PHP:使用openSSL加密和解密时出错

我一直在尝试制作两个PHP页面,一个用于加密,另一个用于解密。</ p> \ n

加密页面的代码:</ p>

 &lt; form action =“encrypt.php”method =“post”&gt; 
&lt; input type = “text”name =“data”&gt;
&lt; input type =“submit”&gt;
&lt; / form&gt;

&lt;?php
if($ _ SERVER [“REQUEST_METHOD”] ==“POST” )
{
$ config = array(
“digest_alg”=&gt;“sha512”,
“private_key_bits”=&gt; 4096,
“private_key_type”=&gt; OPENSSL_KEYTYPE_RSA,
);
$ keys = openssl_pkey_new($ config);
openssl_pkey_export($ keys,$ privKey);

$ pubKey = openssl_pkey_get_details($ keys);
$ pubKey = $ pubKey [“key”];

需要“openssl.php”;
openssl_public_encrypt($ _ POST [“data”],$ encrypted, $ pubKey);
echo $ encrypted;
echo“&lt; br&gt;&lt; br&gt;”;
echo $ privKey;
}

?&gt;
</ code> </ pre>

这是用于解密的代码:</ p>

 &lt; form action =“decrypt.php”method =“post”&gt; 
加密文字: &lt; textarea name =“encrypted”rows =“10”cols =“100”&gt;&lt; / textarea&gt;&lt; br&gt;&lt; br&gt;
Key:&lt; textarea name =“key”rows =“10”cols =“100”&gt;&lt; / textarea&gt;&lt; br&gt;
&lt; input type =“submit”&gt;
&lt; / form&gt;

&lt;?php
if($ _ SERVER [“REQUEST_METHOD”] ==“POST”)
{
openssl_private_decrypt($ _ POST [“encrypted”],$ decrypted,$ _ POST [“key”]);
echo $ decrypted;
}
?&gt;
< / code> </ pre>

似乎加密数据就好了,但是当我尝试使用其他页面解密时,出现错误:</ p>



openss l_private_decrypt()[function.openssl-private-decrypt]:key参数不是有效的私钥</ p>
</ blockquote>

我直接从输出中复制并粘贴了私钥 加密文件。 为什么我收到错误?</ p>
</ div>

展开原文

原文

I've been trying to make two PHP pages, one to encrypt and one to decrypt.

The code for the encrypting page:

<form action="encrypt.php" method="post">
<input type="text" name="data">
<input type="submit">
</form>

<?php
    if($_SERVER["REQUEST_METHOD"] == "POST")
    {
        $config = array(
                "digest_alg" => "sha512",
                "private_key_bits" => 4096,
                "private_key_type" => OPENSSL_KEYTYPE_RSA,
                );
        $keys = openssl_pkey_new($config);
        openssl_pkey_export($keys, $privKey);    
        $pubKey = openssl_pkey_get_details($keys);
        $pubKey = $pubKey["key"];

        require "openssl.php";
        openssl_public_encrypt($_POST["data"],$encrypted, $pubKey);
        echo $encrypted;
        echo "<br><br>";
        echo $privKey;
    }

    ?>

And this is the code for decrypting:

<form action="decrypt.php" method="post">
Encrypted Text: <textarea name="encrypted" rows="10" cols="100"></textarea><br><br>
Key: <textarea name="key" rows="10" cols="100"></textarea><br>
<input type="submit">
</form>

<?php
    if($_SERVER["REQUEST_METHOD"] == "POST")
    {
        openssl_private_decrypt($_POST["encrypted"],$decrypted,$_POST["key"]);
        echo $decrypted;
    }
?>

It seems to encrypt the data just fine, but when I try to decrypt using the other page, a get an error:

openssl_private_decrypt() [function.openssl-private-decrypt]: key parameter is not a valid private key

I copied and pasted the private key directly from the output of the encrypting file. Why am I getting an error?

douxie7738
douxie7738 我试过这样做,但openssl_get_privatekey()返回false。
6 年多之前 回复
dougang1967
dougang1967 在解密代码中是否需要在私钥上使用openssl_get_privatekey()函数,然后将其传递给open_ssl_decrypt(),即使您没有使用密码对其进行编码?
6 年多之前 回复

1个回答




似乎加密数据就好了,</ p>
</ blockquote>

要调试的第一件事:你能立即</ em>解密加密页面上的加密邮件并获得相同的纯文本消息吗?</ p>


openssl_private_decrypt ()[function.openssl-private-decrypt]:key参数不是有效的私钥</ p>
</ blockquote>

您的代码包含:</ p>

< BLOCKQUOTE>

 <代码> openssl_private_decrypt($ _ POST [ “加密的”],$解密,$ _ POST [ “键”]); 
</代码> </ PRE>
</ BLOCKQUOTE>

请尝试这样做:</ p>

  $ private = openssl_pkey_get_private($ _ POST ['key']); 
openssl_private_decrypt($ _ POST [“encrypted”],$ decrypted ,$ private);
</ code> </ pre>


关于安全性的一句话</ strong>:OpenSSL的RSA加密默认设置不安全。</ p>

为了获得最佳效果,请在任何现实世界的应用程序中使用 d公钥加密,考虑切换到libsodium并使用 crypto_box_seal </ code> API 。</ p>
</ div>

展开原文

原文

It seems to encrypt the data just fine,

First thing to debug: Can you immediately decrypt your encrypted message on the encryption page and get the same plaintext message?

openssl_private_decrypt() [function.openssl-private-decrypt]: key parameter is not a valid private key

Your code contains:

openssl_private_decrypt($_POST["encrypted"],$decrypted,$_POST["key"]);

Try this instead:

$private = openssl_pkey_get_private($_POST['key']);
openssl_private_decrypt($_POST["encrypted"], $decrypted, $private);

A word about security: OpenSSL's default settings for RSA encryption are not secure.

For best results, in any real world applications that need public-key cryptography, consider switching to libsodium and just using the crypto_box_seal API instead.

Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问
相关内容推荐