本例为app与接口之间的双向加解密demo<?php
require_once 'Aes.php';
$origin = isset($_SERVER['HTTP_ORIGIN']) ? $_SERVER['HTTP_ORIGIN'] : '';
$config = require_once 'site.php';
$allowDomain = $config['origin'];
if (in_array($origin, $allowDomain) || empty($origin)) {
header("Access-Control-Allow-Origin:" . $origin);
header("Access-Control-Allow-Credentials: true");
}
$rsaPrivateKey = $config['rsa_private_key'];
$rsaPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\n" .
wordwrap($rsaPrivateKey, 64, "\n", true) .
"\n-----END RSA PRIVATE KEY-----";
$rsaPublicKey = $config['rsa_public_key'];
$rsaPublicKey = "-----BEGIN PUBLIC KEY-----\n" .
wordwrap($rsaPublicKey, 64, "\n", true) .
"\n-----END PUBLIC KEY-----";
//$post=file_get_contents("php://input");
//print_r(json_decode($post,true));
//die();
$type = !empty($_POST['type']) ? trim($_POST['type']) : '';
$data = !empty($_POST['data']) ? trim($_POST['data']) : '';//app传递的数据(原文或密文)
//app端的参数要做urlencode处理,不然+号传过来就转成空格了;
switch ($type) {
case 0://原样返回
echo $data;
break;
case 1://app传base64_encode(aes(hello))密文,先解密再加密
$post = json_decode($data, true);
$message = ($post['message']);
$aes = new Aes($config['aes_key'], $config['aes_iv'], $config['aes_method']);
//echo base64_encode($aes->encrypt('P@ssw0rd!@#$%^&*()_-+=ចំនួនទទួលអទិថិជនក្នុងពេលតែមួយ'));die();
//SzYzYUJubU5DZTZ0UUdCclh0UzhrN1pzU1lhKzVLTVBjQWFOZWdQZm51ZUwxYW9nVGlNNzJac1l4SDgxZFMyWGdScTZ4NG85SU05SWttaklmV3FDcmNpajZDMDNzSVN3QVlhRTVWK2JuRE82TmxJZUpMU2NZNndJeGFlNEdKazRSSXhFTzlWekltbFAvSDFWWlFtbjhBPT0=
$jiemi = $aes->decrypt($message);
if (!$jiemi) {
echo json_encode([
'message' => '',
'key' => ''
]);
die();
}
//echo $jiemi;die();
$secretStr = ($aes->encrypt('success$$' . $jiemi));
echo json_encode([
'message' => $secretStr,
'key' => ''
]);
break;
case 2://app传aes+rsa(公钥)加密
$post = json_decode($data, true);
//数据:app用aes加密生成的
$message = $post['message'];
//aes的key,由app用rsa_public_key生成,用base64_encode转码
$rsaJiamiAesKey = base64_decode($post['key']);
//$rsaJiamiAesKey
openssl_private_decrypt($rsaJiamiAesKey, $aesKey, openssl_pkey_get_private($rsaPrivateKey));
//echo $aesKey;die();
// $aes = new Aes($config['aes_key'], $config['aes_iv'], $config['aes_method']);
// echo base64_encode($aes->encrypt('P@ssw0rd!@#$%^&*()_-+=ចំនួនទទួលអទិថិជនក្នុងពេលតែមួយ'));die();
//SzYzYUJubU5DZTZ0UUdCclh0UzhrN1pzU1lhKzVLTVBjQWFOZWdQZm51ZUwxYW9nVGlNNzJac1l4SDgxZFMyWGdScTZ4NG85SU05SWttaklmV3FDcmNpajZDMDNzSVN3QVlhRTVWK2JuRE82TmxJZUpMU2NZNndJeGFlNEdKazRSSXhFTzlWekltbFAvSDFWWlFtbjhBPT0=
//openssl_public_encrypt($config['aes_key'],$aaa,openssl_pkey_get_public($rsaPublicKey));
//echo base64_encode($aaa);die();
//hVYlNNbDJleZkhWbqy3L5k1nzTNW4LP8CdrI/WFxC9Xye9miRB/Qzp4jJ3b3vrVtlFcTzR0mFefNiuSVjQJoV2khQB4YsSI0Q33q48PP2ZpHhvRErjYXOgkilIr54tJq66n9909UB59A+iD1Ky06UcR3g8kPJTwnIufyZA2PRWiBueIXE5Ou78Sf4rN/wy9jKApO16ThN1KYnIMP4SVDZ4PKbDMROd7UCzXxGpmKdm8jIFNFcgBrojroaEL2SPqT0Z9cnIQyH+cvyDlZsY0YyCpmx62o285A7tT9hhGZ+aakk0NwslWzQiW0dcRdN6aZ4buWmbv7vlbY8Ed4G1j0ug==
//用解出来的key解数据
$aes = new Aes($aesKey, $config['aes_iv'], $config['aes_method']);
$message = $aes->decrypt($message);
if (!$aesKey || !$message) {
echo json_encode([
'message' => '',
'key' => ''
]);
die();
}
//echo $message;die();
//私钥加密
//@todo $config['aes_key']这个可以随机一下,提高安全性
$newKey=str_random(32);//$config['aes_key']
$aesNew = new Aes($newKey, $config['aes_iv'], $config['aes_method']);
openssl_private_encrypt($newKey, $aesKeySecret, $rsaPrivateKey);
$data = [
'message' => ($aesNew->encrypt('success$$' . $message)),
'key' => base64_encode($aesKeySecret)
];
echo json_encode($data);
break;
default:
break;
}
function str_random($len){
$str='abcdefghijklmnopqrstuvwxya1234567890';
$str=str_shuffle($str);
return substr($str,0,$len);
}
function jiajiemi($config, $type, $data)
{
$rsaPrivateKey = $config['rsa_private_key'];
$rsaPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\n" .
wordwrap($rsaPrivateKey, 64, "\n", true) .
