{"id":1682,"date":"2017-06-16T16:03:08","date_gmt":"2017-06-16T08:03:08","guid":{"rendered":"http:\/\/www.youthtribe.com\/?p=1682"},"modified":"2017-06-17T13:15:23","modified_gmt":"2017-06-17T05:15:23","slug":"php-%e7%94%9f%e6%88%90rsa%e9%9d%9e%e5%af%b9%e7%a7%b0%e5%8a%a0%e5%af%86%e7%94%a8%e7%9a%84%e8%af%81%e4%b9%a6-cer-pfx%e6%96%87%e4%bb%b6","status":"publish","type":"post","link":"http:\/\/www.youthtribe.com\/archives\/1682","title":{"rendered":"php \u751f\u6210RSA\u975e\u5bf9\u79f0\u52a0\u5bc6\u7528\u7684\u8bc1\u4e66-cer-pfx\u6587\u4ef6"},"content":{"rendered":"

\u9996\u5148\uff0c\u5173\u4e8eRSA\u7684\u52a0\u5bc6\u4ecb\u7ecd\u6587\u7ae0\uff0c\u5c31\u4e0d\u591a\u8bf4\u4e86\u3002\u76f4\u63a5\u770b\u8fd9\u4e2a\u7f51\u9875\u5427\uff08\u4f5c\u8005\u5199\u7684\u8ba1\u7b97\u673a\u79d1\u666e\u6587\u7ae0\u662f\u6781\u597d\u7684\uff09<\/p>\n

http:\/\/www.ruanyifeng.com\/blog\/2013\/06\/rsa_algorithm_part_one.html<\/p>\n

\u6211\u8981\u5b9e\u73b0\u7684\u529f\u80fd\u5c31\u662f\u901a\u8fc7\u8fd9\u5bf9\u516c\u94a5\u548c\u5bc6\u94a5\uff0c\u5b9e\u73b0\u5ba2\u6237\u7aef\u8f6f\u4ef6\u5bf9\u5bc6\u7801\u8fdb\u884c\u52a0\u5bc6\uff08\u91c7\u7528\u516c\u94a5\uff09\uff0c\u7136\u540e\u7f51\u7ad9\u7aef\uff08php\uff09\u91c7\u7528\u5bc6\u94a5\u8fdb\u884c\u89e3\u5bc6\u9a8c\u8bc1\u3002<\/p>\n

\u5f00\u59cb\u5427\u3002<\/p>\n


\n

php\u670d\u52a1\u7aef\u5229\u7528\u5185\u7f6e\u51fd\u6570\u751f\u6210\u516c\u94a5\u548c\u5bc6\u94a5\u3002\u8bb0\u5f97\u8fd9\u9700\u8981php\u670d\u52a1\u5668\u5b89\u88c5\u4e86openssl\u6269\u5c55\u3002\u5148\u751f\u6210cer\u6587\u4ef6\u548cpfx\u6587\u4ef6\u3002cer\u6587\u4ef6\u76f8\u5f53\u4e8e\u516c\u94a5\uff08\u53ef\u4ee5\u53d1\u7ed9\u5ba2\u6237\u7aef\uff09\uff0cpfx\u662f\u5bc6\u94a5\uff08\u5fc5\u987b\u4e25\u683c\u4fdd\u5b58\u4e8e\u670d\u52a1\u5668\u7aef\u4e0d\u80fd\u6cc4\u9732\uff09\u3002<\/p>\n

