堆栈内存溢出
  简体   繁体   English

如何为openssl_private_decrypt()提供私钥

[英]How to provide the private key for openssl_private_decrypt()

 原文  2014-01-04 10:06:19       php/ encryption/ base64

问题描述

I have encrypt some value with my public key. 我用我的公钥加密了一些值。 But I can't decrypt it with my private key. 但我不能用我的私钥解密它。 Is there any wrong with my code? 我的代码有什么问题吗?

This is my script: 这是我的脚本: 

<?php

$encrypted = "Q4tmeBDTS+M2UriF6zNBJYrWcXJuyclWVAFLZaOSNwTS0FOkqd/7yQ9KrwLe1IOT15DIB11694mfjLSjWL+yar/KnwrNVJUnUV3eRENr5nRQcBUxyI9Hst88wNs9UBTH+U0aiUgitWWNZIL2YwlAbvjB3YuLLM75IT2VG+ElTKY=";

$decrypted = "";

$privateKey = <<<EOD
MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBAK92ohKTxz/njXNX
5DV5EL1qlj+wh3O9AobufxyMpyU2WCxfFFgqUF6fBGos3QelSR75f5XvpoiYDrdB
ADKUmpkjKrYGOLSTYN5fyCmi7C4poQWsXpT4VVSYJQkwZhtI9XoxXwycfvRNKqTf
FdihYqDJ3z2uHmWoV4KSu6PZrqzJAgMBAAECgYEAmwvShWXuQErlVFILBzFWmHoy
EE92MdCIBiGDUv/6xsgxu+u8d3fUkvgjF4tTOOlWJrfDhQNCfhsXjdkzSn7D6Cqb
NFBSbBf+kr/IaBX/mDA34HroGlewYchgS0SRMz+SE24+5gmA6QL31FkLI+OnADtl
LnKkkFd8l7Kvv7GWfR0CQQDv2peFblMa3OujQFbdEuH5ChiDeu+5knZx0acB+0s8
dAYyTtyalThjiOfUP12BJLZRegSls8KqBjvjTAWYR8B7AkEAu0ZmDn9qLo+G3S0D
Ex81TQbet/nu1LwiFhEF/aW5/b5yvm/3h0XwyIN3Bn/DR431tKViO8HPfsHzjPrl
RmReiwJBAMAMnARHuR0qRTbbHnI3W16n2cb1GZvSDSrHftzUVIKcOBXyFStlTdhM
16uX7Qup1J3agHwZOkYfZbZyuYwb758CQQCImuCFAMI2dnF80oGkqCYcKr+5WbGy
Mg13JTHGhOX3xr0yVsArR4RM70CaWAXdIxswi1btmgE+SEHc+4LU5w/jAkEA734/
UEszK8EZkcY/I0RI+WBUo0S9g3CvlgmMKewQkU8boi3AjFTzECMqBxfYAZHfOTr5
WCHS8ImF4xhmXSTTdQ==
EOD;
$encrypted = base64_decode($str); // decode the encrypted query string
if (!openssl_private_decrypt($encrypted, $decrypted, $privateKey))
die('Failed to decrypt data');
echo "Decrypted value: ". $decrypted; ?>

4 个解决方案

解决方案1
 4  2014-01-05 04:47:09

On the first comment for openssl_private_decrypt() you can find an example. openssl_private_decrypt()的第一条评论中,您可以找到一个示例。 In this example you can see that the key parameter is the result of the method openssl_get_privatekey() , which is an alias for openssl_pkey_get_private() . 在本例中可以看到的是,关键的参数是该方法的结果openssl_get_privatekey()其是用于别名openssl_pkey_get_private()

The manual for openssl_pkey_get_private() says key can be one of the following: openssl_pkey_get_private()的手册说key可以是以下之一:

  1. a string having the format file://path/to/file.pem. 格式为file://path/to/file.pem的字符串。 The named file must contain a PEM encoded certificate/private key (it may contain both). 指定的文件必须包含PEM编码的证书/私钥(它可能包含两者)。

