使用具有PHP的PEM文件加密数据购买
我有p12文件,然后将其转换为两个pem文件一个是pk文件,一个是私钥文件:
newfile.key.pem..pem content:
localKeyID: 20 16 8C 58 E4 DD BC 0D 99 6D A3 DF A5 D1 65 C9 D2 DE 49 15
subject=/C=PL/ST=Silesia/L=Katowice/O=GAZT/CN=CommonName
issuer=/C=PL/ST=Silesia/L=Katowice/O=GAZT/CN=CommonName
-----BEGIN CERTIFICATE-----
MIIBmzCCAUECCQDQROomkk8YkDAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJQTDEQ
XXXXXXXXXX3xHgMeAXjgVpZftENoYAiB7
WFgx0hLuJTJbLpYCzpzdpWVOXrIr8g4XvtWKl02j1w==
-----END CERTIFICATE-----
Bag Attributes
localKeyID: 20 16 8C 58 E4 DD BC 0D 99 6D A3 DF A5 D1 65 C9 D2 DE 49 15
Key Attributes: <No Attributes>
-----BEGIN PRIVATE KEY-----
MIGEAgXXXXXXXXXXXXXXPXfA4zjpFRaOUNWUBNuU
-----END PRIVATE KEY-----
newfile.crt.pem content作为公钥:
Bag Attributes
localKeyID: 20 16 8C 58 E4 DD BC 0D 99 6D A3 DF A5 D1 65 C9 D2 DE 49 15
subject=/C=PL/ST=Silesia/L=Katowice/O=GAZT/CN=CommonName
issuer=/C=PL/ST=Silesia/L=Katowice/O=GAZT/CN=CommonName
-----BEGIN CERTIFICATE-----
MIIBmzCCAUECCQDQROomkk8YkDAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJQTDEQ
MA4GA1UECAwHUXXXXXXXXXXXXg4XvtWKl02j1w==
-----END CERTIFICATE-----
PHP代码:
// STEP 1: Encryption with Public Key (you will need Private Key to decrypt - see step2).
$PK="";
$fp=fopen ("newfile.crt.pem","r");
$pub_key=fread ($fp,8192);
fclose($fp);
$PK=openssl_get_publickey($pub_key);
$pub_key = "";
$string="Some Important Data";
if (!$PK) {
echo "Cannot get public key";
}
$finaltext="";
openssl_public_encrypt($string, $finaltext, $PK);
if (!empty($finaltext)) {
openssl_free_key($PK);
echo "Encryption OK!";
echo base64_encode($finaltext);
}else{
echo "Cannot Encrypt";
}
加密是给我加密的,
但是没有回声输出?
//STEP 2: Decription (Using Private Key)
$fp=fopen ("newfile.key.pem","r");
$priv_key2=fread ($fp,8192);
fclose($fp);
$priv_key2 = "";
$PK2=openssl_get_privatekey($priv_key2);
$Crypted=openssl_private_decrypt($finaltext,$Decrypted,$PK2);
if (!$Crypted) {
echo "not decrypt";
}else{
echo "Decrypted Data: " . $Decrypted;
}
实现它的正确方法是什么?因为我需要它来加密QR码中的TLV值?
我正在处理PHP 8.1 Cloud共享服务器。
I have P12 file and I convert it to two PEM files one is PK file and one is Private key file:
newfile.key.pem content:
localKeyID: 20 16 8C 58 E4 DD BC 0D 99 6D A3 DF A5 D1 65 C9 D2 DE 49 15
subject=/C=PL/ST=Silesia/L=Katowice/O=GAZT/CN=CommonName
issuer=/C=PL/ST=Silesia/L=Katowice/O=GAZT/CN=CommonName
-----BEGIN CERTIFICATE-----
MIIBmzCCAUECCQDQROomkk8YkDAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJQTDEQ
XXXXXXXXXX3xHgMeAXjgVpZftENoYAiB7
WFgx0hLuJTJbLpYCzpzdpWVOXrIr8g4XvtWKl02j1w==
-----END CERTIFICATE-----
Bag Attributes
localKeyID: 20 16 8C 58 E4 DD BC 0D 99 6D A3 DF A5 D1 65 C9 D2 DE 49 15
Key Attributes: <No Attributes>
-----BEGIN PRIVATE KEY-----
MIGEAgXXXXXXXXXXXXXXPXfA4zjpFRaOUNWUBNuU
-----END PRIVATE KEY-----
newfile.crt.pem content as public key:
Bag Attributes
localKeyID: 20 16 8C 58 E4 DD BC 0D 99 6D A3 DF A5 D1 65 C9 D2 DE 49 15
subject=/C=PL/ST=Silesia/L=Katowice/O=GAZT/CN=CommonName
issuer=/C=PL/ST=Silesia/L=Katowice/O=GAZT/CN=CommonName
-----BEGIN CERTIFICATE-----
MIIBmzCCAUECCQDQROomkk8YkDAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJQTDEQ
MA4GA1UECAwHUXXXXXXXXXXXXg4XvtWKl02j1w==
-----END CERTIFICATE-----
PHP Code:
// STEP 1: Encryption with Public Key (you will need Private Key to decrypt - see step2).
$PK="";
$fp=fopen ("newfile.crt.pem","r");
$pub_key=fread ($fp,8192);
fclose($fp);
$PK=openssl_get_publickey($pub_key);
$pub_key = "";
$string="Some Important Data";
if (!$PK) {
echo "Cannot get public key";
}
$finaltext="";
openssl_public_encrypt($string, $finaltext, $PK);
if (!empty($finaltext)) {
openssl_free_key($PK);
echo "Encryption OK!";
echo base64_encode($finaltext);
}else{
echo "Cannot Encrypt";
}
The encrypted is give me Encryption OK
but there is no echo output?
//STEP 2: Decription (Using Private Key)
$fp=fopen ("newfile.key.pem","r");
$priv_key2=fread ($fp,8192);
fclose($fp);
$priv_key2 = "";
$PK2=openssl_get_privatekey($priv_key2);
$Crypted=openssl_private_decrypt($finaltext,$Decrypted,$PK2);
if (!$Crypted) {
echo "not decrypt";
}else{
echo "Decrypted Data: " . $Decrypted;
}
What is the proper way to achieve it? because I need it to encrypt TLV values in QR code?
I am working on PHP 8.1 cloud shared server.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我仅修改了您的代码,但是我用有效的X509证书&amp;替换了您的证书捆绑包;私钥。
公共密钥包含在证书中。您可以使用此命令来生成证书并键合:
openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out sp.crt sp.crt -keyout sp.pem -sha256,您可以看到,该代码除了证书和某些线路中断外,代码是相同的。
I have modified your code only slightly, but I replaced your certificate bundle with a valid X509 certificate & private key.
The public key is contained within the certificate. You can generate certificate and keyfile yourself with this command:
openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out sp.crt -keyout sp.pem -sha256As you see, the code is identical except for the certificate and some line breaks.