1、随机生成一个密钥
2、用步骤1中的密钥将数据data用AES方式加密,得到加密后的内容
public function aesEncrypt($data, $key) { $data = openssl_encrypt($data, 'aes-128-ecb', base64_decode($key), OPENSSL_RAW_DATA); return base64_encode($data); }
3、准备一个公钥和私钥,两个必须相匹配,将步骤1生成的密钥用公钥进行RSA加密
public function rsaEncrypt($mess) { //APP公钥 $public_key = $this->getPubOrParent('pub'); $public_key = openssl_pkey_get_public($public_key); if(!$public_key){ die('公钥不可用'); } //第一个参数是待加密的数据只能是string,第二个参数是加密后的数据,第三个参数是openssl_pkey_get_public返回的资源类型,第四个参数是填充方式 $crypto = ''; foreach (str_split($mess, 117) as $chunk) { openssl_public_encrypt($chunk, $crypted, $public_key); $crypto .= $crypted; } return base64_encode($crypto); }
4、上述1,2,3步骤获取到加密后的内容,以及加密后的密钥,下面解密:
先用RSA方法获取私钥解密获取步骤1生成的密钥
/** * RSA解密 * @param $eb64_cry * @return string */ public function rsaDecrypt($eb64_cry) { //私钥解密 json sign $private_key = $this->getPubOrParent('pri'); $private_key = openssl_pkey_get_private($private_key); if(!$private_key){ die('私钥不可用'); } $crypto = ''; foreach (str_split(base64_decode($eb64_cry), 256) as $chunk) { openssl_private_decrypt($chunk, $decrypted, $private_key); $crypto .= $decrypted; } return $crypto; }
5、步骤4获取到解密后的密钥,再用密钥用AES方法去解密加密后的内容
public function aesDecrypt($data, $key) { $encrypted = base64_decode($data); return openssl_decrypt($encrypted, 'aes-128-ecb', base64_decode($key), OPENSSL_RAW_DATA); }