"\n-----END RSA PRIVATE KEY-----";
$rsaPublicKey = $config['rsa_public_key'];
$rsaPublicKey = "-----BEGIN PUBLIC KEY-----\n" .
wordwrap($rsaPublicKey, 64, "\n", true) .
"\n-----END PUBLIC KEY-----";
switch ($type) {
case 1://aes加密
//[email protected]!@#$%^&*()_-+=ចំនួនទទួលអទិថិជនក្នុងពេលតែមួយ
//l7ZRPfQk0mcFHBHtu4FPWDUc6cpNXpDjL6gntDO9tC4DgfaJtmwE2FTLYlrFn7OIURiJ09MrcxYR2PCQ3IG9oVnRS0iylj5rjT0pkRqT5j6LBcC+uIhTAuOXRvSCyeWTQrlN2FcgwwwtDZHpKv65Jw==
$aes = new Aes($config['aes_key'], $config['aes_iv'], $config['aes_method']);
$secretStr = $aes->encrypt($data);
return base64_encode($secretStr);
break;
case 2://aes解密
$data = base64_decode($data);
$aes = new Aes($config['aes_key'], $config['aes_iv'], $config['aes_method']);
$secretStr = $aes->decrypt($data);
return $secretStr;
break;
case 3://aes+rsa(私钥)加密
//aes加密数据data
$aes = new Aes($config['aes_key'], $config['aes_iv'], $config['aes_method']);
$data = $aes->encrypt($data);
//rsa加密aes_public_key
//KzKthoiCV4Zfy02aJt6iHhN06alBQAp3oYWrN/nOQj7CW/eYwu3ccf9BNUXix+7fzkjKj52jfFrs2dBBc9+ANVi/LlwKZRIm1kfAfe/jHFWEoMiRwA+1x3NZXyCzIMlluaC+edZisBbfEJIDvJR6ST19rVXKF7ma/ZAcRrl+2pQ90pJaph3X9E29TO8m9LULbDorhr9UeqWuBr97zDXtyjN2yxGMMbOgUpFUZSAMxAKaaDZ5KnEfi9JbQsW81ryP4kYEY+cnkmVbL59w9mA+CAD1wDDNvZn5RFopj5gYQYys2WeDaZFhaIq0GFEfLmehu3nA6TuAW/iIv+9PMv8kZA==
openssl_private_encrypt($config['aes_key'], $aesKeySecret, $rsaPrivateKey);//私钥加密
$aesKeySecret = base64_encode($aesKeySecret);//加密后的内容通常含有特殊字符,需要编码转换下,在网络间通过url传输时要注意base64编码是否是url安全的
$data = [
'message' => 'success$$' . $data,
'key' => 'success$$' . $aesKeySecret
];
return $data;
break;
case 4://aes+rsa(公钥)解密
$post = json_decode($data, true);
$message = $post['message'];
$key = base64_decode($post['key']);
$aes = new Aes($config['aes_key'], $config['aes_iv'], $config['aes_method']);
$message = $aes->decrypt($message);
openssl_public_decrypt($key, $decrypted, openssl_pkey_get_public($rsaPublicKey));//私钥加密的由公钥解密
$data = [
'message' => $message,
'key' => $decrypted
];
return $data;
break;
case 5://aes+rsa(公钥)加密
//aes加密数据data
$aes = new Aes($config['aes_key'], $config['aes_iv'], $config['aes_method']);
$data = $aes->encrypt($data);
//rsa加密aes_public_key
//KzKthoiCV4Zfy02aJt6iHhN06alBQAp3oYWrN/nOQj7CW/eYwu3ccf9BNUXix+7fzkjKj52jfFrs2dBBc9+ANVi/LlwKZRIm1kfAfe/jHFWEoMiRwA+1x3NZXyCzIMlluaC+edZisBbfEJIDvJR6ST19rVXKF7ma/ZAcRrl+2pQ90pJaph3X9E29TO8m9LULbDorhr9UeqWuBr97zDXtyjN2yxGMMbOgUpFUZSAMxAKaaDZ5KnEfi9JbQsW81ryP4kYEY+cnkmVbL59w9mA+CAD1wDDNvZn5RFopj5gYQYys2WeDaZFhaIq0GFEfLmehu3nA6TuAW/iIv+9PMv8kZA==
openssl_public_encrypt($config['aes_key'], $aesKeySecret, $rsaPublicKey);//私钥加密
$aesKeySecret = base64_encode($aesKeySecret);//加密后的内容通常含有特殊字符,需要编码转换下,在网络间通过url传输时要注意base64编码是否是url安全的
$data = [
'message' => 'success$$' . $data,
'key' => 'success$$' . $aesKeySecret
];
return $data;
break;
case 6://aes+rsa(私钥)解密
$post = json_decode($data, true);
$message = $post['message'];
$key = base64_decode($post['key']);
$aes = new Aes($config['aes_key'], $config['aes_iv'], $config['aes_method']);
$message = $aes->decrypt($message);
openssl_private_decrypt($key, $decrypted, openssl_pkey_get_private($rsaPrivateKey));//私钥加密的由公钥解密
$data = [
'message' => $message,
'key' => $decrypted
];
return $data;
break;
default:
echo '未知类型';//|success
break;
}
}
?>