jave实现如下
服务方只提供了 java版的示例,php只好自己撸
纵观加解密流程 rsa有公钥加密,私钥解密 和 私钥签名公钥验签 这两种
http://www.metools.info/code/c82.html (在线ras加解密)
1./** * 公钥加密私钥解密 */
$rsaPublicKey,$rsaPrivateKey 均为pem格式的公私钥文件 以如上图格式开头结尾为pkcs8的 $data = '公钥加密内容'; //公钥加密
$rsaPublicKey = openssl_get_privatekey($rsaPublicKey); openssl_public_encrypt($data, $encrypted, $rsaPublicKey); //私钥解密
$rsaPrivateKey = openssl_get_privatekey($rsaPrivateKey); openssl_private_decrypt(base64_decode($encodeData), $decrypted, $rsaPrivateKey);
2./** * 私钥签名公钥验签 */
/** 45 * 私钥签名公钥验签 46 */ 47 $priStr = '私钥签名内容'; 48 //私钥签名 49 $signature = ""; 50 openssl_sign($priStr, $signature, $privKey, OPENSSL_ALGO_SHA256); 51 $signature = base64_encode($signature); 52 // var_dump($signature); 53 //公钥验签 54 /**如果签名正确返回 1, 签名错误返回 0, 内部发生错误则返回-1. */ 55 $result = (bool)openssl_verify($priStr, base64_decode($signature), $pubKey,OPENSSL_ALGO_SHA256); 56 var_dump($result);
java给的示例私钥是这
"MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwgg JcAgEAAoGBAKkumt1vUdbsk2KOQCTJH+HSHtZHK7PNTazAfbhS2v+bDbDSyqb192P yS9M7lLvL4RtXAs9E1Mi5tbFy0mw8gyWypHbeWX/Vj1k1HSyHpXHwNWgak2l+U6iI H9OuRfqkZ2BGLfgGeQj2Zm+dGCuCLcAKW+rkftCPpo26zcfzVDXJAgMBAAECgYEAm 2uTHYXcmyMuqsWfq6uQvHW5moQ7Y6xhhSg41pJXWaXpx91+Ci/AG3NFsUH0+yjrHa CrlhnXmKbygZfIM2LL3t/OSOGNP8x9OoVMlZwvqJZSDWaUBR0axFxC/lnM4QlmlQx 8Dbh3TCzrHJHzH72b1Q7xeO+HqMTKcIN4wxciC2ECQQDkw7DQI/pbia3GzQf+GCLw 7taMD8NRFKkNNVbjb9cCy7VzKNBi3sDH014TDJiemYUMtptzgd+70+KQooxVhRYVA kEAvVL0rQXzt4UKUVw7UzsNpJoSZnH6lYHeRo8KNnWn/QvRYtIEwutH9+m1+H+Lxs KkpsG5IGIhUxlkV7hZHiPh5QJAdTmuLkpxbVzU1s2T7eoSZaIOAQHG1ZKfuiv+FVf nNwCKP7PHbRK2eO9gAqTuxD7pBgXBDOSdcJN4QyN4hA5JrQJAJ2r3MHMVzDbx8ACh BXI9I/FENXozrx8r9Urg2HfkswXb4ZRSk3bDNDW/wm5j3s011NZuwfRMde3Ke40RW PollQJANlvVkq5GH9VFKSjr6idK7H4QustZZpMIs3LuCO4beS3qBidbSX9AtqrJ1v 2qKvT8YeuTjlzb1DAll9Zflew8hw=="
java用pkcs8填充方式的公私钥,即pem文件是以-----BEGIN PRIVATE KEY-----开头 -----END PRIVATE KEY-----结尾
看java实现的图片中使用的是MD5Withrsa 即选择
OPENSSL_ALGO_MD5
作为签名算法即可
最终私钥为
-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwgg JcAgEAAoGBAKkumt1vUdbsk2KOQCTJH+HSHtZHK7PNTazAfbhS2v+bDbDSyqb192P yS9M7lLvL4RtXAs9E1Mi5tbFy0mw8gyWypHbeWX/Vj1k1HSyHpXHwNWgak2l+U6iI H9OuRfqkZ2BGLfgGeQj2Zm+dGCuCLcAKW+rkftCPpo26zcfzVDXJAgMBAAECgYEAm 2uTHYXcmyMuqsWfq6uQvHW5moQ7Y6xhhSg41pJXWaXpx91+Ci/AG3NFsUH0+yjrHa CrlhnXmKbygZfIM2LL3t/OSOGNP8x9OoVMlZwvqJZSDWaUBR0axFxC/lnM4QlmlQx 8Dbh3TCzrHJHzH72b1Q7xeO+HqMTKcIN4wxciC2ECQQDkw7DQI/pbia3GzQf+GCLw 7taMD8NRFKkNNVbjb9cCy7VzKNBi3sDH014TDJiemYUMtptzgd+70+KQooxVhRYVA kEAvVL0rQXzt4UKUVw7UzsNpJoSZnH6lYHeRo8KNnWn/QvRYtIEwutH9+m1+H+Lxs KkpsG5IGIhUxlkV7hZHiPh5QJAdTmuLkpxbVzU1s2T7eoSZaIOAQHG1ZKfuiv+FVf nNwCKP7PHbRK2eO9gAqTuxD7pBgXBDOSdcJN4QyN4hA5JrQJAJ2r3MHMVzDbx8ACh BXI9I/FENXozrx8r9Urg2HfkswXb4ZRSk3bDNDW/wm5j3s011NZuwfRMde3Ke40RW PollQJANlvVkq5GH9VFKSjr6idK7H4QustZZpMIs3LuCO4beS3qBidbSX9AtqrJ1v 2qKvT8YeuTjlzb1DAll9Zflew8hw==
-----END PRIVATE KEY-----
加密内容为
POST
content-type=application/json
x-ca-key=APP32237482313
x-ca-nonce=123456
x-ca-timestamp=1600484246123
/sample?body={"avatar":"https://sample.com/sample.jpg","nickname":"UA","password":"123456","thirdPartId":"10000","username":"UA"}
加密结果为
amPImZ0uPTEyo+5Y5lKRgU/6Nknnyv3IlaLz+UNNG5xN0dxfpb+SpaGUnwpy9D67Mj3oqmZrvqF5nwHWD8d6IEMl0dr5AuLJKhMYQ/h0d7j/4xjoOIFrscWRK669aq4zNeC2Hg+nGgdY2yNaEEpxN+qWdb7QwIIbIZ0hjM6XEng=
可以将pkcs8的java私钥转换成php支持的私钥(也可使用支付宝开发助手转化)
openssl rsa -in pkcs8.pem -out pkcs1.pem转换后私钥为
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCpLprdb1HW7JNijkAkyR/h0h7WRyuzzU2swH24Utr/mw2w0sqm9fdj8kvTO5S7y+EbVwLPRNTIubWxctJsPIMlsqR23ll/1Y9ZNR0sh6Vx8DVoGpNpflOoiB/TrkX6pGdgRi34BnkI9mZvnRgrgi3AClvq5H7Qj6aNus3H81Q1yQIDAQABAoGBAJtrkx2F3JsjLqrFn6urkLx1uZqEO2OsYYUoONaSV1ml6cfdfgovwBtzRbFB9Pso6x2gq5YZ15im8oGXyDNiy97fzkjhjT/MfTqFTJWcL6iWUg1mlAUdGsRcQv5ZzOEJZpUMfA24d0ws6xyR8x+9m9UO8Xjvh6jEynCDeMMXIgthAkEA5MOw0CP6W4mtxs0H/hgi8O7WjA/DURSpDTVW42/XAsu1cyjQYt7Ax9NeEwyYnpmFDLabc4Hfu9PikKKMVYUWFQJBAL1S9K0F87eFClFcO1M7DaSaEmZx+pWB3kaPCjZ1p/0L0WLSBMLrR/fptfh/i8bCpKbBuSBiIVMZZFe4WR4j4eUCQHU5ri5KcW1c1NbNk+3qEmWiDgEBxtWSn7or/hVX5zcAij+zx20StnjvYAKk7sQ+6QYFwQzknXCTeEMjeIQOSa0CQCdq9zBzFcw28fAAoQVyPSPxRDV6M68fK/VK4Nh35LMF2+GUUpN2wzQ1v8JuY97NNdTWbsH0THXtynuNEVj6JZUCQDZb1ZKuRh/VRSko6+onSux+ELrLWWaTCLNy7gjuG3kt6gYnW0l/QLaqydb9qir0/GHrk45c29QwJZfWX5XsPIc=
-----END RSA PRIVATE KEY-----
至此使用/** * 私钥签名公钥验签 */即可