Git小技巧 »

« 测试驱动开发（TDD）For PHP

最简单的方法一般都是用open_ssl扩展来实现，但有些情况下只能用原生的RSA算法来实现，比如公钥文件只提供了m和e的值。不知道有没有方法可以由m和e值生成相应的cer证书文件？搜了一番无果。。。
需要用到的额外库：
BigInteger.php，这里有下载-http://pear.php.net/package/Math_BigInteger。也可以直接用pear安装：pear install Math_BigInteger
RSA.php，RSA加解密库，代码较多，就不贴了，可搜索下载。
这里主要演示下怎么用：
[CODE=php]
require 'BigInteger.php';
require 'RSA.php';

if(!function_exists('hex2bin')) {
function hex2bin($h){
if (!is_string($h)) return null;
$r='';
for ($a=0; $a $r.=chr(hexdec($h{$a}.$h{($a+1)}));
}
return $r;
}
}

$message='plainText';
$public_key=65537;
$modulus='BB757E33FFBB4E1410856789ABEB841E33728A1647734BD357F3476DD9444DB595CF965A19AE2B56A8BA6B4259874C4E3CAA3157BFBE4B36086E04FACB8E17B822CEE8ADB97F3E55D13C0F97054177685400541C3A87D7B3E950606C8C649BEAA59E1A5423298D0C4D430077E7C251A8C5BE595AB10B168B45F3B9C31BECEE79';
$p = '61d46d6a81b9a483c0237ee7503b7715b3cfc0d4e3b0fe0f6bc4e0b0294506310fdfe81d596d95dc81edd7f0267cff8b8d095cfae86c4d2003c23703139c322fd8038bb8320bf9dd2b67363a81401fa96dd91660c1ac9b7d5d224763b003d8b4f8a13d09aeaa6f38bb9c925a9e084ce2c3e5e7bfff4d078a96a716f7f0c8bca9';
$keylength=1024;

$modulus_16 = new Math_BigInteger($modulus,16);
$mend = $modulus_16->toString();

$p_16 = new Math_BigInteger($p,16);
$private_key = $p_16->toString();
//加密
$result = rsa_encrypt(md5($message), $public_key, $mend, $keylength);
echo '原始信息：' . md5($message) . '
';
echo '加密结果：' . bin2hex($result) . '
';
//解密
$d = rsa_decrypt($result, $private_key, $mend, $keylength);
echo '解密结果：' . $d . "

---

";

//签名
$s = rsa_sign(md5($message), $private_key, $mend, $keylength);
echo '签名结果：' . bin2hex($s) . '
';
$result = rsa_verify($s, $public_key, $mend, $keylength);
echo '验证结果：' . $result . '
';
[/CODE]
输出结果如下：

原始信息：e3b3d28c2389af60776cf20de998f1a4
加密结果：2b380518e5da216c16fb82680339b223b8ef9de8d254209c2e79eb7062ca0121d18ab0fd8fab8715b643aa86d47009ea81ba2e176e8c41b0fda2bfcd8205d931e030052de27c4c894948e945df983b730be8d2a71ab5afd1edb1382e83fb248c022ca1ad7d94d04b7e5759814c3cfe50267ff9955b1993354833f0a949e277bc
解密结果：e3b3d28c2389af60776cf20de998f1a4
签名结果：0be608ff4840d0f60b282c4bb546fa1de64a1ccce456d8f1f1c599a6a5cd1563cb0d79ef7e148dec6af17406f6cf6d4f3888bdcef3c27f5cd9c36f8ebd60a9208de82028147afc7f44a164aff39b4c84ebfda3fec66171d1e6e260544b0878507e17982e17199e0f626f1da78fde441cd3edb0fec15666b797bfaaab167c3047
验证结果：e3b3d28c2389af60776cf20de998f1a4

附录：
用openssl生成RSA KEY

OpenSSL> genrsa -out study.key 1024
Generating RSA private key, 1024 bit long modulus
....++++++
...........++++++
e is 65537 (0x10001)
OpenSSL> rsa -in study.key -noout -modulus
Modulus=[FONT-COLOR=Red]BB757E33FFBB4E1410856789ABEB841E33728A1647734BD357F3476DD9444DB595CF965A
19AE2B56A8BA6B4259874C4E3CAA3157BFBE4B36086E04FACB8E17B822CEE8ADB97F3E55D13C0F97
054177685400541C3A87D7B3E950606C8C649BEAA59E1A5423298D0C4D430077E7C251A8C5BE595A
B10B168B45F3B9C31BECEE79[/FONT-COLOR]
OpenSSL> rsa -in study.key -text -noout
Private-Key: (1024 bit)
modulus:
00:bb:75:7e:33:ff:bb:4e:14:10:85:67:89:ab:eb:
84:1e:33:72:8a:16:47:73:4b:d3:57:f3:47:6d:d9:
44:4d:b5:95:cf:96:5a:19:ae:2b:56:a8:ba:6b:42:
59:87:4c:4e:3c:aa:31:57:bf:be:4b:36:08:6e:04:
fa:cb:8e:17:b8:22:ce:e8:ad:b9:7f:3e:55:d1:3c:
0f:97:05:41:77:68:54:00:54:1c:3a:87:d7:b3:e9:
50:60:6c:8c:64:9b:ea:a5:9e:1a:54:23:29:8d:0c:
4d:43:00:77:e7:c2:51:a8:c5:be:59:5a:b1:0b:16:
8b:45:f3:b9:c3:1b:ec:ee:79
publicExponent: [FONT-COLOR=Red]65537 (0x10001)[/FONT-COLOR]
privateExponent:
[FONT-COLOR=Red]61:d4:6d:6a:81:b9:a4:83:c0:23:7e:e7:50:3b:77:
15:b3:cf:c0:d4:e3:b0:fe:0f:6b:c4:e0:b0:29:45:
06:31:0f:df:e8:1d:59:6d:95:dc:81:ed:d7:f0:26:
7c:ff:8b:8d:09:5c:fa:e8:6c:4d:20:03:c2:37:03:
13:9c:32:2f:d8:03:8b:b8:32:0b:f9:dd:2b:67:36:
3a:81:40:1f:a9:6d:d9:16:60:c1:ac:9b:7d:5d:22:
47:63:b0:03:d8:b4:f8:a1:3d:09:ae:aa:6f:38:bb:
9c:92:5a:9e:08:4c:e2:c3:e5:e7:bf:ff:4d:07:8a:
96:a7:16:f7:f0:c8:bc:a9[/FONT-COLOR]