 $dn = array(\r\n \"countryName\" => 'zh', \/\/\u6240\u5728\u56fd\u5bb6\u540d\u79f0\r\n \"stateOrProvinceName\" => 'GuangDong', \/\/\u6240\u5728\u7701\u4efd\u540d\u79f0\r\n \"localityName\" => 'ShenZhen', \/\/\u6240\u5728\u57ce\u5e02\u540d\u79f0\r\n \"organizationName\" => 'baibai', \/\/\u6ce8\u518c\u4eba\u59d3\u540d\r\n \"organizationalUnitName\" => 'company', \/\/\u7ec4\u7ec7\u540d\u79f0\r\n \"commonName\" => 'bbb', \/\/\u516c\u5171\u540d\u79f0\r\n \"emailAddress\" => '123@.qq.com' \/\/\u90ae\u7bb1\r\n );\r\n $privkeypass = 'cf'; \/\/\u79c1\u94a5\u5bc6\u7801\r\n $numberofdays = 3650; \/\/\u6709\u6548\u65f6\u957f\r\n $cerpath = \".\/test.cer\"; \/\/\u751f\u6210\u8bc1\u4e66\u8def\u5f84\r\n $pfxpath = \".\/test.pfx\"; \/\/\u5bc6\u94a5\u6587\u4ef6\u8def\u5f84\/\/\u751f\u6210\u8bc1\u4e66\r\n $privkey = openssl_pkey_new();\r\n $csr = openssl_csr_new($dn, $privkey);\r\n $sscert = openssl_csr_sign($csr, null, $privkey, $numberofdays);\r\n openssl_x509_export_to_file($sscert, $cerpath); \/\/\u5bfc\u51fa\u8bc1\u4e66\u5230\u6587\u4ef6\r\n \/\/openssl_pkcs12_export_to_file($sscert, $pfxpath, $privkey, $privkeypass); \/\/\u751f\u6210\u5bc6\u94a5\u6587\u4ef6\r\n openssl_pkey_export_to_file($privkey, $pfxpath); \/\/\u751f\u6210\u5bc6\u94a5\u6587\u4ef6<\/pre>\n

\u4ee5\u4e0b\u662f\u662fphp\u7aef\u8fdb\u884c\u7b80\u5355\u6d4b\u8bd5\u7684\u4ee3\u7801\uff1a<\/p>\n

\/*\r\n \/\/\u79c1\u94a5\u52a0\u5bc6\r\n $cer_key = file_get_contents($pfxpath); \/\/\u83b7\u53d6\u5bc6\u94a5\u5185\u5bb9\r\n openssl_pkcs12_read($cer_key, $certs, $privkeypass);\r\n openssl_sign($data, $signMsg, $certs['pkey'],OPENSSL_ALGO_SHA1); \/\/\u6ce8\u518c\u751f\u6210\u52a0\u5bc6\u4fe1\u606f\r\n $signMsg = base64_encode($signMsg); \/\/base64\u8f6c\u7801\u52a0\u5bc6\u4fe1\u606f\r\n \/\/echo $signMsg;\r\n \r\n \r\n \/\/\u516c\u94a5\u89e3\u5bc6\r\n $cer_key = file_get_contents($cerpath); \/\/\u83b7\u53d6\u8bc1\u4e66\u5185\u5bb9\r\n $unsignMsg=base64_decode($signMsg);\/\/base64\u89e3\u7801\u52a0\u5bc6\u4fe1\u606f\r\n $cer = openssl_x509_read($cer_key); \/\/\u8bfb\u53d6\u516c\u94a5\r\n $res = openssl_verify($data, $unsignMsg, $cer); \/\/\u9a8c\u8bc1\r\n echo $res; \/\/\u8f93\u51fa\u9a8c\u8bc1\u7ed3\u679c\uff0c1\uff1a\u9a8c\u8bc1\u6210\u529f\uff0c0\uff1a\u9a8c\u8bc1\u5931\u8d25\r\n *\/\r\n \r\n \r\n \r\n $data = \"123456\";\r\n $crypted = \"\";\r\n $key = file_get_contents($cerpath);\r\n \/\/\u516c\u94a5\u52a0\u5bc6\r\n openssl_public_encrypt($data, $crypted, $key);\r\n echo base64_encode($crypted).\"<br>\";\r\n \/\/echo $crypted.\"<br>\";\r\n \r\n \/\/\u79c1\u94a5\u89e3\u5bc6\r\n $decrypted = \"\";\r\n $s = file_get_contents($pfxpath);\r\n \/\/echo \"<br>$s<br>\";\r\n $key2 = openssl_pkey_get_private(file_get_contents($pfxpath));\r\n\r\n if(openssl_private_decrypt($crypted, $decrypted, $key2)){\r\n echo $decrypted;\r\n }\r\n else{\r\n echo \"failed\";\r\n }<\/pre>\n

