堆栈内存溢出
  简体   繁体   English

openssl_public_encrypt()和openssl_private_encrypt()的输出

[英]Output of openssl_public_encrypt() and openssl_private_encrypt()

 原文  2012-04-25 12:17:02       php/ encryption/ openssl/ public-key-encryption

问题描述

I would like to know few things 我想知道几件事

  • What is output of openssl_public_encrypt() and openssl_private_encrypt() functions? openssl_public_encrypt()和openssl_private_encrypt()函数的输出是什么?
  • Output of above functions (Encrypted data), will that be web-safe? 以上功能(加密数据)的输出,将对网络安全吗?
  • How can I transfer generated encrypted data between websites? 如何在网站之间传输生成的加密数据?

1 个解决方案

解决方案1
 1  2012-04-25 13:07:53

openssl_public_encrypt() encrypts a message with a public key so that only the corresponding private key can decrypt it. openssl_public_encrypt()使用公共密钥加密消息,以便只有相应的私有密钥才能解密它。 This is used for protecting information against being seen by people who shouldn't. 这用于保护信息,以防不应该看到的人看到。

openssl_private_encrypt() encrypts a message with a private key so that it can be decrypted by anyone who has the corresponding public key. openssl_private_encrypt()使用私钥加密消息,以便拥有相应公钥的任何人都可以解密该消息。 This is not used for protecting information against unwanted eyes, it's used for making digital signatures to help verify that the data hasn't been modified. 不是用于保护信息以防有害的眼睛,而是用于进行数字签名以帮助验证数据是否已被修改。 You generally shouldn't use this function; 通常,您不应该使用此功能; use openssl_sign() and openssl_verify() instead. 请改用openssl_sign()openssl_verify()

Encryption and signing are typically used together: you take your data, sign it (using openssl_sign() ) with your own private key, and then encrypt it (using openssl_public_encrypt() ) with the recipient's public key. 加密和签名通常一起使用:您获取数据,使用自己的私钥对其进行签名(使用openssl_sign() ),然后使用收件人的公钥openssl_public_encrypt()进行加密(使用openssl_public_encrypt() )。 Send both the signature and the encrypted message to the recipient, and the recipient can decrypt the message (using openssl_private_decrypt() ) with his private key, and verify the signature (using openssl_verify() ) with your public key. 将签名和加密的消息都发送给收件人,收件人可以使用他的私钥对消息解密(使用openssl_private_decrypt() ),并使用openssl_verify()验证签名(使用openssl_verify() )。 This ensures that no one can read or tamper with the message while it's in transit, which is probably what you mean by "web-safe". 这样可以确保在传输过程中,任何人都无法阅读篡改该消息,这可能就是您所说的“网络安全”。

As for transferring data between websites, you can do that in any way you want. 至于在网站之间传输数据,您可以按照任何需要的方式进行。 HTTP, FTP, email, API calls, whatever. HTTP,FTP,电子邮件,API调用等。 The whole point of encryption and signing is that you don't have to use any special means to transfer the message securely. 加密和签名的全部要点是,您不必使用任何特殊方法即可安全地传输邮件。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 用 OpenSSL 重现 openssl_private_encrypt() - Reproduce openssl_private_encrypt() with OpenSSL 失败 openssl_public_encrypt - Failing openssl_public_encrypt openssl_public_encrypt和JSON - openssl_public_encrypt and JSON 将openssl_private_encrypt输出转换为十六进制php - convert openssl_private_encrypt output to hex php Openssl_private_encrypt 返回 FALSE - Openssl_private_encrypt returns FALSE 开头的稀有字符 openssl_private_encrypt - rare characters at the beginning openssl_private_encrypt 如何在MySQL数据库中存储openssl_public_encrypt()输出? - How to store openssl_public_encrypt() output in MySQL database? Android KeyPairGenerator + PHP openssl_public_encrypt - Android KeyPairGenerator + php openssl_public_encrypt openssl_public_encrypt有效,但是openssl_public_decrypt失败 - openssl_public_encrypt worked , but openssl_public_decrypt failed PHP OpenSSL - openssl_private_encrypt崩溃网页 - PHP OpenSSL - openssl_private_encrypt crashes webpage
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM