依賴於OpenSSL擴展
代碼如下復制代碼/*加密解密*/
functionauthcode($string,$operation='E') {
$ssl_public=file_get_contents(DATA_PATH."/conf/cert_public.key");
$ssl_private=file_get_contents(DATA_PATH."/conf/cert_private.pem");
$pi_key= openssl_pkey_get_private($ssl_private);//這個函數可用來判斷私鑰是否是可用的,可用返回資源id Resource id
$pu_key= openssl_pkey_get_public($ssl_public);//這個函數可用來判斷公鑰是否是可用的
if(false == ($pi_key||$pu_key))return'證書錯誤';
$data="";
if($operation=='D'){
openssl_private_decrypt(base64_decode($string),$data,$pi_key);//私鑰解密
}else{
openssl_public_encrypt($string,$data,$pu_key);//公鑰加密
$data=base64_encode($data);
}
return$data;
}
/*生成證書*/
functionexportOpenSSLFile(){
$config=array(
"digest_alg" =>"sha512",
"private_key_bits"=> 4096, //字節數 512 1024 2048 4096 等
"private_key_type"=> OPENSSL_KEYTYPE_RSA, //加密類型
);
$res= openssl_pkey_new($config);
if($res== false)returnfalse;
openssl_pkey_export($res,$private_key);
$public_key= openssl_pkey_get_details($res);
$public_key=$public_key["key"];
file_put_contents(DATA_PATH."/conf/cert_public.key",$public_key);
file_put_contents(DATA_PATH."/conf/cert_private.pem",$private_key);
openssl_free_key($res);
}