function test1(){ $config = array( "digest_alg" => "sha1", "private_key_bits" => 1024, "private_key_type" => OPENSSL_KEYTYPE_RSA, "encrypt_key" => false ); $res = openssl_pkey_new($config); openssl_pkey_export($res, $priKey); //获取私钥$priKey $pubKey = openssl_pkey_get_details($res); $pubKey = $pubKey['key'];//获得公钥 $pubKey var_dump('私钥:',$priKey); var_dump('公钥:',$pubKey); $data = 'zhangpeng';//要被加密的数据 openssl_public_encrypt($data,$encrypted,$pubKey);//用公钥加密 openssl_private_decrypt($encrypted, $decrypted, $priKey);//用私钥解密 var_dump($decrypted); } php环境下配置openssl实现签名验证 配置如下 1:编辑openssl,php5需要0.96以上版本 2:将编译好的libeay32.dll,ssleay32.dll放到system32目录下 3:将php.ini中的openssl.dll前面的;去掉 4:将php目录下的php_openssl.dll拷贝到system32目录下 5:设置环境变量 OPENSSL_CONF=c:opensslopenssl.cnf 其中php自带了一个cnf示例,在phpextrasopenssl目录下 编写测试代码: $config = array( "digest_alg" => "sha1", "private_key_bits" => 1024, "private_key_type" => OPENSSL_KEYTYPE_RSA, "encrypt_key" => false ); $privkey = openssl_pkey_new($config); openssl_pkey_export($privkey, $keydata); echo $keydata; http://www.alixixi.com/program/a/2008050731975.shtml 封装php的非对称加密RSA http://tiandiou.blog.163.com/blog/static/2355668220106108342139/ 将php的openssl扩展中的非对称加密函数封装成一个Rsa类。 需要注意的是,在windows上,需要打开openssl的配置文件,请参照官方的openssl扩展安装文档。 //以下说明2011-06-23添加 在windows上安装openssl扩展 1、将php路径下的两个库文件libeay32.dll和ssleay32.dll复制到操作system32下 2、配置openssl配置文件的位置,在php的路径下,有文件extras/openssl/openssl.cnf,添加环境变量OPENSSL_CONF指向这个文件的全路径。如何添加环境变量请google搜索之。 3、在php.ini里添加一行extension=php_openssl.dll 使用的demo: //====================demo======================= //以下是一个简单的测试demo,如果不需要请删除 $rsa = new Rsa('sslkey'); //sslkey为存放密钥的路径,将已有的密钥文件复制到该路径下,公钥名称为pub.key,私钥名称为priv.key $rsa->createKey(); //创建一对密钥,如果密钥对已经存在,不需调用 //私钥加密,公钥解密 echo 'source:我是老鳖<br />'; $pre = $rsa->privEncrypt('我是老鳖'); echo 'private encrypted:<br />' . $pre . '<br />'; $pud = $rsa->pubDecrypt($pre); echo 'public decrypted:' . $pud . '<br />'; //公钥加密,私钥解密 echo 'source:干IT的<br />'; $pue = $rsa->pubEncrypt('干IT的'); echo 'public encrypt:<br />' . $pue . '<br />'; $prd = $rsa->privDecrypt($pue); echo 'private decrypt:' . $prd; //========================demo====================== 本示例在windows7、php 5.2.14、openssl 0.98下开发 <?php /** * 使用openssl实现非对称加密 * * @author 老鳖<iamlaobie@gmail.com> * @since 2010-07-08 */ class Rsa { /** * private key */ private $_privKey; /** * public key */ private $_pubKey; /** * the keys saving path */ private $_keyPath; /** * the construtor,the param $path is the keys saving path */ public function __construct($path) { if(empty($path) || !is_dir($path)){ throw new Exception('Must set the keys save path'); } $this->_keyPath = $path; } /** * create the key pair,save the key to $this->_keyPath */ public function createKey() { $r = openssl_pkey_new(); openssl_pkey_export($r, $privKey); file_put_contents($this->_keyPath . DIRECTORY_SEPARATOR . 'priv.key', $privKey); $this->_privKey = openssl_pkey_get_private($privKey); $rp = openssl_pkey_get_details($r); $pubKey = $rp['key']; file_put_contents($this->_keyPath . DIRECTORY_SEPARATOR . 'pub.key', $pubKey); $this->_pubKey = openssl_pkey_get_public($pubKey); } /** * setup the private key */ public function setupPrivKey() { if(is_resource($this->_privKey)){ return true; } $file = $this->_keyPath . DIRECTORY_SEPARATOR . 'priv.key'; $prk = file_get_contents($file); $this->_privKey = openssl_pkey_get_private($prk); return true; } /** * setup the public key */ public function setupPubKey() { if(is_resource($this->_pubKey)){ return true; } $file = $this->_keyPath . DIRECTORY_SEPARATOR . 'pub.key'; $puk = file_get_contents($file); $this->_pubKey = openssl_pkey_get_public($puk); return true; } /** * encrypt with the private key */ public function privEncrypt($data) { if(!is_string($data)){ return null; } $this->setupPrivKey(); $r = openssl_private_encrypt($data, $encrypted, $this->_privKey); if($r){ return base64_encode($encrypted); } return null; } /** * decrypt with the private key */ public function privDecrypt($encrypted) { if(!is_string($encrypted)){ return null; } $this->setupPrivKey(); $encrypted = base64_decode($encrypted); $r = openssl_private_decrypt($encrypted, $decrypted, $this->_privKey); if($r){ return $decrypted; } return null; } /** * encrypt with public key */ public function pubEncrypt($data) { if(!is_string($data)){ return null; } $this->setupPubKey(); $r = openssl_public_encrypt($data, $encrypted, $this->_pubKey); if($r){ return base64_encode($encrypted); } return null; } /** * decrypt with the public key */ public function pubDecrypt($crypted) { if(!is_string($crypted)){ return null; } $this->setupPubKey(); $crypted = base64_decode($crypted); $r = openssl_public_decrypt($crypted, $decrypted, $this->_pubKey); if($r){ return $decrypted; } return null; } public function __destruct() { @ fclose($this->_privKey); @ fclose($this->_pubKey); } }
加密模式:CBC、CFB、CTR、ECB、OFB、NCFB
加密算法:Blowfish、DES、TripleDES、SAF-ER-SK128、TWOFISH、TEA、RC2、3-WAY、SAFER-SK64
对称性加密:特点:单密钥(即加密和解密都使用同一个密钥),加密速度快
常用的对称加密有:DES、IDEA、RC2、RC4、SKIPJACK、RC5、AES算法等
非对称性加密:特点:有两个密码(公钥和私钥)
广泛应用的不对称加密算法有RSA算法和美国国家标准局提出的DSA
非对称加密算法又名“公开密钥加密算法”,主要有:RSA、Elgamal、背包算法、Rabin、D-H、ECC