本文实例讲述了PHP实现的MD5结合RSA签名算法。分享给大家供大家参考,具体如下:
<?php class Md5RSA{ /**
public function sign($data='') { if (empty($data)) { return False; } $private_key = file_get_contents(dirname(__FILE__).'/rsa_private_key.pem'); if (empty($private_key)) { echo "Private Key error!"; return False; } $pkeyid = openssl_get_privatekey($private_key); if (empty($pkeyid)) { echo "private key resource identifier False!"; return False; } $verify = openssl_sign($data, $signature, $pkeyid, OPENSSL_ALGO_MD5); openssl_free_key($pkeyid); return $signature; } /**
/【一个开发人员,能懂服务器量好,反之一个服务器维护人员,也应该懂开发】/ public function isValid($data='', $signature='') { if (empty($data) || empty($signature)) { return False; } $public_key = file_get_contents(dirname(__FILE__).'/rsa_public_key.pem'); if (empty($public_key)) { echo "Public Key error!"; return False; } $pkeyid = openssl_get_publickey($public_key); if (empty($pkeyid)) { echo "public key resource identifier False!"; return False; } $ret = openssl_verify($data, $signature, $pkeyid, OPENSSL_ALGO_MD5); switch ($ret) { case -1: echo "error"; break; default: echo $ret==1 ? "correct" : "incorrect";//0:incorrect break; } return $ret; } }
附:openssl生成证书以及获取公钥和私钥说明 一、RSA方式
touch index.txt openssl req -new -x509 -newkey rsa:1024 -keyout CA.key -out CA.pem (生成自签名CA证书)
openssl rsa -in ddmdd_a.key -pubout -out ddmdd_a.pub (导出公钥)
openssl ca -keyfile CA.key -cert CA.pem -in subca_rsareq.pem -out subca.pem -notext (签发二级CA证书)
openssl pkcs12 -export -in ddmdd_a.pem -inkey ddmdd_a_rsakey.pem -out ddmdd_a.pfx openssl pkcs12 -in ddmdd_a.pfx -out ddmdd_a.pem openssl rsa -in ddmdd_a.key -out ddmdd_a_open.key (删除私钥密码)
openssl ca -keyfile CA.key -cert CA.pem -revoke ddmdd_a.pem (从CA中撤消证书ddmdd_a.pem) openssl ca -gencrl -keyfile CA.key -cert CA.pem -out CA.crl (生成或更新证书撤消列表)
二、DSA方式
touch index.txt openssl dsaparam -out CA.para 1024 (生成dsa参数文件) openssl req -new -x509 -newkey dsa:CA.para -keyout CA.key -out CA.pem (使用dsa参数生成自签名CA证书)
openssl req -new -newkey dsa:ddmdd_b.para -keyout ddmdd_b.key -out ddmdd_b.req (使用dsa参数生成ddmdd_b的密钥和证书请求,注意: 此处所填写的用户信息必须与CA证书信息完全一致) openssl dsa -in ddmdd_b.key -pubout -out ddmdd_b.pub (导出公钥)
三、获取公钥和私钥 a) 通过以上方法的生成证书的,可以通过一下命令获得公钥和私钥。 导出公钥: DSA方式:openssl dsa -in ddmdd_b.key -pubout -out ddmdd_b.pub.pem RSA方式:openssl rsa -in ddmdd_a.key -pubout -out ddmdd_a.pub.pem 导出私钥: openssl rsa -in server.key -text > private.pem b)直接生成公钥和私钥: openssl genrsa -out private.pem 1024 openssl pkcs8 -nocrypt -topk8 -in private.pem -out pkcs8.pem openssl rsa -pubout -in private.pem public.pem
本文系转载,前往查看
如有侵权,请联系 cloudcommunity@tencent.com 删除。
本文系转载,前往查看
如有侵权,请联系 cloudcommunity@tencent.com 删除。