## RSA密文過長加密解密 越過1024的解決代碼 > 什么是RSA加密？ [RSA ](https://en.wikipedia.org/wiki/RSA)（詳見維基百科）算法是現今使用最廣泛的公鑰密碼算法，也是號稱地球上最安全的加密算法，與 md5 和 sha1 不同，到目前為止，也只有極短的RSA加密被破解。 > 使用場景 * 為移動端（IOS，安卓）編寫 API 接口 * 進行支付、真實信息驗證等安全性需求較高的通信 * 與其他第三方或合作伙伴進行重要的數據傳輸,用于外部商戶系統和本系統之間報文的安全性驗證。 > 生成私鑰、公鑰 **1、生成原始 RSA 私鑰文件** ``` openssl genrsa -out private_key.pem 1024 ``` 說明：生成RSA私鑰，`private_key.pem` 為存放私鑰的文件名，長度1204 **2、將原始 RSA 私鑰轉換為 pkcs8 格式** ``` openssl pkcs8 -topk8 -inform PEM -in private_key.pem -outform PEM -nocrypt -out rsa_private_key.pem ``` 說明：把RSA私鑰轉換成PKCS8格式，轉化后的私鑰 `rsa_private_key.pem` **3、生成 RSA 公鑰** ``` openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem ``` 說明：生成RSA公鑰文件` rsa_public_key.pem` **4、最后會有三個文件** ``` λ ls private_key.pem rsa_private_key.pem rsa_public_key.pem ``` 文本打開`rsa_private_key.pem`、`rsa_public_key.pem`，里面存放的是私鑰、公鑰。商戶需要把公鑰字符串發給易付寶的業務人員，私鑰商戶自行保存。 [php-rsa 加密解密](https://segmentfault.com/a/1190000012083428) Rsa 服務器類庫 ``` <?php /**.------------------------------------------------------------------------------------------------------------------- * | Github: https://github.com/Tinywan * | Blog: http://www.cnblogs.com/Tinywan * |-------------------------------------------------------------------------------------------------------------------- * | Author: Tinywan(ShaoBo Wan) * | DateTime: 2018/8/30 22:48 * | Mail: 756684177@qq.com * | Desc: php-rsa 加密解密 https://segmentfault.com/a/1190000012083428 * '------------------------------------------------------------------------------------------------------------------*/ namespace app\common\library; class Rsa { /** * @var array 默認配置 */ private $_config = [ 'public_key' => '-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbtLA7lMfUvpBgfgzouiPgcnbL DnEcuCK0gMub/EAEqmr82sl+9tH1iQb1w/hgQLptVRxAuUOa03XqlnG3wkAegtQt 4Q5ZtHSSomE8/5FXJvQfGTCz5RARyM0MiLTMZJGhLdVT6O8uCYIrPRQq7u6NVLs9 6YDmtzX2do/sTsWCAwIDAQAB -----END PUBLIC KEY-----', 'private_key' => '-----BEGIN RSA PRIVATE KEY----- MIICWwIBAAKBgQCbtLA7lMfUvpBgfgzouiPgcnbLDnEcuCK0gMub/EAEqmr82sl+ 9tH1iQb1w/hgQLptVRxAuUOa03XqlnG3wkAegtQt4Q5ZtHSSomE8/5FXJvQfGTCz 5RARyM0MiLTMZJGhLdVT6O8uCYIrPRQq7u6NVLs96YDmtzX2do/sTsWCAwIDAQAB AoGAfnO3zCuAPp6k0jiMc1T4XgeXwkDwS8qfJMiUkxHBTAi66q8khSAeU7H9HQsS Y9ktji1YzJeo98xULzgPEpWHS/uhA8VZa16TLy9Yfadn2t+wpWpEJ9ZA4jjEqfQj DDxcUc/pEv5siaE/bU8uls4o2nAiuWnI2n5FGrQa2OziGUECQQDPOh3KD2AOZtEF p7i0yxYXe4dCKwenfw5q7l933RgqMXsVR1EAGzAUdIs71hTye6ibhva+eJRfndoV Jq2IHjOdAkEAwFpOZR8j3Cl4zEk/9D9WEnSa8VWLe76vb7DfgfwkSAhs/f2MNF1I zy9W5tPHRiMzaHNgPBFX9tw2u5QzsgOqHwJAPl3zUTjHZA41okoUIPVuNKsMzjE9 IH/wyuXq/ZwhBbHWpVTNYAbOtZlNvjh0HXZyDDzWTgTkQtKzK+J0H59XUQJARukD vYOdVKx1O9pFGWW/9U3HUPCYWyYQxrwNqX2qYmO4ymmOJj+9d6OcBbxM2i5f5UGj