当前位置: 文江博客话题详情

使用私钥和 PKCS1 的 PHP RSA 加密

发布于 2024-10-10 05:36:12 字数 85 浏览 0 评论 0原文

我需要使用 RSA、PKCS1、私钥和 PHP 加密字符串。我什至找不到可以与 exec() 一起使用的终端命令。有谁知道该怎么做?

谢谢!

原文

I need to encrypt a string using RSA, PKCS1, a private key and PHP. I could not find even a terminal command which can be used with exec(). Does anyone knows how to do it?

Thanks!

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

墨小墨 2024-10-17 05:36:12

尝试 phpseclib,一个纯 PHP RSA 实现

<?php
include('Crypt/RSA.php');

$rsa = new Crypt_RSA();
//extract($rsa->createKey());

$plaintext = 'terrafrost';

$rsa->loadKey($privatekey);
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
$ciphertext = $rsa->encrypt($plaintext);

echo $plaintext;
?>

安全警告:如果您要使用 phpseclib,请确保遵循 RSA 加密的最佳实践。另请参阅此答案了解更多详细信息和替代方法。

Try phpseclib, a pure PHP RSA implementation:

<?php
include('Crypt/RSA.php');

$rsa = new Crypt_RSA();
//extract($rsa->createKey());

$plaintext = 'terrafrost';

$rsa->loadKey($privatekey);
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
$ciphertext = $rsa->encrypt($plaintext);

echo $plaintext;
?>

Security warning: If you're going to use phpseclib, make sure you follow the best practices for RSA encryption. See also this answer for more details and an alternative approach.

回复 原文
情绪失控 2024-10-17 05:36:12

如果您启用了 php_openssl 扩展,则除了创建密钥之外,无需使用命令行即​​可执行此操作。如果您愿意,您甚至可以使用 php 创建密钥。

生成密钥

这些是生成密钥的 shell 命令。您可以在 Linux、Mac、Cygwin 甚至 Windows Git BASH 中运行它们。

生成 512 位 rsa 私钥。这将要求您输入密码。您需要安全地存放它。

openssl genrsa -des3 -out private.pem 512

根据私钥生成公钥。您可以自由地以不安全的方式存储它。

openssl rsa -in private.pem -pubout -out public.pem

使用 PHP 使用密钥加密/解密数据

请注意,我已经包含了使用公钥和私钥进行加密和解密的内容。您只想选择其中之一来实施,例如使用私有加密和使用公共解密。

<?php
$privateKeyPassphrase = "mypassword";
$sensitiveData = "This is the data that we want to encrypt.";

/*
// Load the keys from a file (as you would most likely do in a production environment)
$priv_key_file_name = realpath("private.pem");
$publ_key_file_name = realpath("public.pem");

// Note: This function needs an array of parameters!
$privateKey = openssl_pkey_get_private(array("file://$priv_key_file_name", $privateKeyPassphrase));
$publicKey = openssl_pkey_get_public(array("file://$publ_key_file_name", $privateKeyPassphrase));
*/

// Get keys from a string so that this example can be run without the need for extra files
$privateKeyString = <<<PK
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,D21679087FE8490E

hXTtfXC4qYNoE9hySVwPD+Mwhb7RiCae589Z952Z+ucz9i8j+1MO4Sx2nOMCH5Eg
uotMSr3FipJ/Bqbh66AqqYK3PG7NFYA41f/7xrTA6gwq6MDjmAy6z8TW+NE3OCpF
n+9zPzT15wcNm4U4ZRpEO+Fi8cYTLu0LlX+k8Djrd+CuS6wX4p8SgpAplDrnAiAH
z3sJtf2+M67yTNT7v/hIJmkebCwES43pTlNrxluJpD7HBl4BGmFWFI+MJ/gPuFn6
etQjDpzgep0Wn4FKi34IkDQ9kM4/9tWy0Fhf8ytdg0NZshMt/PWRPrNrs+2qLoJu
1rHc0rtKVvALQOKU+SbxaYVBlEzelxB0XJ2uQMSIs46vHZiUG3Q2JBmlxRshHQse
8n9CAYmwm++cPmXq06rVMclCJR0pDlOzGQvIgmo4eiY=
-----END RSA PRIVATE KEY-----
PK;

$publicKeyString = <<<PK
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKcNEHgry/zIFpKdKz2E/ksoDkBn00K7
v2CxB2kHMWjAxgaFPCYs/8gHclSkcJYARKqvU/0Gsc0mrrPtCs5CytcCAwEAAQ==
-----END PUBLIC KEY-----
PK;

// Load private key
$privateKey = openssl_pkey_get_private(array($privateKeyString, $privateKeyPassphrase));

// Load public key
$publicKey = openssl_pkey_get_public(array($publicKeyString, $privateKeyPassphrase));

if (!$privateKey) {
    echo "Private key NOT OK\n";
}

if (!$publicKey) {
    echo "Public key NOT OK\n";
}

if (!openssl_private_encrypt($sensitiveData, $encryptedWithPrivate, $privateKey)) {
    echo "Error encrypting with private key\n";
}

if (!openssl_public_encrypt($sensitiveData, $encryptedWithPublic, $publicKey)) {
    echo "Error encrypting with public key\n";
}

if (!openssl_private_decrypt($encryptedWithPublic, $decryptedWithPrivateFromPublic, $privateKey)) {
    echo "Error decrypting with private key what was encrypted with public key\n";
}

if (!openssl_public_decrypt($encryptedWithPrivate, $decryptedWithPublicFromPrivate, $publicKey)) {
    echo "Error decrypting with public key what was encrypted with private key\n";
}

echo "Encrypted with public key: " . base64_encode($encryptedWithPublic) . "\n"; // This is different every time
echo "Encrypted with private key: " . base64_encode($encryptedWithPrivate) . "\n";
echo "Decrypted with private key what was encrypted with public key: " . $decryptedWithPrivateFromPublic . "\n";
echo "Decrypted with public key what was encrypted with private key: " . $decryptedWithPublicFromPrivate . "\n";

If you have the php_openssl extension enabled you can do this without using the command line other than to create the keys. And you could even create the keys with php also if you wanted.

