这是我自己写的方法 可以一步一步去试试
<?php
namespace app\personnel\controller;
use think\Controller;
use think\Db;
use think\Request;
class Survey
{
private $gy = '-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCmkANmC849IOntYQQdSgLvMMGm
8V/u838ATHaoZwvweoYyd+/7Wx+bx5bdktJb46YbqS1vz3VRdXsyJIWhpNcmtKhY
inwcl83aLtzJeKsznppqMyAIseaKIeAm6tT8uttNkr2zOymL/PbMpByTQeEFlyy1
poLBwrol0F4USc+owwIDAQAB
-----END PUBLIC KEY-----';
private $sy = '-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKaQA2YLzj0g6e1h
BB1KAu8wwabxX+7zfwBMdqhnC/B6hjJ37/tbH5vHlt2S0lvjphupLW/PdVF1ezIk
haGk1ya0qFiKfByXzdou3Ml4qzOemmozIAix5ooh4Cbq1Py6202SvbM7KYv89syk
HJNB4QWXLLWmgsHCuiXQXhRJz6jDAgMBAAECgYAIF5cSriAm+CJlVgFNKvtZg5Tk
93UhttLEwPJC3D7IQCuk6A7Qt2yhtOCvgyKVNEotrdp3RCz++CY0GXIkmE2bj7i0
fv5vT3kWvO9nImGhTBH6QlFDxc9+p3ukwsonnCshkSV9gmH5NB/yFoH1m8tck2Gm
BXDj+bBGUoKGWtQ7gQJBANR/jd5ZKf6unLsgpFUS/kNBgUa+EhVg2tfr9OMioWDv
MSqzG/sARQ2AbO00ytpkbAKxxKkObPYsn47MWsf5970CQQDIqRiGmCY5QDAaejW4
HbOcsSovoxTqu1scGc3Qd6GYvLHujKDoubZdXCVOYQUMEnCD5j7kdNxPbVzdzXll
9+p/AkEAu/34iXwCbgEWQWp4V5dNAD0kXGxs3SLpmNpztLn/YR1bNvZry5wKew5h
z1zEFX+AGsYgQJu1g/goVJGvwnj/VQJAOe6f9xPsTTEb8jkAU2S323BG1rQFsPNg
jY9hnWM8k2U/FbkiJ66eWPvmhWd7Vo3oUBxkYf7fMEtJuXu+JdNarwJAAwJK0YmO
LxP4U+gTrj7y/j/feArDqBukSngcDFnAKu1hsc68FJ/vT5iOC6S7YpRJkp8egj5o
pCcWaTO3GgC5Kg==
-----END PRIVATE KEY-----';
//AES加密
public function encrypt($data, $key)
{
$data = openssl_encrypt($data, 'aes-128-ecb', base64_decode($key), OPENSSL_RAW_DATA);
return base64_encode($data);
}
//AES解密
public static function decrypt($data, $key)
{
$encrypted = base64_decode($data);
return openssl_decrypt($encrypted, 'aes-128-ecb', base64_decode($key), OPENSSL_RAW_DATA);
}
//随机生成key
public function GetRandStr($length)
{
//字符组合
$str = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$len = strlen($str) - 1;
$randstr = '';
for ($i = 0; $i < $length; $i++) {
$num = mt_rand(0, $len);
$randstr .= $str[$num];
}
return $randstr;
}
//公钥加密
public function gongencrypt($data)
{
$key = $this->gy;
//公钥加密
$public_key = openssl_pkey_get_public($key);
if (!$public_key) {
die('公钥不可用');
}
//第一个参数是待加密的数据只能是string,第二个参数是加密后的数据,第三个参数是openssl_pkey_get_public返回的资源类型,第四个参数是填充方式
$return_en = openssl_public_encrypt($data, $crypted, $public_key);
if (!$return_en) {
return ('加密失败,请检查RSA秘钥');
}
$eb64_cry = base64_encode($crypted);
return $eb64_cry;
}
//私钥加密
public function jiedecrypt($data)
{
$key = $this->sy;
//私钥解密
$private_key = openssl_pkey_get_private($key);
if (!$private_key) {
die('私钥不可用');
}
$return_de = openssl_private_decrypt(base64_decode($data), $decrypted, $private_key);
if (!$return_de) {
return ('解密失败,请检查RSA秘钥');
}
return $decrypted;
}
/**
* 获取待签名字符串
* @param array $params 参数数组
* @return string
*/
public function getSignString($params)
{
unset($params['sign']);
ksort($params);
reset($params);
$pairs = array();
foreach ($params as $k => $v) {
if (!empty($v)) {
$pairs[] = "$k=$v";
}
}
return implode('&', $pairs);
}
/**
* 生成签名
* @param string $signString 待签名字符串
* @param [type] $priKey 私钥
* @return string base64结果值
*/
public function getSign($signString, $priKey)
{
$privKeyId = openssl_pkey_get_private($priKey);
$signature = '';
openssl_sign($signString, $signature, $privKeyId);
openssl_free_key($privKeyId);
return base64_encode($signature);
}
/**
* 校验签名
* @param string $pubKey 公钥
* @param string $sign 签名
* @param string $toSign 待签名字符串
* @param string $signature_alg 签名方式 比如 sha1WithRSAEncryption 或者sha512
* @return bool
*/
public function checkSign($pubKey, $sign, $toSign, $signature_alg = OPENSSL_ALGO_SHA1)
{
$publicKeyId = openssl_pkey_get_public($pubKey);
$result = openssl_verify($toSign, base64_decode($sign), $publicKeyId, $signature_alg);
openssl_free_key($publicKeyId);
return $result === 1 ? true : false;
}
public function ceshi()
{
$data = input('');
//生成随机aesKey
$number = $this->GetRandStr(16);
$aesKey = $number;
$data = ["ss" => '测试啊大哥', "ww" => '真的',];
//加密data数据
$datas = json_encode($data);
//加密AES数据
$jiami = $this->encrypt($datas, $aesKey);
$sel = [
'aesKey' => $aesKey,
'data' => $jiami,
];
//解密AES数据
//$jiemi = $this->decrypt($jiami,$aesKey);
//第一步加密走完 aeskey(明文) data(密文) 签名无
//公钥加密
$a = $this->gongencrypt($aesKey);
$wel = [
'aesKey' => $a,
'data' => $jiami,
];
//私钥解密
//$b = $this->jiedecrypt($a);
//第二步加密走完 aeskey(密文) data(密文) 签名无
$signString = $this->getSignString($wel);
$priKey = $this->sy;
$sign = $this->getSign($signString, $priKey);
$tel = [
'aesKey' => $a,
'data' => $jiami,
'sign' => $sign,
];
//第三部走完 aesKey(密文) data(密文) 签名有
//解密第一步 验签 aesKey(密文) data(密文) 签名有
$pubKeys = $this->gy;
$res = $this->checkSign($pubKeys, $sign, $signString);
//解密第二步 解密RSA aesKey(明文) data(密文) 签名有
$tel['aesKey'] = $this->jiedecrypt($tel['aesKey']);
//解密第三步 解密AES aesKey(明文) data(明文) 签名有
$jiemi = $this->decrypt($tel['data'], $tel['aesKey']);
}
}
AES RSA 加密 RSA 验证签
于 2021-12-09 11:25:50 首次发布