产品网站推广方案,外国网页设计网站,使用软件提高百度推广排名,仿站网站域名PHP服务端与客户端交互或者提供开放API时#xff0c;通常需要对敏感的数据进行加密#xff0c;这时候rsa非对称加密就能派上用处了。 举个通俗易懂的例子#xff0c;假设我们再登录一个网站#xff0c;发送账号和密码#xff0c;请求被拦截了。 密码没加密#xff0c;那攻…PHP服务端与客户端交互或者提供开放API时通常需要对敏感的数据进行加密这时候rsa非对称加密就能派上用处了。 举个通俗易懂的例子假设我们再登录一个网站发送账号和密码请求被拦截了。 密码没加密那攻击者就直接拿到了密码这是最搓的。密码加密了是不可逆加密那攻击者只需要模拟那个请求即可登录。密码加密了是可逆加密其中携带有时间等参数后台可以根据时间等参数来判断是否有效但因为是在前端加密其加密方式也能在代码中找到找到加密方式就可以得出解密方式。但是如果我们使用非对称加密就可以避免以上问题。 非对称加密算法需要两个密钥来进行加密和解密这两个秘钥是公开密钥public key简称公钥和私有密钥private key简称私钥。 工作过程如下甲乙之间使用非对称加密的方式完成了重要信息的安全传输。 乙方生成一对密钥公钥和私钥并将公钥向其它方公开。得到该公钥的甲方使用该密钥对机密信息进行加密后再发送给乙方。乙方再用自己保存的另一把专用密钥私钥对加密后的信息进行解密。乙方只能用其专用密钥私钥解密由对应的公钥加密后的信息。在传输过程中即使攻击者截获了传输的密文并得到了乙的公钥也无法破解密文因为只有乙的私钥才能解密密文。 同样如果乙要回复加密信息给甲那么需要甲先公布甲的公钥给乙用于加密甲自己保存甲的私钥用于解密。 在非对称加密中使用的主要算法有RSA、Elgamal、背包算法、Rabin、D-H、ECC椭圆曲线加密算法等。 下面我们通过一个例子来说明如何用PHP来实现RSA的加密解密。 ?php
class Rsa
{public $privateKey ;public $publicKey ;public function __construct(){$resource openssl_pkey_new();openssl_pkey_export($resource, $this-privateKey);$detail openssl_pkey_get_details($resource);$this-publicKey $detail[key];}public function publicEncrypt($data, $publicKey){openssl_public_encrypt($data, $encrypted, $publicKey);return $encrypted;}public function publicDecrypt($data, $publicKey){openssl_public_decrypt($data, $decrypted, $publicKey);return $decrypted;}public function privateEncrypt($data, $privateKey){openssl_private_encrypt($data, $encrypted, $privateKey);return $encrypted;}public function privateDecrypt($data, $privateKey){openssl_private_decrypt($data, $decrypted, $privateKey);return $decrypted;}
}$rsa new Rsa();
echo 公钥\n, $rsa-publicKey, \n;
echo 私钥\n, $rsa-privateKey, \n;// 使用公钥加密
$str $rsa-publicEncrypt(hello, $rsa-publicKey);
// 这里使用base64是为了不出现乱码默认加密出来的值有乱码
$str base64_encode($str);
echo 公钥加密base64处理过\n, $str, \n;
$str base64_decode($str);
$pubstr $rsa-publicDecrypt($str, $rsa-publicKey);
echo 公钥解密\n, $pubstr, \n;
$privstr $rsa-privateDecrypt($str, $rsa-privateKey);
echo 私钥解密\n, $privstr, \n;// 使用私钥加密
$str $rsa-privateEncrypt(world, $rsa-privateKey);
// 这里使用base64是为了不出现乱码默认加密出来的值有乱码
$str base64_encode($str);
echo 私钥加密base64处理过\n, $str, \n;
$str base64_decode($str);
$pubstr $rsa-publicDecrypt($str, $rsa-publicKey);
echo 公钥解密\n, $pubstr, \n;
$privstr $rsa-privateDecrypt($str, $rsa-privateKey);
