PHP中使用OpenSSL生成证书及加密解密

依赖于OpenSSL扩展

    /*加密解密*/
    function authcode($string, $operation = 'E') {
      $ssl_public = file_get_contents(DATA_PATH."/conf/cert_public.key");
      $ssl_private = file_get_contents(DATA_PATH."/conf/cert_private.pem");
      $pi_key = openssl_pkey_get_private($ssl_private);//这个函数可用来判断私钥是否是可用的，可用返回资源id Resource id
      $pu_key = openssl_pkey_get_public($ssl_public);//这个函数可用来判断公钥是否是可用的
      if(false == ($pi_key || $pu_key)) return '证书错误';
      $data = "";
      if($operation=='D'){
        openssl_private_decrypt(base64_decode($string),$data,$pi_key);//私钥解密
      }else{
        openssl_public_encrypt($string,$data,$pu_key);//公钥加密
        $data = base64_encode($data);
      }
      return $data;
    }
    /*生成证书*/
    function exportOpenSSLFile(){
      $config = array(
        "digest_alg"    => "sha512",
        "private_key_bits" => 4096,           //字节数  512 1024 2048  4096 等
        "private_key_type" => OPENSSL_KEYTYPE_RSA,   //加密类型
      );
      $res = openssl_pkey_new($config);
      if($res == false) return false;
      openssl_pkey_export($res, $private_key);
      $public_key = openssl_pkey_get_details($res);
      $public_key = $public_key["key"];
      file_put_contents(DATA_PATH."/conf/cert_public.key",$public_key);
      file_put_contents(DATA_PATH."/conf/cert_private.pem",$private_key);
      openssl_free_key($res);
    }

更多关于OpenSS的文章可以查看下面的相关文章