 <\/p>\n


\n

\u5ba2\u6237\u7aef\u901a\u8fc7\u52a0\u8f7dcer\u6587\u4ef6\uff0c\u5c06\u8981\u52a0\u5bc6\u7684\u6587\u672c\u7528\u516c\u94a5\u52a0\u5bc6\u3002\u4ee5\u4e0b\u662f\u4e00\u4e2a\u51fd\u6570<\/p>\n

\/\/\u901a\u8fc7\u8bfb\u53d6\u672c\u5730\u7684cer\u6587\u4ef6\uff0c\u5f97\u5230\u516c\u94a5\uff0c\u7136\u540e\u5bf9\u6587\u672c\u5185\u5bb9\u52a0\u5bc6\uff0c\u8fd4\u56de\u52a0\u5bc6\u540e\u7684\u6587\u672c\uff0c\u6700\u540e\u4f20\u5230\u670d\u52a1\u5668\u7aef\uff0c\u4e0e\u5bc6\u94a5\u8fdb\u884c\u6bd4\u5bf9\r\npublic static String getRSAText(Context context,String strText){\r\n\r\n    try {\r\n        \/\/\u8bfb\u53d6\u8bc1\u4e66\u6587\u4ef6\r\n\r\n        InputStream inStream = context.getResources().getAssets().open(\"test.cer\");\r\n        \/\/\u521b\u5efaX509\u5de5\u5382\u7c7b\r\n        CertificateFactory cf = CertificateFactory.getInstance(\"X.509\");\r\n        \/\/\u521b\u5efa\u8bc1\u4e66\u5bf9\u8c61\r\n        X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream);\r\n        inStream.close();\r\n\r\n        Cipher c1 = Cipher.getInstance(\"RSA\/None\/PKCS1Padding\");\r\n\r\n        c1.init(Cipher.PUBLIC_KEY, cert);\r\n        byte[] cipherText = c1.doFinal(strText.getBytes());\r\n\r\n\r\n        \/\/base64\u8f6c\u6362\u4e00\u4e0b\uff0c\u65b9\u4fbf\u4f20\u8f93\r\n        String res = Base64.encodeToString(cipherText,Base64.DEFAULT);\r\n        return res;\r\n\r\n\r\n    }\r\n    catch (InvalidKeyException e){\r\n\r\n    }\r\n    catch (IOException e){\r\n\r\n    }\r\n    catch (CertificateException e){\r\n\r\n    }\r\n    catch (NoSuchPaddingException e){\r\n\r\n    }\r\n    catch (IllegalBlockSizeException e){\r\n\r\n    }\r\n    catch (BadPaddingException e){\r\n\r\n    }\r\n    catch (NoSuchAlgorithmException e){\r\n\r\n    }\r\n    return \"\";\r\n}<\/pre>\n
\n

\u4e0b\u8fb9\u662fphp\u7aef\u7528pfx\u6587\u4ef6\uff08\u91cc\u8fb9\u653e\u6709\u5bc6\u94a5\uff09\u8fdb\u884c\u89e3\u5bc6\u7684\u4ee3\u7801\u3002\u6211\u6539\u5199\u6210\u4e86\u4e00\u4e2a\u51fd\u6570\u3002\u53c2\u6570\u662fpfx\u6587\u4ef6\u8def\u5f84\uff0cpfx\u6587\u4ef6\u540d\uff0c\u8981\u89e3\u5bc6\u7684\u5b57\u7b26\u4e32<\/p>\n

function getPassword( $path,$pfx_file_name,$str ){ \r\n $pfxpath = $path . \"\/public\/$pfx_file_name\"; \/\/\u5bc6\u94a5\u6587\u4ef6\u8def\u5f84\r\n \/\/$cerpath = \".\/test.cer\"; \/\/\u751f\u6210\u8bc1\u4e66\u8def\u5f84\r\n \/\/\u79c1\u94a5\u89e3\u5bc6\r\n $decrypted = \"\";\r\n \r\n $key2 = openssl_pkey_get_private(file_get_contents($pfxpath)); \r\n\r\n $res = openssl_private_decrypt(base64_decode($str), $decrypted, $key2);\r\n \r\n if($res){\r\n \r\n return $decrypted;\r\n }\r\n else{\r\n return \"\";\r\n }\r\n\r\n}<\/pre>\n","protected":false},"excerpt":{"rendered":"

\u9996\u5148\uff0c\u5173\u4e8eRSA\u7684\u52a0\u5bc6\u4ecb\u7ecd\u6587\u7ae0\uff0c\u5c31\u4e0d\u591a\u8bf4\u4e86\u3002\u76f4\u63a5\u770b\u8fd9\u4e2a\u7f51\u9875\u5427\uff08\u4f5c\u8005\u5199\u7684\u8ba1\u7b97\u673a\u79d1\u666e\u6587\u7ae0\u662f\u6781\u597d\u7684\uff09 http:\/\/www.ruanyifeng.com\/blog\/2013\/06\/rsa_algorithm_part_one.html \u6211\u8981\u5b9e\u73b0\u7684\u529f\u80fd\u5c31\u662f\u901a\u8fc7\u8fd9\u5bf9\u516c\u94a5\u548c\u5bc6\u94a5\uff0c\u5b9e\u73b0\u5ba2\u6237\u7aef\u8f6f\u4ef6\u5bf9\u5bc6\u7801\u8fdb\u884c\u52a0\u5bc6\uff08\u91c7\u7528\u516c\u94a5\uff09\uff0c\u7136\u540e\u7f51\u7ad9\u7aef\uff08php\uff09\u91c7\u7528\u5bc6\u94a5\u8fdb\u884c\u89e3\u5bc6\u9a8c\u8bc1\u3002 \u5f00\u59cb\u5427\u3002 php\u670d\u52a1\u7aef\u5229\u7528\u5185\u7f6e\u51fd\u6570\u751f\u6210\u516c\u94a5\u548c\u5bc6\u94a5\u3002\u8bb0\u5f97\u8fd9\u9700\u8981php\u670d\u52a1\u5668\u5b89\u88c5\u4e86openssl\u6269\u5c55\u3002\u5148\u751f\u6210cer\u6587\u4ef6\u548cpfx\u6587\u4ef6\u3002cer\u6587\u4ef6\u76f8\u5f53\u4e8e\u516c\u94a5\uff08\u53ef\u4ee5\u53d1\u7ed9\u5ba2\u6237\u7aef\uff09\uff0cpfx\u662f\u5bc6\u94a5\uff08\u5fc5\u987b\u4e25\u683c\u4fdd\u5b58\u4e8e\u670d\u52a1\u5668\u7aef\u4e0d\u80fd\u6cc4\u9732\uff09\u3002 $dn = array( “<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1,224],"tags":[285],"_links":{"self":[{"href":"http:\/\/www.youthtribe.com\/wp-json\/wp\/v2\/posts\/1682"}],"collection":[{"href":"http:\/\/www.youthtribe.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.youthtribe.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.youthtribe.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.youthtribe.com\/wp-json\/wp\/v2\/comments?post=1682"}],"version-history":[{"count":9,"href":"http:\/\/www.youthtribe.com\/wp-json\/wp\/v2\/posts\/1682\/revisions"}],"predecessor-version":[{"id":1698,"href":"http:\/\/www.youthtribe.com\/wp-json\/wp\/v2\/posts\/1682\/revisions\/1698"}],"wp:attachment":[{"href":"http:\/\/www.youthtribe.com\/wp-json\/wp\/v2\/media?parent=1682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.youthtribe.com\/wp-json\/wp\/v2\/categories?post=1682"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.youthtribe.com\/wp-json\/wp\/v2\/tags?post=1682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}