php openssl 实现非对称加密(RSA)
需非对称加密实现类类似jwt token 令牌可能需要
PHP 需要安装openssl 拓展才能实现
代码:
if (!function_exists('rsa')) { /** rsa非对称算法生成 * @return array */ function rsa(): array { $openssl_cnf_path = 'D:\phpstudy_pro\Extensions\Apache2.4.39\conf\openssl.cnf'; $config = array( 'config' => $openssl_cnf_path, "digest_alg" => "sha512", "private_key_bits" => 2048, "private_key_type" => OPENSSL_KEYTYPE_RSA, ); //创建私钥和公钥 $res = openssl_pkey_new($config); //获取私钥 openssl_pkey_export($res, $private_key, null, $config); //获取公钥 $public_key = openssl_pkey_get_details($res); $public_key = $public_key["key"]; return array($private_key, $public_key); } }
<?php return [ 'private_key' => '-----BEGIN PRIVATE KEY----- MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC+u96eM+bc1zpF 1SCcOYbn2mFvrdy5ne9J/8m4XNTHo+xz94q2WizhBCuvq+4tUiWIkaME5q0iHfel LbGYttIr1Ot5i+oGYjBjSTvm+xJy/1f8U5a3/JLjyarkSlr4gHzPL1Z6J9jG1OCl F0ssFv5coNy6gIPBW2aTW/hIiEWOmWHsBQmV+t5l1Ub3P6fWa2ZHoKebQEjjUHro k0HrN1dp16Wwa3r4GyNBDzJ03v6EUQXb+01XmnWTCFYZaGwg7649f7Aqs/CC8Ehm JRQdmXOCFtfwDxJ33cyAaytcGCoATE4ufmzbS75R4ej9ktBbD5Wa65BohWjSD38F L7IEAajDAgMBAAECggEBALka9PNOZahADOLG844KWn3bN6K99jACMb/8SVXuaeaS lSD6xZkxrMp4VLl5v34mchy3UqGoCbDJqpSY4vnVu+UkD593hRjK5DEHWuZRFlea rlZI/UX0Ds6Y4owKCX2QnRAp3eBRmZVl9dri32abriJRT8aEgNn/jW5H3I7wCalY TRcZ+ZeMaJjvjPFi7VE7n1bGwp+ppujKdvfsuRYhCm/nU6ALm3k925m5zfrKGFRw Mj+fiEsXpByhVm2fQ/VKinH5CojIc+LfBOImPkPrVL4xP6TH3F31SeKxUPvIMVAG 1GL42mCblnnjKWIbR2FT+O2eMs6hM6oyMObJrUfJQBkCgYEA9b4qaaUiQuBOBlk5 Uc7Z8WNU5D3IUZ+qjp76WIh3+ajABt7zvqu+7MgvznBS5jM/HHZqJBSq206hjJ87 D+e/ahuSQKAOSkpQIIpEA2Y+fdnoAr3go4T38U1u1A1h580hUMwuCrYkWwR+rUer Ynn7AQsS3vs2xCBeGOvkQ3GC5z0CgYEAxrHqvOoYo988eBDD2EPJNUmi3KDNGoyi qONJtEwIvC4jO/vRRuL2CRzJrFPzlZ+0IZgUzVY1L3e1wbOAg4RUIjlhBtY4S9nw Si3a6+lJYkjiQinxu3XMm7ajNqYDRZ2+lWuAhUToLvnOfla7IvKvJm2pckB0+t7/ osBJyRJfz/8CgYEAvVj+kxJTONZeKFQdb2SD15Pi+E6GiCYPo/7pBMh6MRsOgvzN MNBit010UIuJxKgd689t70khcQPARHr4ZkP54EdIRJVPDXz/CmOfDkN8yTnapCor 6bLt3Lb+O1PoaVRMZFY+76/yiVMITHnZm3JDrkUbEEbepvYNqwQviKvw4j0CgYEA ooXJAflhajkhFvxvlSftHr86jcihu8OpEQfIs8c1peb/PwM9LQRcRxvbAjAxIAPf rVLeQQ7wtgDvFJ+k0O6eetgAOz1iEvkTCTn0xd6t/cyr9X6lkbZLRFrhqcOlDX53 83RZTakNWc9PThvXOkDTb1VnsmJyzPk2lINAV03GPTUCgYAKUeOgq6+j0sANngZv 6yiP5GDhCl51vXzq7Ux+EWZvTI114pFrA3OaJh/iLHIqp4rrNwj/4lDIeWJzVfsJ oSYdR69NYtEF5zl7dYvOk5urxeqpzPemJ6U5urUAx3LGQm8DnAJ5Zl/XTDdstiv6 7/YpST9dmevw+Ot0q6A== -----END PRIVATE KEY-----', 'public_key' => '-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrvenjPm3Nc6RdUgnDmG 59phb63cuZ3vSf/JuFzUx6Psc/eKtlos4QQrr6vuLVIliJGjBOatIh33pS2xmLbS K9TreYvqBmIwY0k75vsScv9X/FOWt/yS48mq5Epa+IB8zy9WeifYxtTgpRdLLBb+ XKDcuoCDwVtmk1v4SIhFjplh7AUJlfreZdVG9z+n1mtmR6Cnm0BI41B66JNB6zdX adelsGt6+BsjQQ8ydN7+hFEF2/tNV5p1kwhWGWhsIO+uPX+wKrPwgvBIZiUUHZlz ghbX8A8Sd93MgGsrXBgqAExOLn5s20u+UeHo/ZLQWw+VmuuQaIVo0g9/BS+yBAGo wIDAQAB -----END PUBLIC KEY-----' ];
这个不能用哦,自己用我上面写的函数生成就行
下边是一个加密解密的代码示例:
private function getSecret($name): string { $key = Config::get('secretKey'); return $key[$name]; } public function createToken($data): string { $header = str_replace('=', '', base64_encode(json_encode(['alg' => 'RS512', 'type' => 'jwt'])));//头部声明 $payload = str_replace('=', '', base64_encode(json_encode($data)));//去掉== $public_key = openssl_pkey_get_public($this->getSecret('public_key'));//这个函数可用来判断公钥是否是可用的 openssl_public_encrypt($header . '.' . $payload, $encrypted, $public_key);//公钥加密 $encrypted = base64_encode($encrypted);//拿到签名,base64加密避免乱码 $signature = str_replace(['+', '/', '=='], ['-', '_', ''], $encrypted); return $header . '.' . $payload . '.' . $signature; } public function deciphering($key): array { $arr = explode('.', $key); $header = $arr[0]; $payload = $arr[1]; $comparison_key = $header . '.' . $payload; $signature = str_replace(['-', '_', ''], ['+', '/', '=='], $arr[2]); $encrypted = $signature; $private_key = openssl_pkey_get_private($this->getSecret('private_key'));//这个函数可用来判断私钥是否是可用的,可用返回资源id Resource id openssl_private_decrypt(base64_decode($encrypted), $decrypted, $private_key);//私钥解密 $decrypted目标值 return [$comparison_key, $decrypted]; }
