生成RSA 公钥私钥

大家好，欢迎来到IT知识分享网。

加密的类型：

具体实现：

1、加密解密的第一步是生成公钥、私钥对，私钥加密的内容能通过公钥解密（反过来亦可以）

    ssh-keygen 方式

    生成加密长度4096位密钥

        生成私钥：ssh-keygen -t rsa -b 4096 -f ${private}.key
        生成公钥：openssl rsa -in ${private}.key -pubout -outform PEM -out ${public}.key.pub
        转换格式：openssl pkcs8 -topk8 -inform PEM -in jwtRS256.key -outform pem -nocrypt -out pkcs8.pem

    生成加密长度1024位密钥

        生成私钥：ssh-keygen -t rsa -b 1024 -f ${private}.key
        生成公钥：openssl rsa -in ${private}.key -pubout -outform PEM -out ${public}.key.pub
        转换格式：openssl pkcs8 -topk8 -inform PEM -in jwtRS256.key -outform pem -nocrypt -out pkcs8.pem

    openssl方式
    生成加密长度1024位密钥
        生成私钥：openssl genrsa -out rsa_private_key.pem 1024

        转换格式：openssl pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt -out private_key.pem       

        生成公钥：openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem

    提供在线生成rsa公钥私钥的服务：

        http://www.bm8.com.cn/webtool/rsa/

密钥可分为1024，2048，4096等位密钥，位数不同，可加解密明文长度不一。 比如1024位密钥： 可加解密明文长度 len = 1024/8 – 11 = 117字节。

PHP的加密解密类库:

<?php namespace sdk\rsa; class Rsa { / * 获取私钥 * @return bool|resource */ private static function getPrivateKey() { $abs_path = dirname(__FILE__) . '/rsa_private_key.pem'; $content = file_get_contents($abs_path); return openssl_pkey_get_private($content); } / * 获取公钥 * @return bool|resource */ private static function getPublicKey() { $abs_path = dirname(__FILE__) . '/rsa_public_key.pem'; $content = file_get_contents($abs_path); return openssl_pkey_get_public($content); } / * 私钥加密 * @param string $data * @return null|string */ public static function privEncrypt($data = '') { if (!is_string($data)) { return null; } // return openssl_private_encrypt($data, $encrypted, self::getPrivateKey()) ? base64_encode($encrypted) : null; // $encrypted = $this->urlsafe_b64decode($encrypted); $crypto = ''; foreach (str_split(self::urlsafe_b64decode($encrypted), 128) as $chunk) { openssl_public_decrypt($chunk, $decryptData, self::getPrivateKey()); $crypto .= $decryptData; } return $crypto; } / * 公钥加密 * @param string $data * @return null|string */ public static function publicEncrypt($data = '') { if (!is_string($data)) { return null; } // return openssl_public_encrypt($data, $encrypted, self::getPublicKey()) ? base64_encode($encrypted) : null; $crypto = ''; foreach (str_split($data, 117) as $chunk) { openssl_public_encrypt($chunk, $encryptData, self::getPublicKey()); $crypto .= $encryptData; } $encrypted = self::urlsafe_b64encode($crypto); return $encrypted; } / * 私钥解密 * @param string $encrypted * @return null */ public static function privDecrypt($encrypted = '') { if (!is_string($encrypted)) { return null; } $crypto = ''; foreach (str_split(self::urlsafe_b64decode($encrypted), 128) as $chunk) { openssl_private_decrypt($chunk, $decryptData, self::getPrivateKey()); $crypto .= $decryptData; } // return (openssl_private_decrypt(base64_decode($encrypted), $decrypted, self::getPrivateKey())) ? $decrypted : null; return $crypto; } / * 公钥解密 * @param string $encrypted * @return null */ public static function publicDecrypt($encrypted = '') { if (!is_string($encrypted)) { return null; } return (openssl_public_decrypt(base64_decode($encrypted), $decrypted, self::getPublicKey())) ? $decrypted : null; } //加密码时把特殊符号替换成URL可以带的内容 public static function urlsafe_b64encode($string) { $data = base64_encode($string); $data = str_replace(array('+','/','='),array('-','_',''),$data); return $data; } //解密码时把转换后的符号替换特殊符号 public static function urlsafe_b64decode($string) { $data = str_replace(array('-','_'),array('+','/'),$string); $mod4 = strlen($data) % 4; if ($mod4) { $data .= substr('====', $mod4); } return base64_decode($data); } } // 调用 $rsa = new Rsa(); $data['name'] = 'Tom'; $data['age'] = '20'; $privEncrypt = $rsa->privEncrypt(json_encode($data)); echo '私钥加密后:'.$privEncrypt.'<br>'; $publicDecrypt = $rsa->publicDecrypt($privEncrypt); echo '公钥解密后:'.$publicDecrypt.'<br>'; $publicEncrypt = $rsa->publicEncrypt(json_encode($data)); echo '公钥加密后:'.$publicEncrypt.'<br>'; $privDecrypt = $rsa->privDecrypt($publicEncrypt); echo '私钥解密后:'.$privDecrypt.'<br>';