生成原始 RSA私钥文件
openssl genrsa -out rsa_private_key.pem 1024
将原始 RSA私钥转换为 pkcs8格式
openssl pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt -out private_key.pem
生成RSA公钥 rsa_public_key.pem
openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
<?php
function get_private_key() {
$abs_path = './data/rsa_private_key.pem';
$content = file_get_contents($abs_path);
return openssl_pkey_get_private($content);
}
function get_public_key() {
$abs_path = './data/rsa_public_key.pem';
$content = file_get_contents($abs_path);
return openssl_pkey_get_public($content);
}
function priv_encrypt($data = '') {
if (!is_string($data)) {
return null;
}
return openssl_private_encrypt($data, $encrypted, get_private_key()) ? base64_encode($encrypted) : null;
}
function priv_decrypt($encrypted = '') {
if (!is_string($encrypted)) {
return null;
}
return (openssl_private_decrypt(base64_decode($encrypted), $decrypted, get_private_key())) ? $decrypted : null;
}
function public_encrypt($data = '') {
if (!is_string($data)) {
return null;
}
return openssl_public_encrypt($data, $encrypted, get_public_key()) ? base64_encode($encrypted) : null;
}
function public_decrypt($encrypted = '') {
if (!is_string($encrypted)) {
return null;
}
return (openssl_public_decrypt(base64_decode($encrypted), $decrypted, get_public_key())) ? $decrypted : null;
}
//私钥加密
$encrypted = priv_encrypt('123456');
var_dump($encrypted);
//公钥解密
var_dump(public_decrypt($encrypted));
//公钥加密
$encrypted = public_encrypt('999999');
var_dump($encrypted);
//私钥解密
var_dump(priv_decrypt($encrypted));
注意: RSA加解密中必须考虑到的密钥长度、明文长度和密文长度问题。明文长度需要小于密钥长度,而密文长度则等于密钥长度。因此当加密内容长度大于密钥长度时,有效的RSA加解密就需要对内容进行分段