堆栈内存溢出
  简体   繁体   English

PHP:从私钥字符串/文件获取RSA公钥

[英]PHP: Get RSA public key from private key string/file

 原文  2018-04-14 21:55:03       php/ laravel/ validation/ authentication/ openssl

问题描述

I'm building a basic encrypted chat application with laravel. 我正在使用laravel构建基本的加密聊天应用程序。 Im trying to authenticate a user given a private key that was generated when the user signed up. 我尝试通过给用户注册时生成的私钥对用户进行身份验证。

The users' public key is stored in the DB. 用户的公共密钥存储在数据库中。 When the user wants to log in, the need to upload the private key that was given to them. 当用户想要登录时,需要上载给他们的私钥。 I want to compare the public key in the DB and the public key from the original private key. 我想比较数据库中的公钥和原始私钥中的公钥。 

/**
 * Validate user key file for login
 */
public function validateKey($attribute, $value, $parameters){
    if (!($value instanceof UploadedFile)) return false;

    // Get user to match key
    $user = $this->data['username'];

    // Get public key from file
    $privateKey = File::get($value->getRealPath());

    dd($privateKey);
}

I am able to get the private key in a string format. 我能够以字符串格式获取私钥。 From here I cannot seem to generate or extract the public key to compare to the DB value. 从这里开始,我似乎无法生成或提取要与DB值进行比较的公钥。

1 个解决方案

解决方案1
 4 已采纳  2018-04-14 22:04:52

They should also never upload their private key to your server. 他们也不应将自己的私钥上载到您的服务器。 You should never have your private key at a remote location. 永远不要将私钥放在远程位置。

The point of having two keys is one key can decrypt any message encrypted by the other key. 具有两个密钥的要点是一个密钥可以解密由另一个密钥加密的任何消息。 The major difference between the public key and the private key in most algorithms would be more or less which one you keep private and which one you share. 在大多数算法中,公钥和私钥之间的主要区别或多或少是您保留私密密钥和共享私密密钥。 In RSA, the private key is designated, but you still do not want to upload it or share it. 在RSA中,指定了私钥,但是您仍然不想上传或共享它。

Redacted: ~That's not how public/private keys work. 已编辑:〜这不是公钥/私钥的工作方式。 You can't extract one from the other. 您不能从另一个中提取一个。 If you could, that would defeat the purpose of the asymmetric encryption.~ 如果可以的话,那将破坏非对称加密的目的。

As @iainn pointed out, you can extract a public key from an RSA private key, however I still do not recommend having users upload their private key. 正如@iainn指出的那样,您可以从RSA私钥中提取公钥,但是我仍然不建议用户上传其私钥。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP rsa 从 pem 文件中获取公钥 - PHP rsa get public key from pem file 在php中将openssl密钥转换为rsa公钥 - Convert openssl key to rsa public key in php php:使用 RSA 私钥进行字符串加密(从 JAVA 转换为 php) - php: string encryption using RSA private key (convert from JAVA to php) 我们可以使用 angular 中的私钥加密数据并使用 RSA 加密使用 PHP 中的公钥解密数据吗? - Can we Encrypt data with private key in angular and Decrypt data with public key in PHP using RSA Encryption? PHP:使用公钥加密文件并使用私钥解密 - PHP: Encrypt a file using public key and decrypt using private key 将RSA公钥从XML转换为PEM(PHP) - Convert RSA public key, from XML to PEM (PHP) 将CRYPT_RSA_PUBLIC_FORMAT_PKCS1从PHP转换为Java中的RSA公钥 - Convert CRYPT_RSA_PUBLIC_FORMAT_PKCS1 from php to RSA Public key in Java C# 生成的 RSA 公钥是一个 XML 文件。 PHP中的公钥如何解密或转换? - The RSA public key generated by C# is an XML file. How can the public key be decrypted or converted in PHP? RSA:从 Python 和 PHP 中的 n 和 e 生成公钥给我两个不同的公钥 - RSA: generate public key from n and e in Python and PHP give me two different public key 使用PHP中的RSA公钥验证JWT签名 - Verify JWT signature with RSA public key in PHP
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM