP打开OpenSSL模块
代码
/**
* RSA算法属于非对称加密算法,非对称加密算法需要两个秘钥:公开密钥(publickey)和私有秘钥(privatekey).公开密钥和私有秘钥是一对,如果公开密钥对数据进行加密,只有用对应的私有秘钥才能解密;如果私有秘钥对数据进行加密那么只有用对应的公开密钥才能解密.因为加密解密使用的是两个不同的秘钥,所以这种算法叫做非对称加密算法.简单的说就是公钥加密私钥解密,私钥加密公钥解密.
* 需要给PHP打开OpenSSL模块
* 生成公钥和私钥的链接: http://web.chacuo.net/netrsakeypair
* openssl_pkey_get_public //检查公钥是否可用
* openssl_public_encrypt //公钥加密
* openssl_pkey_get_private //检查私钥是否可用
* openssl_private_decrypt //私钥解密
*
*/
// $str = '封装测试';
$str = json_encode(['a' => 1, 'b' => 2, 'f' => 6,]);
$cdata = RSA_openssl($str);
var_dump($cdata);
echo "<hr>";
$ddata = RSA_openssl($cdata, 'decode');
var_dump($ddata);
/**
* RSA数据加密解密
* @param type $data
* @param type $type encode加密 decode解密
*/
function RSA_openssl($data, $type = 'encode')
{
if (empty($data)) {
return 'data参数不能为空';
}
if (is_array($data)) {
return 'data参数不能是数组形式';
}
$rsa_public = 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqK7dJlIDd1OKncuMHvrKjytBIPnfuaRA3j9J+4odMrpWA+z+ZZTMVv8lNOBn2LoqgfcvhnyvVKRHCgfD3lH4cK85t2sAAk91LuOW9nR08OUaz038M/wBsjNSoEkLGb7W0N/Jc3Wlth4xdZWwrn1QnHJvJtxVRzqTntn9DqWt/peHwA5r3mrEvEW5WtRnsQfG5l2k0OykhynbHmJcURRTU4oEFKo1VFH17eOZ4iTNbc1QTKhKFApvdv2LShjKNnX/OoKG671f2qUNNuSkGifDYGHg9MLNgMnuw4nnYXjeZL/0uVu6zOyXHx1PIFL5qmsEZoOZ64kN8WrEN2EwvSS6uwIDAQAB';
if(empty($rsa_public)){
$rsa_public = '-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCmkANmC849IOntYQQdSgLvMMGm
8V/u838ATHaoZwvweoYyd+/7Wx+bx5bdktJb46YbqS1vz3VRdXsyJIWhpNcmtKhY
inwcl83aLtzJeKsznppqMyAIseaKIeAm6tT8uttNkr2zOymL/PbMpByTQeEFlyy1
poLBwrol0F4USc+owwIDAQAB
-----END PUBLIC KEY-----';
}
$rsa_private = 'MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQCort0mUgN3U4qdy4we+sqPK0Eg+d+5pEDeP0n7ih0yulYD7P5llMxW/yU04GfYuiqB9y+GfK9UpEcKB8PeUfhwrzm3awACT3Uu45b2dHTw5RrPTfwz/AGyM1KgSQsZvtbQ38lzdaW2HjF1lbCufVCccm8m3FVHOpOe2f0Opa3+l4fADmveasS8Rbla1GexB8bmXaTQ7KSHKdseYlxRFFNTigQUqjVUUfXt45niJM1tzVBMqEoUCm92/YtKGMo2df86gobrvV/apQ025KQaJ8NgYeD0ws2Aye7DiedheN5kv/S5W7rM7JcfHU8gUvmqawRmg5nriQ3xasQ3YTC9JLq7AgMBAAECggEBAINZZqtoQXqxesbUsQ+Oihxhuh1LdYLA/CITdjCAo6vUnRYBfTbsXxF/LCG4fCSvElqReFhozr5CDW8qDMMZYTOdvnusvh0OcllIr0zJ8iWCwRWbzD9OhKOWg0h8mEA78lpDaEKX4ammaSz+ms3Elvi7wwGnoGAOpNSVOhAlww7y95F2rApVq7UfFAhCORlf8lfr2dLruQQulSkl7sxF3Dee8ze3U6WWP7ezHmqBGd2mRWM0Ub8e55iooPYMkl+tYlZOTrhJvyy858mfORY5+HISrrnOf9lvWghmvKE9Dlm01F/cwu//fOBmGQxLJUSVIqh579OafQOm24JGCOv7o4ECgYEA9VCPmje1FEPOJJcXvtD9srwTURXBz64f4QevPymxlt2/gK4hxY8wF2kFuNA2ZSQI0wxHRpldAwwDCH+i5AYqP11vduGmFq9o2Usr8lyI6K+F+0kUM0ZYzTFZlAdxU4pW3FHJDt2/PyeLxgab5CWuoO93gpRw9KBarTHW0nJQNakCgYEAsAfNz4TpBw+Mhij1MsopkEDF7ITC1JuE5L