avatar

RSA生成公钥、私钥,加密解密测试

测试时建议把解密部分的 $_GET[‘n’] 换为密文, 因为浏览器中会把 base64中的+转换为空格(%20) 导致解密失败

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
<?php
extension_loaded('openssl') or die('php需要openssl扩展支持');
$sw = $_GET['t'];
$skpath = "./sk/"; //私钥路径
$pkpath = "./pk/"; //公钥路径
$userid = sha1($_GET['uid']);
switch ($sw){
case 'create': { //为用户生成公私钥
$res = openssl_pkey_new([
'private_key_bits'=>1024,
'private_key_type' => OPENSSL_KEYTYPE_RSA
]);//生成一个新的私钥和公钥对
$sk = openssl_pkey_export($res, $private_key);//PK作为PEM编码的字符串导出
echo "私钥(请保管好):::".$private_key."\n\n";

$pk = openssl_pkey_get_details($res);//此函数返回密钥详细信息(位,密钥,类型)
echo "公钥(给用户的):::".$pk['key']."\n\n";

$file = fopen($skpath . $userid . ".pem", "w");
fwrite($file, $private_key);
fclose($file);

$file = fopen($pkpath . $userid . ".pem", "w");
fwrite($file, $pk['key']);
fclose($file);
break;
}
case 'test': {
if(!file_exists($skpath.$userid.'.pem') && !file_exists($pkpath.$userid.".pem")){
die('公钥或私钥文件丢失,请重新生成');
}
$private_key = file_get_contents($skpath.$userid.'.pem');//校验私钥
$public_key = file_get_contents($pkpath.$userid.'.pem');//校验公钥
openssl_pkey_get_private($private_key)? true : die("私钥校验失败");
openssl_pkey_get_public($public_key)? true : die("公钥校验失败");
break;
}
case 'sen':{//私钥加密
if(!file_exists($skpath.$userid.'.pem') && !file_exists($pkpath.$userid.'.pem')){
die('公钥或私钥文件丢失,请重新生成');
}
$private_key = file_get_contents($skpath.$userid.'.pem');//校验私钥
$public_key = file_get_contents($pkpath.$userid.'.pem');//校验公钥
$nr = $_GET['n'];
openssl_private_encrypt($nr,$data,$private_key);
$data = base64_encode($data);
echo "文本内容:::".$nr."\n\n";
echo "事后密文:::".$data."\n\n";
break;
}
case 'sde':{//私钥解密
if(!file_exists($skpath.$userid.'.pem') && !file_exists($pkpath.$userid.".pem")){
die('公钥或私钥文件丢失,请重新生成');
}
$private_key = file_get_contents($skpath.$userid.'.pem');//校验私钥
$public_key = file_get_contents($pkpath.$userid.".pem");//校验公钥
$nr = $_GET['n'];
openssl_private_decrypt(base64_decode($nr),$data,$private_key);
echo "加密密文:::".$nr."\n\n";
echo "解密文本:::".$data."\n\n";
break;
}
case 'pen':{//公钥加密
if(!file_exists($skpath.$userid.'.pem') && !file_exists($pkpath.$userid.".pem")){
die('公钥或私钥文件丢失,请重新生成');
}
$private_key = file_get_contents($skpath.$userid.'.pem');//校验私钥
$public_key = file_get_contents($pkpath.$userid.".pem");//校验公钥
$nr = $_GET['n'];
openssl_public_encrypt($nr,$data,$public_key);
$data = base64_encode($data);
echo "公钥加密 \n\n\n";
echo "文本内容:::".$nr."\n\n";
echo "事后密文:::".$data."\n\n";
break;
}
case 'pde':{//公钥解密
if(!file_exists($skpath.$userid.'.pem') && !file_exists($pkpath.$userid.".pem")){
die('公钥或私钥文件丢失,请重新生成');
}
$private_key = file_get_contents($skpath.$userid.'.pem');//校验私钥
$public_key = file_get_contents($pkpath.$userid.".pem");//校验公钥
$nr = $_GET['n'];
openssl_public_decrypt(base64_decode($nr),$data,$public_key);
echo "公钥解密 \n\n\n";
echo "加密密文:::".$nr."\n\n";
echo "解密文本:::".$data."\n\n";
break;
}
}