使用私鑰和PKCS1進行PHP RSA加密

Question

我需要使用RSA，PKCS1，私鑰和PHP加密字符串。 我甚至找不到可以與exec（）一起使用的終端命令。 有誰知道怎么做？

謝謝！

Answer 1

試試phpseclib，一個純PHP RSA實現 ：

<?php
include('Crypt/RSA.php');

$rsa = new Crypt_RSA();
//extract($rsa->createKey());

$plaintext = 'terrafrost';

$rsa->loadKey($privatekey);
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
$ciphertext = $rsa->encrypt($plaintext);

echo $plaintext;
?>

安全警告：如果您要使用phpseclib，請確保遵循RSA加密的最佳做法 。 有關更多詳細信息和替代方法，請參閱此答案 。

Answer 2

openssl aes-256-cbc -a -salt -in inputfile.txt -out encryptedfile.txt -pass pass:thepassword
openssl aes-256-cbc -d -a -in encryptedfile.txt -out decryptedfile.txt 

可以執行這些，並且應該能夠根據需要更改密碼。

Answer 3

如果啟用了php_openssl擴展，則可以在不使用命令行的情況下執行此操作，而不是創建密鑰。 如果你願意，你甚至可以用php創建密鑰。

生成密鑰

這些是生成密鑰的shell命令。 您可以在Linux，Mac，Cygwin甚至Windows Git BASH中運行它們。

生成512位rsa私鑰。 這會要求您輸入密碼。 你需要安全地存儲它。

openssl genrsa -des3 -out private.pem 512

根據私鑰生成公鑰。 您可以以不安全的方式自由存儲它。

openssl rsa -in private.pem -pubout -out public.pem

使用PHP使用密鑰加密/解密數據

請注意，我已經使用公鑰和私鑰加密和解密。 您只想選擇其中一個來實現，例如使用private加密和使用public解密。

<?php
$privateKeyPassphrase = "mypassword";
$sensitiveData = "This is the data that we want to encrypt.";

/*
// Load the keys from a file (as you would most likely do in a production environment)
$priv_key_file_name = realpath("private.pem");
$publ_key_file_name = realpath("public.pem");

// Note: This function needs an array of parameters!
$privateKey = openssl_pkey_get_private(array("file://$priv_key_file_name", $privateKeyPassphrase));
$publicKey = openssl_pkey_get_public(array("file://$publ_key_file_name", $privateKeyPassphrase));
*/

// Get keys from a string so that this example can be run without the need for extra files
$privateKeyString = <<<PK
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,D21679087FE8490E

hXTtfXC4qYNoE9hySVwPD+Mwhb7RiCae589Z952Z+ucz9i8j+1MO4Sx2nOMCH5Eg
uotMSr3FipJ/Bqbh66AqqYK3PG7NFYA41f/7xrTA6gwq6MDjmAy6z8TW+NE3OCpF
n+9zPzT15wcNm4U4ZRpEO+Fi8cYTLu0LlX+k8Djrd+CuS6wX4p8SgpAplDrnAiAH
z3sJtf2+M67yTNT7v/hIJmkebCwES43pTlNrxluJpD7HBl4BGmFWFI+MJ/gPuFn6
etQjDpzgep0Wn4FKi34IkDQ9kM4/9tWy0Fhf8ytdg0NZshMt/PWRPrNrs+2qLoJu
1rHc0rtKVvALQOKU+SbxaYVBlEzelxB0XJ2uQMSIs46vHZiUG3Q2JBmlxRshHQse
8n9CAYmwm++cPmXq06rVMclCJR0pDlOzGQvIgmo4eiY=
-----END RSA PRIVATE KEY-----
PK;

$publicKeyString = <<<PK
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKcNEHgry/zIFpKdKz2E/ksoDkBn00K7
v2CxB2kHMWjAxgaFPCYs/8gHclSkcJYARKqvU/0Gsc0mrrPtCs5CytcCAwEAAQ==
-----END PUBLIC KEY-----
PK;

// Load private key
$privateKey = openssl_pkey_get_private(array($privateKeyString, $privateKeyPassphrase));

// Load public key
$publicKey = openssl_pkey_get_public(array($publicKeyString, $privateKeyPassphrase));

if (!$privateKey) {
    echo "Private key NOT OK\n";
}

if (!$publicKey) {
    echo "Public key NOT OK\n";
}

if (!openssl_private_encrypt($sensitiveData, $encryptedWithPrivate, $privateKey)) {
    echo "Error encrypting with private key\n";
}

if (!openssl_public_encrypt($sensitiveData, $encryptedWithPublic, $publicKey)) {
    echo "Error encrypting with public key\n";
}

if (!openssl_private_decrypt($encryptedWithPublic, $decryptedWithPrivateFromPublic, $privateKey)) {
    echo "Error decrypting with private key what was encrypted with public key\n";
}

if (!openssl_public_decrypt($encryptedWithPrivate, $decryptedWithPublicFromPrivate, $publicKey)) {
    echo "Error decrypting with public key what was encrypted with private key\n";
}

echo "Encrypted with public key: " . base64_encode($encryptedWithPublic) . "\n"; // This is different every time
echo "Encrypted with private key: " . base64_encode($encryptedWithPrivate) . "\n";
echo "Decrypted with private key what was encrypted with public key: " . $decryptedWithPrivateFromPublic . "\n";
echo "Decrypted with public key what was encrypted with private key: " . $decryptedWithPublicFromPrivate . "\n";