PHP中RSA加密与解密及签名与验证

最简单的方法一般都是用open_ssl扩展来实现，但有些情况下只能用原生的RSA算法来实现，比如公钥文件只提供了m和e的值。不知道有没有方法可以由m和e值生成相应的cer证书文件？搜了一番无果。。。

需要用到的额外库：

BigInteger.php，这里有下载-http://pear.php.net/package/Math_BigInteger。也可以直接用pear安装：pear install Math_BigInteger

RSA.php，RSA加解密库，代码较多，就不贴了，可搜索下载。

这里主要演示下怎么用：

require 'BigInteger.php';

require 'RSA.php';

if(!function_exists('hex2bin')) {

function hex2bin($h){

if (!is_string($h)) return null;

$r='';

for ($a=0; $a $r.=chr(hexdec($h{$a}.$h{($a+1)}));

}

return $r;

}

}

$message='plainText';

$public_key=65537;

$modulus='BB757E33FFBB4E1410856789ABEB841E33728A1647734BD357F3476DD9444DB595CF965A19AE2B56A8BA6B4259874C4E3CAA3157BFBE4B36086E04FACB8E17B822CEE8ADB97F3E55D13C0F97054177685400541C3A87D7B3E950606C8C649BEAA59E1A5423298D0C4D430077E7C251A8C5BE595AB10B168B45F3B9C31BECEE79';

$p = '61d46d6a81b9a483c0237ee7503b7715b3cfc0d4e3b0fe0f6bc4e0b0294506310fdfe81d596d95dc81edd7f0267cff8b8d095cfae86c4d2003c23703139c322fd8038bb8320bf9dd2b67363a81401fa96dd91660c1ac9b7d5d224763b003d8b4f8a13d09aeaa6f38bb9c925a9e084ce2c3e5e7bfff4d078a96a716f7f0c8bca9';

$keylength=1024;

$modulus_16 = new Math_BigInteger($modulus,16);

$mend = $modulus_16->toString();

$p_16 = new Math_BigInteger($p,16);

$private_key = $p_16->toString();

//加密

$result = rsa_encrypt(md5($message), $public_key, $mend, $keylength);

echo '原始信息：' . md5($message) . '

';

echo '加密结果：' . bin2hex($result) . '

';

//解密

$d = rsa_decrypt($result, $private_key, $mend, $keylength);

echo '解密结果：' . $d . "

";

//签名

$s = rsa_sign(md5($message), $private_key, $mend, $keylength);

echo '签名结果：' . bin2hex($s) . '

';

$result = rsa_verify($s, $public_key, $mend, $keylength);

echo '验证结果：' . $result . '

';

输出结果如下：

原始信息：e3b3d28c2389af60776cf20de998f1a4

加密结果：2b380518e5da216c16fb82680339b223b8ef9de8d254209c2e79eb7062ca0121d18ab0fd8fab8715b643aa86d47009ea81ba2e176e8c41b0fda2bfcd8205d931e030052de27c4c894948e945df983b730be8d2a71ab5afd1edb1382e83fb248c022ca1ad7d94d04b7e5759814c3cfe50267ff9955b1993354833f0a949e277bc

解密结果：e3b3d28c2389af60776cf20de998f1a4

签名结果：0be608ff4840d0f60b282c4bb546fa1de64a1ccce456d8f1f1c599a6a5cd1563cb0d79ef7e148dec6af17406f6cf6d4f3888bdcef3c27f5cd9c36f8ebd60a9208de82028147afc7f44a164aff39b4c84ebfda3fec66171d1e6e260544b0878507e17982e17199e0f626f1da78fde441cd3edb0fec15666b797bfaaab167c3047

验证结果：e3b3d28c2389af60776cf20de998f1a4

附录：

用openssl生成RSA KEY

OpenSSL> genrsa -out study.key 1024

Generating RSA private key, 1024 bit long modulus

....++++++

...........++++++

e is 65537 (0x10001)

OpenSSL> rsa -in study.key -noout -modulus

Modulus=BB757E33FFBB4E1410856789ABEB841E33728A1647734BD357F3476DD9444DB595CF965A

19AE2B56A8BA6B4259874C4E3CAA3157BFBE4B36086E04FACB8E17B822CEE8ADB97F3E55D13C0F97

054177685400541C3A87D7B3E950606C8C649BEAA59E1A5423298D0C4D430077E7C251A8C5BE595A

B10B168B45F3B9C31BECEE79

OpenSSL> rsa -in study.key -text -noout

Private-Key: (1024 bit)

modulus:

00:bb:75:7e:33:ff:bb:4e:14:10:85:67:89:ab:eb:

84:1e:33:72:8a:16:47:73:4b:d3:57:f3:47:6d:d9:

44:4d:b5:95:cf:96:5a:19:ae:2b:56:a8:ba:6b:42:

59:87:4c:4e:3c:aa:31:57:bf:be:4b:36:08:6e:04:

fa:cb:8e:17:b8:22:ce:e8:ad:b9:7f:3e:55:d1:3c:

0f:97:05:41:77:68:54:00:54:1c:3a:87:d7:b3:e9:

50:60:6c:8c:64:9b:ea:a5:9e:1a:54:23:29:8d:0c:

4d:43:00:77:e7:c2:51:a8:c5:be:59:5a:b1:0b:16:

8b:45:f3:b9:c3:1b:ec:ee:79

publicExponent: 65537 (0x10001)

privateExponent:

61:d4:6d:6a:81:b9:a4:83:c0:23:7e:e7:50:3b:77:

15:b3:cf:c0:d4:e3:b0:fe:0f:6b:c4:e0:b0:29:45:

06:31:0f:df:e8:1d:59:6d:95:dc:81:ed:d7:f0:26:

7c:ff:8b:8d:09:5c:fa:e8:6c:4d:20:03:c2:37:03:

13:9c:32:2f:d8:03:8b:b8:32:0b:f9:dd:2b:67:36:

3a:81:40:1f:a9:6d:d9:16:60:c1:ac:9b:7d:5d:22:

47:63:b0:03:d8:b4:f8:a1:3d:09:ae:aa:6f:38:bb:

9c:92:5a:9e:08:4c:e2:c3:e5:e7:bf:ff:4d:07:8a:

96:a7:16:f7:f0:c8:bc:a9