Generate your keys

These are the shell commands to generate the keys. You can run these in Linux, Mac, Cygwin, or even your Windows Git BASH.

Generate a 512 bit rsa private key. This will ask you for a password. You need to store this safely.

openssl genrsa -des3 -out private.pem 512

Generate the public key based on the private key. You are free to store this in an insecure manner.

openssl rsa -in private.pem -pubout -out public.pem

Use PHP to encrypt/decrypt data with your keys

Note that I've included encrypting and decrypting with public and private keys. You only want to choose one of these to implement, for example encrypt with private and decrypt with public.

<?php
$privateKeyPassphrase = "mypassword";
$sensitiveData = "This is the data that we want to encrypt.";

/*
// Load the keys from a file (as you would most likely do in a production environment)
$priv_key_file_name = realpath("private.pem");
$publ_key_file_name = realpath("public.pem");

// Note: This function needs an array of parameters!
$privateKey = openssl_pkey_get_private(array("file://$priv_key_file_name", $privateKeyPassphrase));
$publicKey = openssl_pkey_get_public(array("file://$publ_key_file_name", $privateKeyPassphrase));
*/

// Get keys from a string so that this example can be run without the need for extra files
$privateKeyString = <<<PK
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,D21679087FE8490E

hXTtfXC4qYNoE9hySVwPD+Mwhb7RiCae589Z952Z+ucz9i8j+1MO4Sx2nOMCH5Eg
uotMSr3FipJ/Bqbh66AqqYK3PG7NFYA41f/7xrTA6gwq6MDjmAy6z8TW+NE3OCpF
n+9zPzT15wcNm4U4ZRpEO+Fi8cYTLu0LlX+k8Djrd+CuS6wX4p8SgpAplDrnAiAH
z3sJtf2+M67yTNT7v/hIJmkebCwES43pTlNrxluJpD7HBl4BGmFWFI+MJ/gPuFn6
etQjDpzgep0Wn4FKi34IkDQ9kM4/9tWy0Fhf8ytdg0NZshMt/PWRPrNrs+2qLoJu
1rHc0rtKVvALQOKU+SbxaYVBlEzelxB0XJ2uQMSIs46vHZiUG3Q2JBmlxRshHQse
8n9CAYmwm++cPmXq06rVMclCJR0pDlOzGQvIgmo4eiY=
-----END RSA PRIVATE KEY-----
PK;

$publicKeyString = <<<PK
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKcNEHgry/zIFpKdKz2E/ksoDkBn00K7
v2CxB2kHMWjAxgaFPCYs/8gHclSkcJYARKqvU/0Gsc0mrrPtCs5CytcCAwEAAQ==
-----END PUBLIC KEY-----
PK;

// Load private key
$privateKey = openssl_pkey_get_private(array($privateKeyString, $privateKeyPassphrase));

// Load public key
$publicKey = openssl_pkey_get_public(array($publicKeyString, $privateKeyPassphrase));

if (!$privateKey) {
    echo "Private key NOT OK\n";
}

if (!$publicKey) {
    echo "Public key NOT OK\n";
}

if (!openssl_private_encrypt($sensitiveData, $encryptedWithPrivate, $privateKey)) {
    echo "Error encrypting with private key\n";
}

if (!openssl_public_encrypt($sensitiveData, $encryptedWithPublic, $publicKey)) {
    echo "Error encrypting with public key\n";
}

if (!openssl_private_decrypt($encryptedWithPublic, $decryptedWithPrivateFromPublic, $privateKey)) {
    echo "Error decrypting with private key what was encrypted with public key\n";
}

if (!openssl_public_decrypt($encryptedWithPrivate, $decryptedWithPublicFromPrivate, $publicKey)) {
    echo "Error decrypting with public key what was encrypted with private key\n";
}

echo "Encrypted with public key: " . base64_encode($encryptedWithPublic) . "\n"; // This is different every time
echo "Encrypted with private key: " . base64_encode($encryptedWithPrivate) . "\n";
echo "Decrypted with private key what was encrypted with public key: " . $decryptedWithPrivateFromPublic . "\n";
echo "Decrypted with public key what was encrypted with private key: " . $decryptedWithPublicFromPrivate . "\n";
回复 原文
漫漫岁月 2024-10-17 05:36:12
openssl aes-256-cbc -a -salt -in inputfile.txt -out encryptedfile.txt -pass pass:thepassword
openssl aes-256-cbc -d -a -in encryptedfile.txt -out decryptedfile.txt

可以执行这些,并且应该能够根据需要更改密码。

openssl aes-256-cbc -a -salt -in inputfile.txt -out encryptedfile.txt -pass pass:thepassword
openssl aes-256-cbc -d -a -in encryptedfile.txt -out decryptedfile.txt

Can exec these, and should be able to change the cipher as needed.

回复 原文
~没有更多了~

关于作者

随梦而飞#

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

花开柳相依

文章 0 评论 0

zyhello

文章 0 评论 0

故友

文章 0 评论 0

对风讲故事

文章 0 评论 0

Oo萌小芽oO

文章 0 评论 0

梦明

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文