如何使用 PHP 和 RSA / Triple DES 加密 XML 文档中的字段

发布于 2024-09-06 18:38:54 字数 881 浏览 10 评论 0 原文

我正在为南非的学校开发一个应用程序,需要将XML格式的数据提交给国家IT机构进行统计处理。我当前正在使用 PHP 的 DOMDocument 类生成 XML 文件。

我的文件已经通过了第一阶段验证过程。下一阶段是实现 XML 文件的加密和压缩。压缩是一个简单的 GZip,所以不用担心。

规范文档表明使用了 RSA 加密(我将获得 RSA 密钥以在软件中实现)以及某种形式的对称加密,例如 Triple DES(尽管这是一个“示例”以及<代码>http://www.w3.org/TR/xmldsig-core即可实现)。如果我理解正确的话,RSA 加密是对一个对称密钥进行编码,该密钥用于字段的实际加密。

该规范文档还指出“XML 文件的加密可以在整个文件或某些元素上执行”。在现阶段,我不太确定哪一个更容易,所以任何一个的答案就足够了!

我认为,要求是加密 XML 标记的内容而不是名称(如 http://www.w3.org/TR/xmlenc-core/#sec-eg-Element-Content-字符)。

如果这看起来含糊不清,我深表歉意。这是目前我所掌握的所有信息,该机构的联系人很高兴地说(VisualBasic .NET)代码示例应该解释一切...如果您想检查此代码示例,欢迎您查看以下 ZIP 文件中的 Word 文档,从大约第 213 页开始。 http://www.sita。 co.za/doe_lurits/DEVS-00118%20Rev%201.2%2012%20Jan%202009.zip

如果有人可以帮助或指出我正确的方向,我将不胜感激。

I am developing an application for schools in South Africa which is required to submit data in XML format to the State IT Agency for statistical processing. I am currently generating the XML files using PHP's DOMDocument class.

My files have gone through a first stage verification process. The next stage is to implement encryption and compression of the XML files. The compression is a simple GZip so no worries there.

The specification document indicates that both RSA Encryption is used (I will be issued RSA keys to implement into the software) as well as some form of symmetrical encryption such as Triple DES (although this is an "example" and any of the algorithms at http://www.w3.org/TR/xmldsig-core can be implemented). If I understand this correctly, the RSA encryption is to encode a symmetrical key which is used for the actual encryption of the fields.

The specification document also says "Encryption of an XML file can be performed either on the whole file or on certain elements." I'm not quite sure which is easier, at this stage and so answers to either will suffice!

The requirement is, I assume, to encrypt the contents of the XML tags and not the names (as in http://www.w3.org/TR/xmlenc-core/#sec-eg-Element-Content-Character).

I apologise if this seems vague. It is currently all the information I have and the contacts at the Agency are happy to say that the (VisualBasic .NET) code samples should explain everything... If you want to examine this code sample, you are welcome to have a look at the Word document in the following ZIP file, from about page 213 onwards. http://www.sita.co.za/doe_lurits/DEVS-00118%20Rev%201.2%2012%20Jan%202009.zip

If anyone can help or point me in the right direction, I'd appreciate it.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

逆蝶 2024-09-13 18:38:54

您应该使用 XMLSec 加密来加密 XML 文件。以下库应该为您处理所有详细信息,

http://code.google.com/p/ xmlseclibs/

You should just encrypt the XML file using XMLSec Encryption. The following library should handle all the details for you,

http://code.google.com/p/xmlseclibs/

谈场末日恋爱 2024-09-13 18:38:54

请参阅 openssl_encrypt 了解对称加密和 openssl_public_encrypt/openssl_private_decrypt 用于非对称加密。

See openssl_encrypt for symmetric encryption and openssl_public_encrypt/openssl_private_decrypt for asymmetric encryption.

来日方长 2024-09-13 18:38:54

听起来您可以加密整个文档或仅加密某些“敏感”标签的内容。加密整个文档可能是最简单的方法。

至于 RSA/3DES 的事情 - 你几乎肯定是对的。您可以使用 3DES 加密文档,然后使用 RSA 公钥加密您的 3DES 密钥。

因此,似乎您需要做的只是生成文档,对其进行压缩,然后使用 3DES 加密压缩结果。

Sounds like you can either encrypt the entire document or just the contents of certain "sensitive" tags. Encrypting the entire document would probably be the easiest way to go.

As for the RSA/3DES thing - you are almost certainly right. You would encrypt the document with 3DES, then encrypt your 3DES key with their RSA public key.

So, seems like what you need to do is just generate the document, zip it, then encrypt the zipped results with 3DES.

无名指的心愿 2024-09-13 18:38:54

对称加密文档加 PK 加密密钥架构本质上是 PGP。您的客户可以接受 OpenPGP 吗?

The Symmetric-encrypted-document-plus-PK-encrypted-key architecture is essentially PGP. Would OpenPGP be acceptable to your customer?

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文