WIGMTBUimEQqSpXPQQJAIkHC2GknUv8HaBRLXxYTIAjj78a0pQT2bYlI6R04AwUZ ljBaUGvvdYJ3CGZ32Xk12Te2fMJj5h/yLyEr8uzpzw== -----END RSA PRIVATE KEY-----', ]; /** * 構造函數 * Rsa constructor. * @param $private_key_filepath * @param $public_key_filepath */ public function __construct($private_key_filepath = null, $public_key_filepath = null) { if(!empty($private_key_filepath) && !empty($public_key_filepath)){ $this->_config['private_key'] = $this->_getContents($private_key_filepath); $this->_config['public_key'] = $this->_getContents($public_key_filepath); } } /** * @uses 獲取文件內容 * @param $file_path string * @return bool|string */ private function _getContents($file_path) { file_exists($file_path) or die ('密鑰或公鑰的文件路徑錯誤'); return file_get_contents($file_path); } /** * @uses 獲取私鑰 * @return bool|resource */ private function _getPrivateKey() { $private_key = $this->_config['private_key']; return openssl_pkey_get_private($private_key); } /** * @uses 獲取公鑰 * @return bool|resource */ private function _getPublicKey() { $public_key = $this->_config['public_key']; return openssl_pkey_get_public($public_key); } /** * 私鑰加密 （使用公鑰解密） * @param string $data * @return null|string */ public function privateEncrypt($data = '', $padding = OPENSSL_PKCS1_PADDING) { if (!is_string($data)) return null; $encrypted = ''; $chunks = str_split($data, 117); foreach ($chunks as $chunk) { $partialEncrypted = ''; $encryptionOk = openssl_private_encrypt($chunk, $partialEncrypted, $this->_getPrivateKey(), $padding); if ($encryptionOk === false) { return null; } $encrypted .= $partialEncrypted; } $encrypted = base64_encode($encrypted); return $encrypted; } /** * 公鑰加密（使用私鑰解密） * @param string $data 加密字符串 * @param int $padding * @return null|string */ public function publicEncrypt($data = '', $padding = OPENSSL_PKCS1_PADDING) { if (!is_string($data)) return null; $encrypted = ''; $chunks = str_split($data, 117); foreach ($chunks as $chunk) { $partialEncrypted = ''; $encryptionOk = openssl_public_encrypt($chunk, $partialEncrypted, $this->_getPublicKey(), $padding); if ($encryptionOk === false) { return null; } $encrypted .= $partialEncrypted; } $encrypted = base64_encode($encrypted); return $encrypted; } /** * @uses 私鑰解密 （使用公鑰加密） * @param string $encrypted * @return null */ public function privateDecrypt($encrypted = '') { if (!is_string($encrypted)) return null; $decrypted = ''; $chunks = str_split(base64_decode($encrypted), 128); foreach ($chunks as $chunk) { $partial = ''; $decryptIsTrue = openssl_private_decrypt($chunk, $partial, $this->_getPrivateKey()); if ($decryptIsTrue === false) { return null; } $decrypted .