关于php rsa加密处理
最近刚好需要跟一个第三方系统对接几个接口,对方要求 post 数据需要 rsa 加密,于是百度搜了一下 php 关于 rsa 加密的处理,然后大家可能就会跟我一样搜出以下示例:
/** * @uses 公钥加密 * @param string $data * @return null|string */ public function publicEncrypt($data = '') { if (!is_string($data)) { return null; } return openssl_public_encrypt($data, $encrypted, $this->_getPublicKey()) ? base64_encode($encrypted) : null; }
于是开开心心的复制到自己项目稍微修改修改后测试,简简单单传几个字符串进去:
<?php $string = '基督教解决基督教解决决'; $ret = publicEncrypt($string); var_dump($ret); /** * @uses 公钥加密 * @param string $data * @return null|string */ function publicEncrypt($data = '') { $publicKey = 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiX1bIq02AFypLOJ4byShfo6+D6pj0rQrdAtZ8Bb2Z4YwdCZS5vlEduBiVCZSKfF70M0nk4gMqhAKcgwqWxgI1/j8OrX401AssfaiXr2JqsAl679s+Xlwe0jppNe1832+3g0YOawDTpAQsUJDu1DpnyGnUz0qeac0/GiAJlXzKUP+/3db8haDuOkgYrT8A6twGAm7YwIuliieDWDcUS/CQzXGRtwtZQqUJDQsWC1lCML1kRUjbZ2EM2EzyttgHN0SsNryhVLHXSFXpDWbeqQwk36axojGF1lbg/oVQy+BnYJx8pKpTgSwIDAQAB'; $publicKey = "-----BEGIN PUBLIC KEY-----n" . wordwrap($publicKey, 64, "n", true) . "n-----END PUBLIC KEY-----"; if (!is_string($data)) { return null; } return openssl_public_encrypt($data, $encrypted, $publicKey) ? base64_encode($encrypted) : null; }
程序打印:
string(344) "HSqVQbyhmWYrptvgzK+ggqmma88QRFVJerXTrZ+RpYqhZr/Dr9au9wxX+aAYy1wRh0eBk+fIpU4wkEZs6P5yozf5e/rAAEYUOImTJZcOvZqr89znT3yqaV8ME+vR16FLK5sk3BwgpOWI6X+wBwU2cLnHKDdj9RpYWAYhi/mn8XJj4/srKZbSgAjvzWqZI9gfqiJNdz8kf/MPtQ65cSlAhvh4eByY8cLGfgUXV0dxzWAkwTSPl2faSq3GHsNMXnxwoNjIvqz/IuZavqABNVZCwrZC3ZVb+Op7wF9GxrkIdJYzmHpX/wNn1DPLHUvghtO/WmfN4Jb2ZVzTsneB5B3Z6g=="
看似一切正常,实际项目中对一个比较长的 json 字符串进行加密时,发现返回了 null,追溯了一下 openssl_public_encrypt 这个函数此时是返回 false 的,表示加密失败。传入不同长度的字符串测试了几遍后发现字符串长度超过 100 多之后就会出现加密失败的问题,参考了一下对方发来的 java 加密示例
/** * 用公钥加密 * @param data * @param publicKey * @return * @throws Exception */ public static String rsaEncrypt(String data, PublicKey publicKey) throws Exception { Cipher cipher = Cipher.getInstance(RSA_ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, publicKey); int inputLen = data.getBytes().length; ByteArrayOutputStream out = new ByteArrayOutputStream(); int offset = 0; byte[] cache; int i = 0; // 对数据分段加密 while (inputLen - offset > 0) { if (inputLen - offset > MAX_ENCRYPT_BLOCK) { cache = cipher.doFinal(data.getBytes(), offset, MAX_ENCRYPT_BLOCK); } else { cache = cipher.doFinal(data.getBytes(), offset, inputLen - offset); } out.write(cache, 0, cache.length); i++; offset = i * MAX_ENCRYPT_BLOCK; } byte[] encryptedData = out.toByteArray(); out.close(); // 加密后的字符串 return Base64.getEncoder().encodeToString(encryptedData); }
发现他们是需要对要加密的字符串进行一个分割操作,于是有了以下修改后的版本:
/** * 公钥加密 * @param string $data * @return null|string */ public function publicEncrypt($data = '') { if (!is_string($data)) { return null; } $dataLength = mb_strlen($data); $offet = 0; $length = 128; $i = 0; $string = ''; while ($dataLength - $offet > 0) { if ($dataLength - $offet > $length) { $str = mb_substr($data, $offet, $length); } else { $str = mb_substr($data, $offet, $dataLength - $offet); } $encrypted = ''; openssl_public_encrypt($str,$encrypted, $this->rsaPublicKey, OPENSSL_PKCS1_OAEP_PADDING);//这个OPENSSL_PKCS1_OAEP_PADDING是对方要求要用这种padding方式 $string .= $encrypted; $i ++; $offet = $i * $length; } return base64_encode($string); }
目前测试没有再发现加密失败问题~问题解决
推荐:《PHP视频教程》