<?php
namespace com\openssl\fba;
include_once realpath(__DIR__ . '/../../autoload.php');
function executeRequest()
{
$handler = new YYSign();
$handler->run();
}
class YYSign
{
private $private_key_path;
private $public_key_path;
private $crypt_key;
const SIGNROOT = __DIR__ . '/keys/';
public function __construct() {
$this -> crypt_key = 'rootsdfsdffsdf';
$this -> private_key_path = self::SIGNROOT . 'privkey.pem';
$this -> public_key_path = self::SIGNROOT . 'pubkey.pem';
}
public function run()
{
$action = filter_input(INPUT_GET, 'action');
switch ($action)
{
case 'ppk':
$this -> createPrivateKeyAndPublicKey();
break;
case 'sign':
$this -> sign();
break;
case 'verify':
$this -> verify();
default:
break;
}
}
/**
* 生成私钥公钥
* @param array $configargs 配置
* @return bool [description]
*/
private function createPrivateKeyAndPublicKey($configargs = array())
{
$data = 'tengfeisun1';
if (empty($configargs)) {
$configargs = array(
'private_key_bits' => 1024, // Size of Key.
'private_key_type' => OPENSSL_KEYTYPE_RSA
);
}
//$openssl_config_path = "D:/develop_tools/phpstudy/PHPTutorial/Apache/conf/openssl.cnf";
$openssl_config_path = "/etc/pki/tls/openssl.conf";
$res = openssl_pkey_new($configargs);
if(!$res) {
$configargs['config'] = $openssl_config_path;
$res = openssl_pkey_new($configargs);
}
openssl_pkey_export($res, $private_key_pem, null, $configargs);//将一个密钥的可输出表示转换为字符串
$details = openssl_pkey_get_details($res);
$public_key_pem = $details['key'];
file_put_contents($this->private_key_path, $private_key_pem);
file_put_contents($this->public_key_path, $public_key_pem);
outputjson(array('code'=>0,'msg'=>'create pub and priv key success'));
}
/**
* 生成签名
* @param string $data 明文
* @return string 加密信息
*/
private function sign($data='')
{
$data = 'tengfeisun1';
$private_key_pem = file_get_contents($this -> private_key_path);
// compute signature
openssl_sign($data, $signature, $private_key_pem, OPENSSL_ALGO_SHA256);
file_put_contents(self::SIGNROOT . 'signature.dat', $signature);
outputjson(array('code'=>0,'msg'=>'signature success'));
}
/**
* 公钥验证签名
* @param string $data 明文
* @param string $signMsg 加密信息
* @return bool 是否验证通过
*/
private function verify()
{
$data = 'abcd';
$public_key_pem = file_get_contents($this->public_key_path);
$signature = file_get_contents(self::SIGNROOT . 'sig.bin');
// state whether signature is okay or not
$r = openssl_verify($data, $signature, $public_key_pem, "sha2WithRSAEncryption");
if ($r == 1) {
echo "good";
} elseif ($r == 0) {
echo "bad";
} else {
echo "ugly, error checking signature";
}
}
}
浙公网安备 33010602011771号