[英]how to store private keys in database or server (php)
I have a web application that uses private and public keys to encrypte my fillable form. 我有一个使用私钥和公钥来加密我的可填写表格的Web应用程序。
I'm using OPENSSL and PHP. 我正在使用OPENSSL和PHP。 My question is that how can i store private keys for each user in database or server?
我的问题是我如何在数据库或服务器中为每个用户存储私钥? I dont know which one is more safely.
我不知道哪个更安全。 Additionaly, my encyrption code ;
另外,我的密码;
//create new private and public key
$new_key_pair = openssl_pkey_new(array(
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
));
openssl_pkey_export($new_key_pair, $private_key_pem);
$details = openssl_pkey_get_details($new_key_pair);
$public_key_pem = $details['key'];
//create signature
//openssl_sign($data, $signature, $private_key_pem, OPENSSL_ALGO_SHA256);
//save for later
file_put_contents('private_key.pem', $private_key_pem);
file_put_contents('public_key.pem', $public_key_pem);
//file_put_contents('signature.dat', $signature);
//verify signature
//$r = openssl_verify($data, $signature, $public_key_pem, "sha256WithRSAEncryption");
//var_dump($r);
echo $private_key_pem;
echo "\r\n";
echo $public_key_pem;
echo "\r\n";
echo $data;
echo "\r\n";
How can i prevent my private and public keys ? 如何防止我的私钥和公钥? It shows on the screen
它显示在屏幕上
The public key need no security, so you can save as clear text in the database. 公钥不需要安全性,因此您可以在数据库中另存为明文。
with the private key you have different solution based on level of security and kinds of attacks you want to avoid. 使用私钥,您可以根据安全级别和要避免的攻击种类来选择不同的解决方案。
1 save the pk as clear text in the db. 1将pk作为明文保存在数据库中。 Never write php code that echo the pk
永远不要写回显pk的php代码
2 save the pk in p12 format protect it with a password. 2将pk保存为p12格式,并用密码保护。 You can prompt the password to the user every time you need
您可以在每次需要时向用户提示密码
3 generete, store and use the pk using a HSM http://en.m.wikipedia.org/wiki/Hardware_security_module 3使用HSM http://en.m.wikipedia.org/wiki/Hardware_security_module生成,存储和使用pk
i suggest solution 2. 我建议解决方案2。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.