1uaKFnG6pEdY/Q0TmqSlKwGS+hkss7Tc71UMFtI5TBJ5QDpGQ6PfBVnavRvYSrEF8a4ggre3psundnhVwyWQjGJu0QQMa65LECGm7dLRtkI6z6N25e2Gu1AP/LzjMQp+51AJMf48MCgYEAqnDEtWOLHn9V1LpdtyhBfFOMIEQ7mm3inFjYe8weJTIAggl6UWcBBOLlJNkVUgRNVUUsqHKZ2yoXWWpE5KUb6VajwTdaTFynPoIqEIQWY4TAVC0cKdvwivCEyoK5TE/LtdvlE70hyWFSjc29tjAwOoTmxgUYzf4zwi3kkeb2r7ECgYEAh7S8eethKsxV7WfOAGXSPR9ydrCy8u0iOqW/ZHJp5u4Q8QD6XxIxsjKlCAWsblq3UXjnrmYwGWoorrZxSF7sd6u8lV1MyOpqZqirNO5Pd1YeVHKRIEK/ndwhxwijqwyKMJw1nuMxKAEh5k8IZ4tzGy2N0UNif4jmolA3a0YBI7kCgYEAgOjIV1mYeV5RZsddpvvt5f/LK0y4Zqqprdb0qeF9gL5JNb9vZfOMN8Sf75YzrS5jETHItTpQnW8Ozjtd8G8NRqQV2Rz97D+eHFrYeoBzAK8+yG1FoiIHcQaG2DM5jrKqgDYCKXVkk4JerUa1boaxamgbx7VuqW46cEJxGQuHXkM=';
if(empty($rsa_private)){
$rsa_private = '-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKaQA2YLzj0g6e1h
BB1KAu8wwabxX+7zfwBMdqhnC/B6hjJ37/tbH5vHlt2S0lvjphupLW/PdVF1ezIk
haGk1ya0qFiKfByXzdou3Ml4qzOemmozIAix5ooh4Cbq1Py6202SvbM7KYv89syk
HJNB4QWXLLWmgsHCuiXQXhRJz6jDAgMBAAECgYAIF5cSriAm+CJlVgFNKvtZg5Tk
93UhttLEwPJC3D7IQCuk6A7Qt2yhtOCvgyKVNEotrdp3RCz++CY0GXIkmE2bj7i0
fv5vT3kWvO9nImGhTBH6QlFDxc9+p3ukwsonnCshkSV9gmH5NB/yFoH1m8tck2Gm
BXDj+bBGUoKGWtQ7gQJBANR/jd5ZKf6unLsgpFUS/kNBgUa+EhVg2tfr9OMioWDv
MSqzG/sARQ2AbO00ytpkbAKxxKkObPYsn47MWsf5970CQQDIqRiGmCY5QDAaejW4
HbOcsSovoxTqu1scGc3Qd6GYvLHujKDoubZdXCVOYQUMEnCD5j7kdNxPbVzdzXll
9+p/AkEAu/34iXwCbgEWQWp4V5dNAD0kXGxs3SLpmNpztLn/YR1bNvZry5wKew5h
z1zEFX+AGsYgQJu1g/goVJGvwnj/VQJAOe6f9xPsTTEb8jkAU2S323BG1rQFsPNg
jY9hnWM8k2U/FbkiJ66eWPvmhWd7Vo3oUBxkYf7fMEtJuXu+JdNarwJAAwJK0YmO
LxP4U+gTrj7y/j/feArDqBukSngcDFnAKu1hsc68FJ/vT5iOC6S7YpRJkp8egj5o
pCcWaTO3GgC5Kg==
-----END PRIVATE KEY-----';
}
//私钥解密
if ($type == 'decode') {
$private_key = openssl_pkey_get_private($rsa_private);
if (!$private_key) {
$rsa_private = "-----BEGIN RSA PRIVATE KEY-----\n" .
wordwrap($rsa_private, 64, "\n", true) .
"\n-----END RSA PRIVATE KEY-----";
$private_key = openssl_pkey_get_private($rsa_private);
if (!$private_key) {
return ('私钥不可用');
}
}
$key_len = openssl_pkey_get_details($private_key)['bits']; // 获取私钥的生成的长度
$decrypted = "";
$part_len = $key_len / 8;
//url 中的get传值默认会吧+号过滤成' ',替换回来就好了
str_replace('% ', '+', $encrypted);
$base64_decoded = base64_decode($encrypted);
$parts = str_split($base64_decoded, $part_len);
foreach ($parts as $part) {
$decrypted_temp = '';
openssl_private_decrypt($part, $decrypted_temp, $private_key);
$decrypted .= $decrypted_temp;
}
return $decrypted;
}
//公钥加密
$res = openssl_pkey_get_public($rsa_public);
if (!$res) {
$rsa_public = "-----BEGIN PUBLIC KEY-----\n" .
wordwrap($rsa_public, 64, "\n", true) .
