标签加密技术下的文章

使用非对称加密主要是借助openssl的公钥和私钥，用公钥加密私钥解密，或者私钥加密公钥解密。
1.linux需要安装openssl和php的openssl扩展
2.生成私钥：openssl genrsa 用于生成rsa私钥文件，生成是可以指定私钥长度和密码保护


openssl genrsa -out rsa_private_key.pem 1024

3.生成公钥：rsa命令用于处理RSA密钥、格式转换和打印信息


openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem

4.测试代码


<?php
//密钥
$secret = 'e10adc3949ba59abbe56e057f20f883e';

//测试数据
$_POST = array();
$_POST['id'] = 1;
$_POST['name'] = 'zhansan';

//生成签名
$sign = MakeSign($_POST, $secret);

$public_key = '-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAbfx4VggVVpcfCjzQ+nEiJ2DL
nRg3e2QdDf/m/qMvtqXi4xhwvbpHfaX46CzQznU8l9NJtF28pTSZSKnE/791MJfV
nucVcJcxRAEcpPprb8X3hfdxKEEYjOPAuVseewmO5cM+x7zi9FWbZ89uOp5sxjMn
lVjDaIczKTRx+7vn2wIDAQAB
-----END PUBLIC KEY-----';

//打印签名
echo $sign;
echo '<br>';

//利用公钥加密签名
openssl_public_encrypt($sign, $token, $public_key); 
//token为加密的sign,后面用私钥解密获取sign
$token = base64_encode($token);

//打印token
echo $token;
echo '<br>';

//rsa 私钥
$private_key='-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDAbfx4VggVVpcfCjzQ+nEiJ2DLnRg3e2QdDf/m/qMvtqXi4xhw
vbpHfaX46CzQznU8l9NJtF28pTSZSKnE/791MJfVnucVcJcxRAEcpPprb8X3hfdx
KEEYjOPAuVseewmO5cM+x7zi9FWbZ89uOp5sxjMnlVjDaIczKTRx+7vn2wIDAQAB
AoGAZzUWajxKTZeJqh5FjBgmwZi5M7voFynZAjRWAkCkqZye0FfY7e70kA92C1AL
aVqySnNr4WYZuGorEeOFGqHIv1XSowTLgfLkVBZ/SXiep2QYJrR0YevjysvLnTfb
mrdWCqWSj+0AlQg+AvDA/qtvBVMxKymbpo+4bj5H2pPPZ1ECQQDi1PwJQJBYPbpL
vGmP3AmWg467tCeQ+aJGgtQTOK5BH+p0BWFVDX583R437vllkKI8EXgZfqQfsQcj
7XUAXyZVAkEA2SyFbO8roH9JLrEoxxKGeiGZvhPfNl9nXLhX0OFS0ywQaVBJno39
9W5bX5iP5Jzeb3UWsZ/TxzhGc/b4WjAlbwJBAOFuIn1feRT5Y+hY++BJIg4/+N57
EMd4ENpas0HXFvcKLQvZPP42Rvr5FksoaRuTPmjMQ7uyrJICccI3AAy6g3ECQQDE
AyH9+zRmLNxRj0advsOvUcpgu7DYc21oS12/Qs+tl3TMiNGZkNDphwxjkOA217sP
4B92fCn6AnncSslHJXNzAkBo6ujxqIfrZMOG3ON9nXxkWlq39GFS6CzXWscHA3Xz
FMVT1WWU3FR2Kf2QSKiMGv02YcI2xfowim3JnT6600N0
-----END RSA PRIVATE KEY-----';




$token = base64_decode($token);
//利用私钥解密获取sigi签名
openssl_private_decrypt($token, $sign2, $private_key); 

//打印sign
echo $sign2;
echo '<br>';

if($sign2 == MakeSign($_POST, $secret)){
    exit('token校验成功');
}else{
    exit('token校验失败') ;
}




 /**
 * 生成签名
 * 备注：sign不参与签名
 * $data # 数组
 * $secret # 密钥
 */
function MakeSign($data = '', $secret = '')
{
    //签名步骤一：按字典序排序参数
    ksort($data);
    //签名步骤二:格式化成url参数
    $buff = "";
    foreach ($data as $k => $v)
    {
        if($k != "sign"){
            $buff .= $k . "=" . $v . "&";
        }
    }
    $string = trim($buff, "&");
    //签名步骤三：在string后加入KEY
    $string = $string . "&secret=".$secret;
    //签名步骤四：MD5加密
    $string = md5($string);
    //签名步骤五：所有字符转为大写
    $result = strtoupper($string);
    return $result;
}

测试结果


签名
AB1FAD5119B796DD87FAF8C88D57EF86
加密后的签名用于传输
sEHmlQqxShwDYcoEEDwIh7Aa7BYDbvOQmVUqlPppwWLpta4+Xxb+GTaQopsuKBgQ1sJgQahuOjvohHuSgj9tRQt4VtqItHyEA+Yj8NNZcZzxMB5AoLeVkc+D51A2jBkksiujdUCMNMjCaF8L/BhHGZaaXK5GOk6E4HPIIkeOU6o=
解密后的签名
AB1FAD5119B796DD87FAF8C88D57EF86
判断签名是否一致，校验成功

php使用openssl来实现非对称加密签名，用于接口间安全传输数据

最新文章

最新回复

标签

归档

其他