Shulou(Shulou.com)06/03 Report--

This article introduces php's RSA encryption and decryption algorithm principle and usage analysis, the content is very detailed, interested friends can refer to, hope to be helpful to you.

Recently, because of the needs of work, to reverse Alipay pay related knowledge, because Alipay applied the RSA encryption mechanism, individuals do not understand this, so write a summary here.

1. Generate public and private keys

In order to apply RSA algorithm, public key and private key must be generated first, and public key and private key can be generated with the help of openssl tool.

This quiz is conducted under windows. You can download the windows installation package from the following address: http://gnuwin32.sourceforge.net/packages/openssl.htm. The installation process will not be repeated.

After installation, go to the bin directory of the installation directory and execute the following command:

Openssl.exe / / enter the OpenSSL program genrsa-out rsa_private_key.pem 1024 / / to generate the private key. After successful execution, you can see the generated rsa_private_key.pem file pkcs8-topk8-inform PEM-in rsa_private_key.pem-outform PEM-nocrypt / / if you use java, you need to convert the private key to the PKCS8 format rsa-in rsa_private_key.pem-pubout-out rsa_public_key.pem / / to generate the public key. After successful execution, you can see the generated rsa_public_key.pem file in the current directory

Contents of the public key rsa_public_key.pem:

-BEGIN PUBLIC KEY-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDc5nSC6mHl9bmM6L8n7Sq1+Ft6VF8LcU3jst8RIy7WqXXd5XZomc0cJLxVz3Vc0vgUKKJyP6q2ozDOCFgCp7Q9InFgngtNVLEJ1+Nm0+snUDbYbnrfW8wwSPG0jPQ73CgMxOdv+IGhir6mEITbdEh+ZsVcGRd0OvKYIg+Itgk3/QIDAQAB-END PUBLIC KEY-

Contents of private key rsa_private_key.pem:

-BEGIN RSA PRIVATE KEY-MIICXAIBAAKBgQDD4KA0yU7EG7ZA32OAVDHlwXf9LYywXGn7Ma9LffnFL57cpYoQWf0Oz8FE9/UnjFOeHs2XjDrhe+uqVtYX/9Vi/znJgP9D7hpTo2NJHM/AUykD+itlcie2Tu+sjJQi0JFVcpc3D0ooTBhng35406CucRaOn/a52mxQnGtA4AmsSwIDAQABAoGAG25nwTy39SrUWT1vl9cyrbRsc15fp4sppG4O2Imp4v2KR+g+749KqzpZHKmFAabbRveVXzXaQR2zoUVL8kx3u4hqY4M/S1AcOxNPIJKB703XxA1yf2Ta2CvLsWTmtsDWRW1WudF18yOZf3q7aoyMhpBUMlmhH4mvIYWOPFj0zaECQQD4A11Q8sfpOcIKfMz5jJymLMZ9P8gxNbafwjxTdTXht/MUprEAePslP3AeyKBMJNYGs04/lOQzksp+ZG6j7/XzAkEAyi9zj8EaPlleAil8mB5wDWiibQ/Z92nMLSUmH5FoO013dvumBI8cCcP1/go2sj3H4RQEWycr360yTubNkkHOSQJAcRRPos3fOkZ8Y329k3Z6IgY+RfMj2tQLvVG5YbAKbi0J5vuNrpJ6p+QBwfdlpvIQp6NvZOwFFEK0kuZFz/dj4wJBALyccZCMUoARfEpGC24ZDuzjTIqzO+G7d3Yx7pOKYRLZXHXJogEkw8I0ZXmca5PxYFIPC1VBgINEHedPFjy3WMkCQEh4FG0xDpUFXETct5L1whT8lsN0EK3ZmcfDePcbKuHWiE5pbNn7ytpVT+jiT3+FVEZVSZCiW0lDnyd86Ppos5g=-END RSA PRIVATE KEY-

After the public key and private key are generated, the private key is saved by itself and the public key is handed over to a third party.

2. RSA encryption and decryption of php

Before doing encryption and decryption, first make sure that php has enabled the openssl extension, which can be viewed through the phpinfo () function.

In general, there are two situations:

① is encrypted by public key and decrypted by private key

② is encrypted by private key and decrypted by public key

Alipay's business scenario belongs to the second scenario:

The business side Alipay sends the payment request, encrypts the sign parameter through its own private key and sends it to the interface of Alipay. Alipay sends the payment result to the business side, and sends the sign parameter to the notify interface of the business side after encrypting through its own private key.

Take Alipay's business logic as an example to achieve the following second kind of encryption and decryption:

Encryption:

$data = "I am the string to be encrypted"; echo sign ($data, 'rsa_private_key.pem'); / * signature * / function sign ($data, $rsaPrivateKey) {/ * get the contents of the private key PEM file. $rsaPrivateKey is the path to the private key PEM file * / $priKey = file_get_contents ($rsaPrivateKey); / * extract the private key from the PEM file * / $res = openssl_get_privatekey ($priKey) / * sign the data * / openssl_sign ($data, $sign, $res); openssl_private_encrypt ($data, $sign, $res); / * release resources * / openssl_free_key ($res); / * encode the signature into a readable string * / $sign = base64_encode ($sign); return $sign;}

After execution, you get the following string:

GeNTbwabOYT1l2TIkaxgxnCZDop8pynyNtMNbYATtmyyOlxgJhm363ufeHbNboIhc3Pzi7kVrWPPkFsNUiGnS4mATzAcf0woJVC+26g5j19yQqb00Fr+XVipEVyN0sn9/uhlot6m6qj7h6adaREvsY/30jTld6kDkkQF8k3Eg+Y=

Decryption:

$data = "geNTbwabOYT1l2TIkaxgxnCZDop8pynyNtMNbYATtmyyOlxgJhm363ufeHbNboIhc3Pzi7kVrWPPkFsNUiGnS4mATzAcf0woJVC+26g5j19yQqb00Fr+XVipEVyN0sn9/uhlot6m6qj7h6adaREvsY/30jTld6kDkkQF8k3Eg+Y="; echo decrypt ($data, 'rsa_public_key.pem'); function decrypt ($data, $rsaPublicKey) {/ * get the contents of the public key PEM file. $rsaPublicKey is the path to the public key PEM file * / $pubKey = file_get_contents ($rsaPublicKey); / * extract the public key from the PEM file * / $res = openssl_get_publickey ($pubKey) / * decrypt data * / openssl_public_decrypt (base64_decode ($data), $decrypted, $res); / * release resources * / openssl_free_key ($res); return $decrypted;}

The first situation is similar to the second, and I will not repeat it here.

Note: the encryption function used by Alipay is openssl_sign, and the subsequent verification can be verified by using the openssl_verify function.

This is the analysis of the principle and usage of php's RSA encryption and decryption algorithm. I hope the above content can be helpful to everyone and learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.