注意:
如果私钥直接写在PHP变量中,绝对不能缩进,复制进去怎样就怎样(最好将公钥私钥放在文本里,通过php去获取)
RSA公钥/私钥在线生成:http://web.chacuo.net/netrsakeypair
通过以上网址生成公钥/私钥对,私钥格式这里选择【PKCS#1】,如:
公钥
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDN3El4yr2maFvDo5PKIzkkiitJ
ZEOTLNINH0RD0PL5Lob+YzbRJO6DX27SRuHcdlK7mFtkQvooW/oslsNxfpy/55WO
Rd4EcWoPG03oraX4pw3Yokw1XcMsfVv1exvcf0kaVKSThmJaN3KrgE4B+Ht2jRJ1
deHi3FFuPa6wJs0OoQIDAQAB
-----END PUBLIC KEY-----私钥
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDN3El4yr2maFvDo5PKIzkkiitJZEOTLNINH0RD0PL5Lob+YzbR
JO6DX27SRuHcdlK7mFtkQvooW/oslsNxfpy/55WORd4EcWoPG03oraX4pw3Yokw1
XcMsfVv1exvcf0kaVKSThmJaN3KrgE4B+Ht2jRJ1deHi3FFuPa6wJs0OoQIDAQAB
AoGABGAAFaPRZ4cPA3AC3VkKYpFqTmDyB0c5q5e5Ct+7bH1WaWc+e4U111ECVI09
MKSaisFu4bPkyvBoVc0FHmqa3eSQz9uRPCn3A9WsQRBaZtsXMJ3/iG6Lt7kwzZiY
olD25+wQb3OZvlLmoX1iU6Ihv0EnCGP47pUUB0PhM+8a+fECQQDRehgyB0oN2gZS
EXN1tJ3wDzHdddV1588T+LJEKYn426BzLMKMNYfg2vnZh6X00IkX4tdS8Lqe8sP0
P9toHJilAkEA+5SUEoj+nMeJDJQeP2tXqEGHrkE5Xys74WRTZzw3vxXHr8ao5Ktl
UDGw904CnsULOcqsHzcpiICR/U5FbaiBTQJAZoCtOEXS2eZW82+wpOdF5YM57llL
o89TyD0I1kvRROILqHA9nqhPHhto6SX0clBc1UBeByre1wqKEonwzgg4NQJBAPix
koKUHCW9dfQSQ6hro1Z3mPmgDmfOpD4V4ACwXWcuz5wqZPDPobJZvNdrrVln7cXu
XKHq9Mq0VhyyEB3rsg0CQCa15dER0X/RLYrnyU3A3KmJLOlCz6Y6DFI0NtQKnp1K
ujDkIs6RM+4ZYGi+8esm7ubcdpvdTUSnBlkyZu2jJ2k=
-----END RSA PRIVATE KEY-----jsencrypt.js
前端JS类库使用:jsencrypt.js
项目地址:https://github.com/travist/jsencrypt
下载该项目,在前端页面中引用js库即可
<script type="text/javascript" src="./jsencrypt.js"></script>前端加密,在表单提交前执行加密
var password = $("#password").val();
var encrypt = new JSEncrypt();
encrypt.setPublicKey('这里填写公钥');
var encrypted = encrypt.encrypt(password);
$("#password").val(encrypted);后端解密
$password = $_POST['password'];//获取密码
$private_key = "这里填写私钥";
$pi_key = openssl_pkey_get_private($private_key);
$decrypted = "";//解密后的密码存放在这个变量
openssl_private_decrypt(base64_decode($password),$decrypted,$pi_key);//这里使用base64_decode是因为再前端到后端的传输过程中浏览器会自动对数据进行base64_encode
$password = $decrypted;//解密后的密码前端JS加密、解密
var data = 'testData';
//公钥加密
var encrypt = new JSEncrypt();
encrypt.setPublicKey('这里填写公钥');
var data_encrypted = encrypt.encrypt(data);
//私钥解密
var decrypt = new JSEncrypt();
decrypt.setPrivateKey('这里填写私钥');
var data_decrypted = decrypt.decrypt(data_encrypted);
if (data == data_decrypted) {
console.log('加密、解密成功');
}后端PHP加密、解密
$pi_key = openssl_pkey_get_private('这里填写私钥');//这个函数可用来判断私钥是否是可用的,可用返回资源id Resource id
$pu_key = openssl_pkey_get_public('这里填写公钥');//这个函数可用来判断公钥是否是可用的
$data = "testData";//原始数据
$data_encrypted = "";//加密后的数据
$data_decrypted = "";//解密后的数据
//私钥加密
openssl_private_encrypt($data, $data_encrypted, $pi_key);
$data_encrypted = base64_encode($data_encrypted);//加密后的内容通常含有特殊字符,需要编码转换下,在网络间通过url传输时要注意base64编码是否是url安全的
//公钥解密
openssl_public_decrypt(base64_decode($data_encrypted), $data_decrypted, $pu_key);//私钥加密的内容通过公钥可用解密出来
echo $data.'<br/>';
echo $data_encrypted.'<br/>';
echo $data_decrypted.'<br/>';
$data_encrypted2 = "";//加密后的数据
$data_decrypted2 = "";//解密后的数据
//公钥加密
openssl_public_encrypt($data, $data_encrypted2, $pu_key);
$data_encrypted2 = base64_encode($data_encrypted2);
openssl_private_decrypt(base64_decode($data_encrypted2), $data_decrypted2, $pi_key);
echo $data.'<br/>';
echo $data_encrypted2.'<br/>';
echo $data_decrypted2.'<br/>';jsencrypt.js生成密钥对:
var crypt = new JSEncrypt({default_key_size: 1024});
crypt.getKey();
crypt.getPrivateKey();
crypt.getPublicKey();