drj14664
2017-11-22 10:37
浏览 92
已采纳

带有多个密钥的PHP加密

Is there a way to produce two keys in string format, that are dependent on each other?

  1. Master key (to decrypt data)
  2. Slave key (dependent on the Master key, can only decrypt data)

图片转代码服务由CSDN问答提供 功能建议

有没有办法以字符串格式生成两个相互依赖的键? \ n

  1. 主密钥(解密数据)
  2. 从属密钥(取决于主密钥,只能解密数据)
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • duanmie9741 2017-11-22 12:11
    已采纳

    Nothing like a code story to explain the concept ;p

    Here is an example where alice sends an encrypted message to bob using only bobs public key, bob then responds with an encrypted message using only alices public key.

    In both cases their own private keys are used to decrypt the messages.

    <?php
    
    // define an example, our people, messages and their keys
    $people = [
        'alice' => [
            'keys' => gen_keys(),
            'msg' => 'Hi Bob, I\'m sending you a private message'
        ],    
        'bob' => [
            'keys' => gen_keys(),
            'msg' => 'Thanks Alice, message received'
        ]  
    ];
    
    //
    $encrypted = $decrypted = [
        'alice' => '',
        'bob'   => ''
    ];
    
    // public keys get exchanged, not private
    
    // alice encrypts her message to bob
    $encrypted['bob'] = encrypt(
        $people['alice']['msg'],         // message to encrypt
        $people['bob']['keys']['public'] // bobs public key, which he sent to alice
    );
    
    // message sent to bob
    
    // bob decrypts his message
    $decrypted['bob'] = decrypt(
        $encrypted['bob'],                // message to decrypt
        $people['bob']['keys']['private'] // bob's private key, which he uses to decrypt the message
    );
    
    // bob now responds
    
    // bob encrypts his message to alice
    $encrypted['alice'] = encrypt(
        $people['bob']['msg'],             // message to encrypt
        $people['alice']['keys']['public'] // alice public key, which she sent to bob
    );
    
    // alice decrypts her message
    $decrypted['alice'] = decrypt(
        $encrypted['alice'],                // message to decrypt
        $people['alice']['keys']['private'] // alice's private key, which she uses to decrypt the message
    );
    
    //
    print_r($decrypted);
    
    /*
    Array
    (
        [alice] => Thanks Alice, message received
        [bob] => Hi Bob, I'm sending you a private message
    )
    */
    
    /**
     * Functions - wraps for openssl operations
     */
    // generate public and private key pair
    function gen_keys() {
        $res = openssl_pkey_new(array('private_key_bits' => 2048));
    
        /* Extract the private key */
        openssl_pkey_export($res, $privateKey);
    
        /* Extract the public key */
        $publicKey = openssl_pkey_get_details($res);
    
        return ['public' => $publicKey["key"], 'private' => $privateKey];
    }
    
    // encrypt using public key
    function encrypt($msg, $key) {
        $ret = '';
        openssl_public_encrypt(
            $msg, // message to encrypt
            $ret, // &encrypted message
            $key  // public key
        );
        return $ret;
    }
    
    // decrypts using private key
    function decrypt($msg, $key) {
        $ret = '';
        openssl_private_decrypt(
            $msg, // message to decrypt
            $ret, // &decrypted message
            $key  // private key
        );
        return $ret;
    }
    
    点赞 打赏 评论
  • donglvlao8367 2017-11-22 11:14

    Yes, it's called Asymmetric Cryptography. Data is encrypted by using public key and then the private key is used to decrypt the data. This is used in many places e.g. in blockchains, payment portals etc.

    You can find some helpful algorithms and theories here for understanding: https://www.tutorialspoint.com/cryptography/public_key_encryption.htm

    In PHP, you can use - openssl_encrypt() & openssl_decrypt() - to get the similar result or - base64_encode() & base64_decode() or you can mix both to get a more secured solution.

    One simple example can be:

    function my_simple_crypt( $string, $action = 'e' ) {
        // you may change these values to your own
        $secret_key = 'my_simple_secret_key';
        $secret_iv = 'my_simple_secret_iv';
    
        $output = false;
        $encrypt_method = "AES-256-CBC";
        $key = hash( 'sha256', $secret_key );
        $iv = substr( hash( 'sha256', $secret_iv ), 0, 16 );
    
        if( $action == 'e' ) {
            $output = base64_encode( openssl_encrypt( $string, $encrypt_method, $key, 0, $iv ) );
        }
        else if( $action == 'd' ){
            $output = openssl_decrypt( base64_decode( $string ), $encrypt_method, $key, 0, $iv );
        }
    
        return $output;
    }
    

    To encrypt:

    $encrypted = my_simple_crypt( 'Hello World!', 'e' );
    

    To decrypt:

    $decrypted = my_simple_crypt( 'Hello World!', 'd' );
    

    Source: https://nazmulahsan.me/simple-two-way-function-encrypt-decrypt-string/

    点赞 打赏 评论

相关推荐 更多相似问题