echo 私钥解密\n, $privstr, \n; 大家执行一下可以看到公钥加密的数据只有私钥能解密反之亦然私钥加密的数据只有公钥能解码。 执行结果如下 这是PHP端的实现可用在第三方跟平台之间的数据传输但如果是前端传到后端该怎么办呢搜索了一下发现了这个库jsencrypt。 使用jsencrypt加密解密的例子如下 !DOCTYPE html
html
headtitleJSEncrypt Example/titlebase idbasetag href/jsencrypt-2.3.0/meta http-equivContent-Type contenttext/html; charsetUTF-8meta nameviewport contentwidthdevice-width, initial-scale1.0script srcjquery.js/scriptscript typetext/javascript srcbin/jsencrypt.js/script
/head
bodydiv classcontainerscript typetext/javascript// Call this code when the page is done loading.$(function() {// Run a quick encryption/decryption when they click.$(#testme).click(function() {// Encrypt with the public key...var encrypt new JSEncrypt();encrypt.setPublicKey($(#pubkey).val());var encrypted encrypt.encrypt($(#input).val());console.log(encrypted)// Decrypt with the private key...var decrypt new JSEncrypt();decrypt.setPrivateKey($(#privkey).val());var uncrypted decrypt.decrypt(encrypted);console.log(uncrypted)// Now a simple check to see if the round-trip worked.if (uncrypted $(#input).val()) {alert(It works!!!);} else {alert(Something went wrong....);}});});
/scriptlabel forprivkeyPrivate Key/labelbr/
textarea idprivkey rows15 cols65-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDkaTKbAERvJGE0
jGsdPXUI1FpO1uDkBkuuQU4LRv0Quw9r8jfVNkN9rZVXMV7MiGOgb80Z0k9zRxZ
5KWOqMnSlrpyO3WjhFpDJeSmqZ4wLMFwmxrr31AjabD5Nkf9dQ7RiEIuM49g27M
3OFvdIPcLgCyXnkl8FwBceBs38QbCXY5MrwlZr13yWZnyj6fbbG8t4atAzJ6bnj3
FZuvynC3QnMaVi6YnTIlBOUOHtqt/jsUTOCWkwKqkZhRZF2fx3IFkSpJAOMgT5p
jSnfEJkK5E4JJHobLo/dFO0J7Gveqb/lfJ9UpnZe78N1TAvbJiNZoN22ghbuIAW
M5qqIqOzAgMBAAECggEBAItUJFtqoVQOpADys/UirNpjzbVJmjwXyNN3cnmW0g
PjsBrYaqUCcUwLlMU2Bfg86w6jRokdWgL3t4m7Kkl8SkUuQgc5z/mP3tdPNkB6
vJDc/GIPeYnwidSrKOTSB/UGoiAesYJK6aCaiCV9tIWVxjUH7eyXnvfqAChyrUW
PG/FirLyYmz1yRG99VKKEiEIzemGSswU0DI0bwTFQ0MunLeJf0EdT20XppNwnl4
uoRgOBpMkW02vxDDWke2YIpk128KFRtPE3zF7WPrb3ifMuQHSqDdqTgZA5G3A9
Dlwczy950mIBpJ8rKQGjJ51ZT5WVMET9Hb9nUIECgYEA9NluRzIi9tZxwQa2
KdU8WAtWZZQZfG18mSFg8/QYrAGF2TyLAW0mEIe7nQXxPzm50HdpxTJCkUrXGm3u
hfPayx18H4oVVYRepSSfVxe7wdogJWV6i5h/LaZsiTk1O8vF9Cwc3yUyVoMtKsg
yVcsONOzo/Kg/vwejQJb1C8dNvMCgYEA7tAewjA25vDmfiWZ0lrWKlwGQZ97pMU
XN12DWxL1Lvi6jBKXlKEiz19Qm/mBz9RxrDDY4/o0IjtTxdOh5thDaiqIcnqQn
PiBpm7zbheZOlPBGjFJ1vwueIWvqbx9vcqHik/4xHwuFNwQYCSpVpVoqrgoN/h/
fX5hKm1kEECgYEAzn69UZAICtLKNveZEjBLqPJJnvjjpur1F1hLfzz/cR/BLnZ
