openssl genrsa -out rsa_private_key.pem 1024 (with out password protected)
openssl genrsa -des3 -out rsa_private_key.pem 1024/2048 (password protected)
openssl pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt -out private_key.pem openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem 第一条命令生成原始 RSA私钥文件 rsa_private_key.pem,第二条命令将原始 RSA私钥转换为 pkcs8格式,第三条生成RSA公钥 rsa_public_key.pem从上面看出通过私钥能生成对应的公钥,因此我们将私钥private_key.pem用在服务器端,公钥发放给别的对接对象
<?php $private_key = "-----BEGIN PRIVATE KEY----- MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKLBOqHsJt5tv6sS 4kKCw6qYNeKyC1eBWp1Xr0Wbw+zBlpdBiVYSvkzeQ3bqVUC9bqjZL4CKdT6TPmoh +2dh8tQ8bUaDDSG2Ni6eaCW4N4a9Yw7Iu16Ubq39o55FF8Wgq4QaOc5Lw/Wybr5f WDUmTQsCXxxs12b0JdWWw83OHxQ5AgMBAAECgYATnSnNvcHpaFyC52GxFkUyV+mW ilJnl0UuVRTgVKdF7waQ7+r3HockiFylBhSEGtAtNQ9OdGEwy1noPHQpv1oeHGev 8tERuYZb5wjenoANiwpHYbSh7lXBgL7xhLxFhQoKjVWsn+oA8Hxk0rgAcH2jNnI6 dUr+O5gYeeaM2twcIQJBANkAELnD4IPwAx6UcNQ0oHdg7q/nW70bHRiME40/4WM1 TNa6AraNEsgOpg5zGsttRZG1UMYOedP3RY7j3NNCha0CQQDAAWRhVhKhtU0ZYEMC yDrmyKzmlk7Z7fzxyJMXVvF8rpA51SxRQX2Czd5jzCwJYnieMIpi/n0Fhwxu2dK5 nWI9AkAQ7E9hnWQKBhLINL1j30LQbI/QyhM+eTnYqzvvHRc/vG1kpZcGk5PuZC4R HGrviHMPfPtyprhbjoIvNZgIJbz1AkEAvz/ju6yfjGFptZATz26gdQaIanpnel26 qR8vnHzmt1mtoV178kf4e9UR4ngZmRNzr6YMAgUZhOr68GOZqXdhxQJABuFWCvrR wlCmabSDlBoYEgrXcaACtgJD80tSqfb+kPmxSMwBqJS99KvAsKjcksmGqK8Ccf8R PTiycU8gCjI01Q== -----END PRIVATE KEY-----"; $public_key = "-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCiwTqh7Cbebb+rEuJCgsOqmDXi sgtXgVqdV69Fm8PswZaXQYlWEr5M3kN26lVAvW6o2S+AinU+kz5qIftnYfLUPG1G gw0htjYunmgluDeGvWMOyLtelG6t/aOeRRfFoKuEGjnOS8P1sm6+X1g1Jk0LAl8c bNdm9CXVlsPNzh8UOQIDAQAB -----END PUBLIC KEY-----"; //echo $private_key; $pi_key = openssl_pkey_get_private($private_key);//这个函数可用来判断私钥是否是可用的,可用返回资源id Resource id $pu_key = openssl_pkey_get_public($public_key);//这个函数可用来判断公钥是否是可用的 print_r($pi_key);echo "<br/>"; print_r($pu_key);echo "<br/>"; $data = "ahreheesrrthtrjrj";//原始数据 $encrypted = ""; $decrypted = ""; echo "source data:",$data,"<br/>"; echo "private key encrypt:<br/>"; echo "<hr/>"; openssl_private_encrypt($data,$encrypted,$pi_key);//私钥加密 $encrypted = base64_encode($encrypted); //加密后的内容通常含有特殊字符,需要编码转换下,在网络间通过url传输时要注意base64编码是否是url安全的 echo $encrypted,"<br/>"; openssl_public_decrypt(base64_decode($encrypted),$decrypted,$pu_key);//私钥加密的内容通过公钥可用解密出来 echo $decrypted,"\n"; echo "<hr/><hr/>"; echo "公钥加密,私钥解密","<hr/>"; openssl_public_encrypt($data,$encrypted,$pu_key); $encrypted = base64_encode($encrypted); echo $encrypted,"<br/>"; openssl_private_decrypt(base64_decode($encrypted),$decrypted,$pi_key); echo $decrypted;
