这次与Java服务端联调,对方采用SHA256WithRSA加密, 开始以为是对应php的openssl_sign()函数的默认签名算法,后面发现不是,遂记录避免以后踩坑.
class RSA
{
$public_key = 'aaaaaaaa';
$private_key = 'bbbbbb';
/**
* 格式公钥与私钥
* $key string 公钥或私钥
* $type string public|private
*/
public function formatKey($key,$type = 'public')
{
$key= chunk_split($key,64,"\n");
if ('public' == $type){
$key="-----BEGIN RSA PRIVATE KEY-----\n".$key."-----END RSA PRIVATE KEY-----\n";
} else {
$key="-----BEGIN RSA PRIVATE KEY-----\n".$key."-----END RSA PRIVATE KEY-----\n";
}
return $key;
}
/**
* 加密
* $encode_str string 待加密的字符串
* $key string 公钥或私钥,一般用私钥
* $type string OPENSSL_ALGO_SHA1|OPENSSL_ALGO_SHA256 对应sha1与sha2
*/
public function encode($encode_str,$key,$type = OPENSSL_ALGO_SHA1)
{
$result = false;
if (openssl_sign($data, $result, $key,$type)){
$result = base64_encode(''.$result);
}
return $result;
}
/**
* 验证
* $verfiy_str string 待验证的字符串
* $key string 公钥或私钥,一般用公钥
* $type string OPENSSL_ALGO_SHA1|OPENSSL_ALGO_SHA256 对应sha1与sha2
*/
public function verfiy($verfiy_str,$sign,$key,$type = OPENSSL_ALGO_SHA1)
{
return openssl_verify($verfiy_str,base64_decode($sign),$key,$type);
}
}