Create PHP RSA2 signature algorithm

What is RSA2?

RSA2 is a new signature algorithm supporting SHA256WithRSA based on the original SHA1WithRSA signature algorithm.

This algorithm has stronger security capability than SHA1WithRSA.

For the security of your application, it is highly recommended to use the signature algorithm of SHA256WithRSA.


     

Development platform algorithm name Standard signature algorithm name
Notes
RSA2 SHA256WithRSA (highly recommended), forcing RSA keys to be at least 2048 in length
RSA SHA1WithRSA There is no limit to the length of RSA key. It is recommended to use more than 2048 bits.


  
Which companies are using it?

The development platforms of some large companies, such as Alipay and Sina micro-blog.

Create private key, public key

//Generate the original RSA private key file
openssl genrsa -out rsa_private_key.pem 1024

//Convert the original RSA private key to pkcs8 format
openssl pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt -out private_key.pem

//Generate RSA public key
openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem

PHP-RSA2 signature verification

    class Rsa2
    {
        private static $PRIVATE_KEY = 'rsa_private_key.pem content';
        private static $PUBLIC_KEY  = 'rsa_public_key.pem content';

        /**
         * Get private key
         * @return bool|resource
         */
        private static function getPrivateKey()
        {
            $privKey = self::$PRIVATE_KEY;
            return openssl_pkey_get_private($privKey);
        }

        /**
         * Get public key
         * @return bool|resource
         */
        private static function getPublicKey()
        {
            $publicKey = self::$PUBLIC_KEY;
            return openssl_pkey_get_public($publicKey);
        }

        /**
         * Create signature
         * @param string $data data
         * @return null|string
         */
        public function createSign($data = '')
        {
            if (!is_string($data)) {
                return null;
            }
            return openssl_sign(
                        $data,
                        $sign,
                        self::getPrivateKey(),
                        OPENSSL_ALGO_SHA256
                      ) ? base64_encode($sign) : null;
        }

        /**
         * Verifying signature
         * @param string $data data
         * @param string $sign autograph
         * @return bool
         */
        public function verifySign($data = '', $sign = '')
        {
            if (!is_string($sign) || !is_string($sign)) {
                return false;
            }
            return (bool)openssl_verify(
                          $data,
                          base64_decode($sign),
                          self::getPublicKey(),
                          OPENSSL_ALGO_SHA256
                        );
        }
    }

 



PHP call

    require_once "Rsa2.php";
    $rsa2 = new Rsa2();

    $data = 'my data'; //String to be signed

    $strSign = $rsa2->createSign($data);      //Generate signature
    var_dump($strSign);

    $is_ok = $rsa2->verifySign($data, $sign); //Verifying signature
    var_dump($is_ok);

 



Keywords: PHP

Added by icicleman on Thu, 21 Nov 2019 18:22:31 +0200

Popular Keywords

©2024 Programming VIP