"sha512", 'private_key_bits' => 4096, 'private_key_type' => OPENSSL_KEYTYPE_RSA, ]; $resources = openssl_pkey_new($config); openssl_pkey_export($resources, $private_key, null, $config); $public_key = openssl_pkey_get_details($resources); if (empty($private_key) || empty($public_key)) return error(-1, 'API_SECRET_KEY_CREATE_ERROR'); $data = [ 'public_key' => $public_key['key'], 'private_key' => $private_key ]; return success(0, '', $data); } /** * 私钥解密 * @param string $encrypted * @param string $private_key */ public static function decrypt($encrypted, $private_key, $public_key){ $private_check = openssl_pkey_get_private($private_key); if (!$private_check) return error(-1, 'PRIVATE_KEY_ERROR'); $public_check = openssl_pkey_get_public($public_key); if (!$public_check) return error(-1, 'PUBLIC_KEY_ERROR'); $details = openssl_pkey_get_details($public_check); $bits = $details['bits']; $decrypted = ''; $base64_decoded = self::safe_base64_decode($encrypted); // 分段解密 $parts = str_split($base64_decoded, ($bits / 8)); foreach ($parts as $part) { $decrypted_temp = ''; $decrypt_res = openssl_private_decrypt($part, $decrypted_temp, $private_key); if (!$decrypt_res) return error(-1, 'DECRYPT_FAIL'); $decrypted .= $decrypted_temp; } return success(0, '', $decrypted); } /** * base64解码 * @param unknown $string */ private static function safe_base64_decode($string){ $base_64 = str_replace(array( '-', '_' ), array( '+', '/' ), $string); return base64_decode($base_64); } }