"\n-----END PUBLIC KEY-----";
if (!$rsa_public) {
return false;
}
}
$key_len = openssl_pkey_get_details($rsa_public)['bits']; // 获取私钥的生成的长度
$encrypted = '';
$part_len = $key_len / 8 - 11;
$parts = str_split($data, $part_len);
foreach ($parts as $part) {
$encrypted_temp = '';
openssl_public_encrypt($part, $encrypted_temp, $rsa_public);
$encrypted .= $encrypted_temp;
}
return base64_encode($encrypted);
}
RSA类
<?php
namespace util;
/**
* rsa加密类
* Class Rsa
*/
class RsaUtil
{
const CHAR_SET = "UTF-8";
const BASE_64_FORMAT = "UrlSafeNoPadding";
const RSA_ALGORITHM_KEY_TYPE = OPENSSL_KEYTYPE_RSA;
const RSA_ALGORITHM_SIGN = OPENSSL_ALGO_SHA256;
protected $public_key;
protected $private_key;
protected $key_len;
public function __construct($pub_key = '', $pri_key = null)
{
if ($pub_key) {
$this->public_key = $pub_key;
$pub_id = openssl_pkey_get_public($this->public_key);
$this->key_len = openssl_pkey_get_details($pub_id)['bits'];
}
if ($pri_key) {
$this->private_key = $pri_key;
$pri_id = openssl_pkey_get_private($this->private_key);
$this->key_len = openssl_pkey_get_details($pri_id)['bits'];
}
}
/*
* 创建密钥对
*/
public static function createKeys($key_size = 1024)
{
$config = array(
"private_key_bits" => $key_size,
"private_key_type" => self::RSA_ALGORITHM_KEY_TYPE,
);
$res = openssl_pkey_new($config);
openssl_pkey_export($res, $private_key);
$public_key_detail = openssl_pkey_get_details($res);
$public_key = $public_key_detail["key"];
return array(
"public_key" => $public_key,
"private_key" => $private_key,
);
}
/*
* 公钥加密
*/
public function publicEncrypt($data)
{
$encrypted = '';
$part_len = $this->key_len / 8 - 11;
$parts = str_split($data, $part_len);
foreach ($parts as $part) {
$encrypted_temp = '';
openssl_public_encrypt($part, $encrypted_temp, $this->public_key);
$encrypted .= $encrypted_temp;
}
return base64_encode($encrypted);
}
/*
* 私钥解密
*/
public function privateDecrypt($encrypted)
{
$decrypted = "";
$part_len = $this->key_len / 8;
//url 中的get传值默认会吧+号过滤成' ',替换回来就好了
str_replace('% ', '+', $encrypted);
echo $encrypted;
$base64_decoded = base64_decode($encrypted);
$parts = str_split($base64_decoded, $part_len);
foreach ($parts as $part) {
$decrypted_temp = '';
openssl_private_decrypt($part, $decrypted_temp, $this->private_key);
$decrypted .= $decrypted_temp;
}
return $decrypted;
}
/*
* 私钥加密
*/
public function privateEncrypt($data)
{
$encrypted = '';
$part_len = $this->key_len / 8 - 11;
$parts = str_split($data, $part_len);
foreach ($parts as $part) {
$encrypted_temp = '';
openssl_private_encrypt($part, $encrypted_temp, $this->private_key);
$encrypted .= $encrypted_temp;
}
return base64_encode($encrypted);
}
/*
* 公钥解密
*/
public function publicDecrypt($encrypted)
{
$decrypted = "";
$part_len = $this->key_len / 8;
$base64_decoded = base64_decode($encrypted);
$parts = str_split($base64_decoded, $part_len);
foreach ($parts as $part) {
$decrypted_temp = '';
openssl_public_decrypt($part, $decrypted_temp, $this->public_key);
$decrypted .= $decrypted_temp;
}
return $decrypted;
}
/*
* 数据加签
*/
public function sign($data)
{
openssl_sign($data, $sign, $this->private_key, self::RSA_ALGORITHM_SIGN);
return base64_encode($sign);
}
/*
* 数据签名验证
*/
public function verify($data, $sign)
{
$pub_id = openssl_get_publickey($this->public_key);
$res = openssl_verify($data, base64_decode($sign), $pub_id, self::RSA_ALGORITHM_SIGN);
return $res;
}
}