• PHP 之用证书对数据进行签名、验签、加密、解密

        /**
    *    对数据进行签名
    *    $data = 'If you are still new to things, we’ve provided a few walkthroughs to get you started.'; 签名数据
    *    $privatekeyFile = '/path/to/private.key'; 私钥
    *    $passphrase = ''; 密码
    */
    function sign($data, $privatekeyFile, $passphrase) 
    {
        // 摘要及签名的算法
        $digestAlgo = 'sha512';
        $algo = OPENSSL_ALGO_SHA1;
        // 加载私钥
        $privatekey = openssl_pkey_get_private(file_get_contents($privatekeyFile), $passphrase);
        // 生成摘要
        $digest = openssl_digest($data, $digestAlgo);
        // 签名
        $signature = '';
        openssl_sign($digest, $signature, $privatekey, $algo);
        //释放内存
        openssl_free_key($privatekey);
        $signature = base64_encode($signature);
         return $signature;
    }

    /**
    *    验签
    *    $data = 'If you are still new to things, we’ve provided a few walkthroughs to get you started.';
    *    $publickeyFile = '/path/to/public.key'; 公钥
    */
    function verify($data, $publickeyFile) 
    {
        // 摘要及签名的算法,同上面一致
        $digestAlgo = 'sha512';
        $algo = OPENSSL_ALGO_SHA1;
        // 加载公钥
        $publickey = openssl_pkey_get_public(file_get_contents($publickeyFile));
        // 生成摘要
        $digest = openssl_digest($data, $digestAlgo);
        // 验签
        $verify = openssl_verify($digest, base64_decode($signature), $publickey, $algo);
        openssl_free_key($publickey);
        return $verify; // int(1)表示验签成功
    }
    /**
    *    加密
    *    $data = 'If you are still new to things, we’ve provided a few walkthroughs to get you started.';
    *    $publickeyFile = '/path/to/public.key'; 公钥
    */
    function encrypt($data, $publickeyFile)
    {
        // 加载公钥
        $publickey = openssl_pkey_get_public(file_get_contents($publickeyFile));
        // 使用公钥进行加密
        $encryptedData = '';
        openssl_public_encrypt($data, $encryptedData, $publickey);
        return base64_encode($encryptedData);
    }
    /**
    *    解密
    *    $encryptedData 待解密数据
    *    $privatekeyFile = '/path/to/private.key'; 私钥
    *    $passphrase = ''; 密码
    */
    function decrypt($encryptedData, $privatekeyFile, $passphrase)
    {
        // 加载私钥
        $privatekey = openssl_pkey_get_private(file_get_contents($privatekeyFile), $passphrase);
        // 使用公钥进行加密
        $sensitiveData = '';
        openssl_private_decrypt(base64_decode($encryptedData), $sensitiveData, $privatekey);
        return $sensitiveData; // 应该跟$data一致
    }

  • 相关阅读:
    syslog日志格式解析
    Linux打补丁的一个简单例子
    Linux打补丁的一些问题
    安全漏洞整改解决方案(很不错网络文章)
    Linux系统启动过程
    chkconfig命令主要用来更新(启动或停止)和查询系统服务的运行级信息
    主机名/etc/hosts文件的作用
    Linux中如何配置IP相关文件
    /bin、/sbin、/usr/bin、/usr/sbin目录Linux执行文档的区别
    日志生成控制文件syslog.conf
  • 原文地址:https://www.cnblogs.com/yang-2018/p/10332028.html
Copyright © 2020-2023  润新知