= $partial; } return $decrypted; } /** * 公鑰解密 （使用私鑰解密） * @param string $encrypted 被解密字符串 * @return null */ public function publicDecrypt($encrypted = '') { if (!is_string($encrypted)) return null; $decrypted = ''; $chunks = str_split(base64_decode($encrypted), 128); foreach ($chunks as $chunk) { $partial = ''; $decryptIsTrue = openssl_public_decrypt($chunk, $partial, $this->_getPublicKey()); if ($decryptIsTrue === false) { return null; } $decrypted .= $partial; } return $decrypted; } /** * 私鑰驗簽 * @param $data string 驗簽內容 * @param $signature string 簽名字符串 * @param int $signature_alg * @return bool */ public function privateSign($data, $signature, $signature_alg = OPENSSL_ALGO_SHA1) { $result = openssl_sign($data, base64_decode($signature), $this->_getPrivateKey(), $signature_alg); openssl_free_key($this->_getPrivateKey()); return $result === 1 ? true : false; } /** * 公鑰驗簽 * @param $data string 驗簽內容 * @param $signature string 簽名字符串 * @param int $signature_alg * @return bool */ public function publicSign($data, $signature, $signature_alg = OPENSSL_ALGO_SHA1) { $result = openssl_verify($data, base64_decode($signature), $this->_getPublicKey(), $signature_alg); openssl_free_key($this->_getPublicKey()); return $result === 1 ? true : false; } } ``` > 使用案例 * 公鑰加密、私鑰解密 ``` $rsa = new Rsa(); // 加密明文 $crypt_text = '公鑰加密、私鑰解密'; echo '加密明文：' . $crypt_text.PHP_EOL; $public_encrypt_data = $rsa->publicEncrypt($crypt_text); echo '公鑰加密后數據：' . $public_encrypt_data.PHP_EOL; // 一直在變化 $private_decrypt_data = $rsa->privateDecrypt($public_encrypt_data); echo '私鑰解密數據: ' . $private_decrypt_data.PHP_EOL; ``` >加密明文：公鑰加密、私鑰解密 >>公鑰加密后數據：QHdj15P6l1gJbjNlD7spKT7KjCJJ0Qg5c8JjLBAS9hvhkq8eRuaNY/dDrboD3t40NvyPI8SBFBkDTjJ5IDyqTTSfthUROvasMD7wCPRYGaOt5to+ygfvV5t4CyYQEvSSflqimWvffRs0L8fs3pqE2kLD/AHOC94+ZBNFfzTTtVA= >>>私鑰解密數據: 公鑰加密、私鑰解密 * 私鑰加密、公鑰解密 ``` $rsa = new Rsa(); // 加密明文 $crypt_text = '私鑰加密、公鑰解密'; echo '加密明文：' . $crypt_text.PHP_EOL; $private_encrypt_data = $rsa->privateEncrypt($crypt_text); echo '私鑰加密后數據：' . $private_encrypt_data..PHP_EOL; // 不變 $public_decrypt_data = $rsa->publicDecrypt($private_encrypt_data); echo '公鑰解密數據: ' . $public_decrypt_data..PHP_EOL; ``` > 加密明文：私鑰加密、公鑰解密 >>私鑰加密后數據：dDzAs7kj9z7kS7Zbcz6sNLP+sIOnXp2qFGr4RepZcZp9XzCt8Tt+Kd/NIo4S20hjAvBiurvSHaR6LLL5ur5dc4vkFGkV+bGaT2SlhC4JkvYt4N2T9EiQupwcCtlk+dcENLexWiCvZtuzk3peK+H7AUWqFeOlmGRZb3De7bP+heY= >>>公鑰解密數據: 私鑰加密、公鑰解密 * 測試結果：`私鑰加密`是不變的，`公鑰加密`后的字符串一直是變化的 > 經歷 二流院校，計算機工科男 > 常用ID Tinywan > 主頁 [https://www.tinywan.com](https://www.tinywan.com/ ) > GitHub: [https://github.com/Tinywan ](https://github.com/Tinywan ) >博客園地址 [http://www.cnblogs.com/Tinywan](http://www.cnblogs.com/Tinywan)