  2. A PEM formatted private key. PEM格式的私钥。

In your case 2 applies. 在你的情况下2适用。 So put those removed lines of the key back and use openssl_get_privatekey() : 所以把那些被删除的键的行放回去并使用openssl_get_privatekey() 

$privateKey = <<<EOD
-----BEGIN PRIVATE KEY-----
MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBAK92ohKTxz/njXNX
[..]
WCHS8ImF4xhmXSTTdQ==
-----END PRIVATE KEY-----
EOD;

$res = openssl_get_privatekey($privateKey);

openssl_private_decrypt($encrypted, $decrypted, $res)

解决方案2
 1  2014-06-01 15:25:31

I was getting this same error, even though I was using openssl_pkey_get_private(). 我得到了同样的错误,即使我使用的是openssl_pkey_get_private()。 The following finally worked for me. 以下最终对我有用。 When you use openssl_pkey_get_private(), don't forget to put the 'file://' at the beginning of your path string: 当您使用openssl_pkey_get_private()时,不要忘记将'file://'放在路径字符串的开头: 

// get the public-key-encrypted message
$encstr = $_POST['payload'];
$encbytes = base64_decode($encstr);  // (I've base 64 encoded my encrypted string, in order to pass it over http)

// get the private key
$privkey = openssl_pkey_get_private('file:///opt/shavsoft/sg/privkey.pem');

// decrypt the message with the private key and log it out
$dectext = "";
openssl_private_decrypt($encbytes,$dectext,$privkey); //,OPENSSL_NO_PADDING);
LogMessage("dectext: $dectext");

解决方案3
 1  2014-08-18 02:43:28

Have you tried the different PADDING options with openssl_private_decrypt? 您是否尝试过使用openssl_private_decrypt的不同PADDING选项?

http://php.net/manual/en/function.openssl-private-decrypt.php http://php.net/manual/en/function.openssl-private-decrypt.php

解决方案4
 0  2018-08-15 10:13:57

Is there any wrong with my code? 我的代码有什么问题吗?

Yes. 是。 You need to change the first line's variable from $encrypted to $str . 您需要将第一行的变量从$encrypted更改$str After you also fix the PEM format of your private key, the script will then work and return: 在您还修复了私钥的PEM格式之后,该脚本将工作并返回: 

Decrypted value: 28366584-04/01/2014:03.02|2|Transaction is completed|10|EXP_TRAVEL_MERCHANT|20140104000034

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP:openssl_private_decrypt():key 参数不是有效的私钥 - PHP: openssl_private_decrypt(): key parameter is not a valid private key 无法解密数据 - openssl_private_decrypt(): key 参数不是有效的私钥 - Unable to decrypt data - openssl_private_decrypt(): key parameter is not a valid private key 无法使用 openssl_private_decrypt 解密任何消息 - Can't decrypt any message with openssl_private_decrypt openssl_private_decrypt不返回任何PHP - openssl_private_decrypt does not return anything PHP 什么是Kotlin相当于功能openssl_private_decrypt? - What is Kotlin equivalent of funtion openssl_private_decrypt? 相当于openssl_private_decrypt和openssl_pkey_get_private的ASP.Net - ASP.Net equivalent of openssl_private_decrypt and openssl_pkey_get_private 使用RSACryptoServiceProvide在C#中加密,并在PHP中使用openssl_private_decrypt解密 - Encrypt in C# using RSACryptoServiceProvide and decrypt using openssl_private_decrypt in PHP 用openssl_private_decrypt解密将不起作用,因为文本存储了撇号 - Decrypting with openssl_private_decrypt wont work because text is storing apostrophes 通过密码和 openssl_decrypt 解密加密的私钥 - decrypt encrypted private key by password and openssl_decrypt 使用私钥加密/解密 - Encrypt / Decrypt with Private key
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM