Shulou(Shulou.com)06/02 Report--

This article introduces the relevant knowledge of "how to achieve PHP-RSA2 signature verification". Many people will encounter such a dilemma in the operation of actual cases, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

PHP RSA2 signature algorithm what is RSA2?

RSA2 adds a new signature algorithm that supports SHA256WithRSA on the basis of the original SHA1WithRSA signature algorithm.

This algorithm has stronger security capability than SHA1WithRSA in summary algorithm.

SHA1WithRSA's signature algorithm will continue to be supported, but for the security of your application, it is strongly recommended to use SHA256WithRSA's signature algorithm.

Development platform algorithm name Standard signature algorithm name remarks RSA2SHA256WithRSA (highly recommended), mandatory RSA key length is at least 2048RSASHA1WithRSA No limit on RSA key length, which companies are recommended to use more than 2048 bits?

Development platforms of some large companies, such as Alipay and Sina Weibo.

Create private key and public key

/ / generate the original RSA private key file

Openssl genrsa-out rsa_private_key.pem 1024

/ / convert the original RSA private key to pkcs8 format

Openssl pkcs8-topk8-inform PEM-in rsa_private_key.pem-outform PEM-nocrypt-out private_key.pem

/ / generate RSA public key

Openssl rsa-in rsa_private_key.pem-pubout-out rsa_public_key.pem

/ / We use the private key rsa_private_key.pem on the server side, and issue the public key to the front end such as android and ios.

PHP-RSA2 signature verification class Rsa2 {private static $PRIVATE_KEY = 'rsa_private_key.pem content'; private static $PUBLIC_KEY = 'rsa_public_key.pem content'; / * * obtain private key * @ return bool | resource * / private static function getPrivateKey () {$privKey = self::$PRIVATE_KEY; return openssl_pkey_get_private ($privKey) } / * get the public key * @ return bool | resource * / private static function getPublicKey () {$publicKey = self::$PUBLIC_KEY; return openssl_pkey_get_public ($publicKey) } / * create signature * @ param string $data data * @ return null | string * / public function createSign ($data =') {if (! is_string ($data)) {return null } return openssl_sign ($data, $sign, self::getPrivateKey (), OPENSSL_ALGO_SHA256)? Base64_encode ($sign): null;} / * verify signature * @ param string $data data * @ param string $sign signature * @ return bool * / public function verifySign ($data ='', $sign ='') {if (! is_string ($sign) | |! is_string ($sign)) {return false } return (bool) openssl_verify ($data, base64_decode ($sign), self::getPublicKey (), OPENSSL_ALGO_SHA256);}} PHP calls require_once "Rsa2.php"; $rsa2 = new Rsa2 (); $data ='my data' / / string to be signed $strSign = $rsa2- > createSign ($data); / / generate signature var_dump ($strSign); $is_ok = $rsa2- > verifySign ($data, $sign); / / verify signature var_dump ($is_ok); "how to implement PHP-RSA2 signature verification" is introduced here, thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.