pcdOrew7HuPCTp6kB7VJLRr0VF6gVCf3gsUta4AsVqvqeXRoF/XSB84wEh0Ug
nNKnUwEQ2DvjPW3G8rfOyGcNE5YntogGY3KPtbUDvWmL8WjYlrV5Toi0l8CgYAQ
Ujr37JGkAOzPzEQSA1FFvdpTm9GU1TJK6GI01DvbhPZC4nZnnAND/OTVqI4hCq
vNF4GTCV/QLq3QBGG5RCh/Vf7TTBscD0PVGxoZRTozpaQ8rNoNP38EK7ru80gL
npK8qI03nWxRH3cin8lN6X3GoOZyECMvbXPwQKBgEeDjwTWxVhH/uksO3pw
MgbHjauD6AjuW9jc2a7ngFCWSQxQ3xK1Spn6pbVdLPiBgInxCIl8d6S1yFU0Uan
iZHgy4fs1hdJRSuJ6qydqSwlS2CgDpyY8ye0ijq5VYYhKcpJCrCgaQGbleuaUd
ldp7v1FD8uyeemknGA35f6Id
-----END PRIVATE KEY-----/textareabr/
label forpubkeyPublic Key/labelbr/
textarea idpubkey rows15 cols65-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GkymwBEbyRhNIxrHT11
CNRaTtbg5AZLrkFOC0b9ELsPa/I/n1TZDfa2VVzFezIhjoG/NGdJPc0cWeSljqjJ
0pa6cjt1o4RaQyXkpqmeMCzBcJsa699QI2mwTZH/XUO0YhCLjOPYNu/jNzhb3SD
3C4Asl55JfBcAXHgbN/EGwl2OTK8JWa9d8lmZ8on22xvLeGrQMyem549xWbr8pw
t0JzGlYumJ0yJQTlDh7arf47FEzglpMCqpGYfkWRdn8dyBZEqSQDjIEaY0p3xCZ
CuROCSR6Gy6P3RTtCexr3vqm/5XyfVKZ2Xu/DdUwL2yYjWaDdtoIW7iAFjOaqiKj
swIDAQAB
-----END PUBLIC KEY-----/textareabr/
label forinputText to encrypt:/labelbr/
textarea idinput nameinput typetext rows4 cols70This is a test!/textareabr/
input idtestme typebutton valueTest Me!!! /br//div
/body
/html 其中的公钥和私钥都是上面PHP代码中生成的这边好像只有公钥加密私钥解密。 拿到其中打印出的加密后的数据尝试在PHP中进行解密可以看到也能解密成功。代码如下 ?php
class Rsa
{public $privateKey -----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDkaTKbAERvJGE0
jGsdPXUI1FpO1uDkBkuuQU4LRv0Quw9r8jfVNkN9rZVXMV7MiGOgb80Z0k9zRxZ
5KWOqMnSlrpyO3WjhFpDJeSmqZ4wLMFwmxrr31AjabD5Nkf9dQ7RiEIuM49g27M
3OFvdIPcLgCyXnkl8FwBceBs38QbCXY5MrwlZr13yWZnyj6fbbG8t4atAzJ6bnj3
FZuvynC3QnMaVi6YnTIlBOUOHtqt/jsUTOCWkwKqkZhRZF2fx3IFkSpJAOMgT5p
jSnfEJkK5E4JJHobLo/dFO0J7Gveqb/lfJ9UpnZe78N1TAvbJiNZoN22ghbuIAW
M5qqIqOzAgMBAAECggEBAItUJFtqoVQOpADys/UirNpjzbVJmjwXyNN3cnmW0g
PjsBrYaqUCcUwLlMU2Bfg86w6jRokdWgL3t4m7Kkl8SkUuQgc5z/mP3tdPNkB6
vJDc/GIPeYnwidSrKOTSB/UGoiAesYJK6aCaiCV9tIWVxjUH7eyXnvfqAChyrUW
PG/FirLyYmz1yRG99VKKEiEIzemGSswU0DI0bwTFQ0MunLeJf0EdT20XppNwnl4
uoRgOBpMkW02vxDDWke2YIpk128KFRtPE3zF7WPrb3ifMuQHSqDdqTgZA5G3A9
Dlwczy950mIBpJ8rKQGjJ51ZT5WVMET9Hb9nUIECgYEA9NluRzIi9tZxwQa2
KdU8WAtWZZQZfG18mSFg8/QYrAGF2TyLAW0mEIe7nQXxPzm50HdpxTJCkUrXGm3u
hfPayx18H4oVVYRepSSfVxe7wdogJWV6i5h/LaZsiTk1O8vF9Cwc3yUyVoMtKsg
yVcsONOzo/Kg/vwejQJb1C8dNvMCgYEA7tAewjA25vDmfiWZ0lrWKlwGQZ97pMU
