PHP中使用OpenSSL生成证书及加密解密
依赖于OpenSSL扩展
/*加密解密*/
function authcode($string, $operation = 'E') {
$ssl_public = file_get_contents(DATA_PATH."/conf/cert_public.key");
$ssl_private = file_get_contents(DATA_PATH."/conf/cert_private.pem");
$pi_key = openssl_pkey_get_private($ssl_private);//这个函数可用来判断私钥是否是可用的,可用返回资源id Resource id
$pu_key = openssl_pkey_get_public($ssl_public);//这个函数可用来判断公钥是否是可用的
if(false == ($pi_key || $pu_key)) return '证书错误';
$data = "";
if($operation=='D'){
openssl_private_decrypt(base64_decode($string),$data,$pi_key);//私钥解密
}else{
openssl_public_encrypt($string,$data,$pu_key);//公钥加密
$data = base64_encode($data);
}
return $data;
}
/*生成证书*/
function exportOpenSSLFile(){
$config = array(
"digest_alg" => "sha512",
"private_key_bits" => 4096, //字节数 512 1024 2048 4096 等
"private_key_type" => OPENSSL_KEYTYPE_RSA, //加密类型
);
$res = openssl_pkey_new($config);
if($res == false) return false;
openssl_pkey_export($res, $private_key);
$public_key = openssl_pkey_get_details($res);
$public_key = $public_key["key"];
file_put_contents(DATA_PATH."/conf/cert_public.key",$public_key);
file_put_contents(DATA_PATH."/conf/cert_private.pem",$private_key);
openssl_free_key($res);
}
更多关于OpenSS的文章可以查看下面的相关文章
