PHP中使用OpenSSL生成证书及加密解密

依赖于OpenSSL扩展:

  1. /*加密解密*/
  2. functionauthcode($string,$operation='E') {
  3. $ssl_public=file_get_contents(DATA_PATH."/conf/cert_public.key");
  4. $ssl_private=file_get_contents(DATA_PATH."/conf/cert_private.pem");
  5. $pi_key= openssl_pkey_get_private($ssl_private);//这个函数可用来判断私钥是否是可用的,可用返回资源id Resource id
  6. $pu_key= openssl_pkey_get_public($ssl_public);//这个函数可用来判断公钥是否是可用的
  7. if(false == ($pi_key||$pu_key))return'证书错误'
  8. $data="";
  9. if($operation=='D'){
  10. openssl_private_decrypt(base64_decode($string),$data,$pi_key);//私钥解密
  11. }else{
  12. openssl_public_encrypt($string,$data,$pu_key);//公钥加密
  13. $data=base64_encode($data);
  14. }
  15. return$data;
  16. }
  17. /*生成证书*/
  18. functionexportOpenSSLFile(){
  19. $config=array(
  20. "digest_alg" =>"sha512",
  21. "private_key_bits"=> 4096, //字节数 512 1024 2048 4096 等
  22. "private_key_type"=> OPENSSL_KEYTYPE_RSA, //加密类型
  23. );
  24. $res= openssl_pkey_new($config);
  25. if($res== false)returnfalse;
  26. openssl_pkey_export($res,$private_key);
  27. $public_key= openssl_pkey_get_details($res);
  28. $public_key=$public_key["key"];
  29. file_put_contents(DATA_PATH."/conf/cert_public.key",$public_key);
  30. file_put_contents(DATA_PATH."/conf/cert_private.pem",$private_key);
  31. openssl_free_key($res);
  32. }