XN12DWxL1Lvi6jBKXlKEiz19Qm/mBz9RxrDDY4/o0IjtTxdOh5thDaiqIcnqQn
PiBpm7zbheZOlPBGjFJ1vwueIWvqbx9vcqHik/4xHwuFNwQYCSpVpVoqrgoN/h/
fX5hKm1kEECgYEAzn69UZAICtLKNveZEjBLqPJJnvjjpur1F1hLfzz/cR/BLnZ
pcdOrew7HuPCTp6kB7VJLRr0VF6gVCf3gsUta4AsVqvqeXRoF/XSB84wEh0Ug
nNKnUwEQ2DvjPW3G8rfOyGcNE5YntogGY3KPtbUDvWmL8WjYlrV5Toi0l8CgYAQ
Ujr37JGkAOzPzEQSA1FFvdpTm9GU1TJK6GI01DvbhPZC4nZnnAND/OTVqI4hCq
vNF4GTCV/QLq3QBGG5RCh/Vf7TTBscD0PVGxoZRTozpaQ8rNoNP38EK7ru80gL
npK8qI03nWxRH3cin8lN6X3GoOZyECMvbXPwQKBgEeDjwTWxVhH/uksO3pw
MgbHjauD6AjuW9jc2a7ngFCWSQxQ3xK1Spn6pbVdLPiBgInxCIl8d6S1yFU0Uan
iZHgy4fs1hdJRSuJ6qydqSwlS2CgDpyY8ye0ijq5VYYhKcpJCrCgaQGbleuaUd
ldp7v1FD8uyeemknGA35f6Id
-----END PRIVATE KEY-----;public $publicKey -----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GkymwBEbyRhNIxrHT11
CNRaTtbg5AZLrkFOC0b9ELsPa/I/n1TZDfa2VVzFezIhjoG/NGdJPc0cWeSljqjJ
0pa6cjt1o4RaQyXkpqmeMCzBcJsa699QI2mwTZH/XUO0YhCLjOPYNu/jNzhb3SD
3C4Asl55JfBcAXHgbN/EGwl2OTK8JWa9d8lmZ8on22xvLeGrQMyem549xWbr8pw
t0JzGlYumJ0yJQTlDh7arf47FEzglpMCqpGYfkWRdn8dyBZEqSQDjIEaY0p3xCZ
CuROCSR6Gy6P3RTtCexr3vqm/5XyfVKZ2Xu/DdUwL2yYjWaDdtoIW7iAFjOaqiKj
swIDAQAB
-----END PUBLIC KEY-----;public function __construct(){}public function publicEncrypt($data, $publicKey){openssl_public_encrypt($data, $encrypted, $publicKey);return $encrypted;}public function publicDecrypt($data, $publicKey){openssl_public_decrypt($data, $decrypted, $publicKey);return $decrypted;}public function privateEncrypt($data, $privateKey){openssl_private_encrypt($data, $encrypted, $privateKey);return $encrypted;}public function privateDecrypt($data, $privateKey){openssl_private_decrypt($data, $decrypted, $privateKey);return $decrypted;}
}$rsa new Rsa();// 使用公钥加密的内容
$str IUMBGcLwJECdxUu3LMbeEhGQdoRjCLqFwfZQBO/Odh3tClbq76Tva7yYqTVxexXLmZ3uY8DrOk/XwcVVRr6g9rBnv/zxBxUShCdN0CwkoguvI6Oju2aUBlM4FhUpgmasa5YfqylEp1RpsVAp67GMGlxZvp0ekfhFXkjSqAguPd7dKq5YjftP12xOyuJHAzzg7UeHxffxnneKqXkK7QrfQD6VrLpbYmayPSjMza/RbjXFd85UeUZUaF25PZ7Y7kD4Yo7/hY/L6peeOkI5//tpl6U4QY9VsFsjAbIpNMsZuNjE/cZ57Kc5WScPsmy0o9wsp5DUEJmuYYmr6adoA;
$str base64_decode($str);
$pubstr $rsa-publicDecrypt($str, $rsa-publicKey);
echo 公钥解密\n, $pubstr, \n;
$privstr $rsa-privateDecrypt($str, $rsa-privateKey);
echo 私钥解密\n, $privstr, \n; 解码结果如下 参考摘录 百度百科 非对称加密PHP文档 加密扩展 转载于:https://www.cnblogs.com/CraryPrimitiveMan/p/6242167.html
