php openssl,vps 吧,vps绑定域名,vpswindows俄罗斯,VPS升级后的DNS设置

🗣 Wd提问: php openssl

🤖 Ai回答:
PHP OpenSSL refers to the OpenSSL extension in PHP, which provides functions for generating and verifying digital certificates, encrypting/decrypting data, signing messages, and working with public/private key cryptography.

✅ Requirements

To use OpenSSL in PHP:

1、Enable the OpenSSL extension:
In `php.ini`, ensure this line is uncommented:
ini
extension=openssl

On Linux/macOS: May require installing `php-openssl` or similar package.
Restart your web server (Apache/Nginx) after enabling.

2、Verify installation:
php
<?php
if (extension_loaded('openssl')) {
echo OpenSSL is enabled!;
} else {
echo OpenSSL is NOT enabled.;
}
?

🔑 Common Use Cases & Examples

1、Generate a Private/Public Key Pair

php
<?php
$config = [
digest_alg = sha256,
private_key_bits = 2048,
private_key_type = OPENSSL_KEYTYPE_RSA,
];

// Generate private key
$privateKey = openssl_pkey_new($config);

// Extract public key
$publicKey = openssl_pkey_get_details($privateKey)['key'];

// Export private key to string
openssl_pkey_export($privateKey, $privateKeyStr);

echo Private Key:\n 、$privateKeyStr 、\n;
echo Public Key:\n 、$publicKey 、\n;
?

2、Encrypt Data with Public Key, Decrypt with Private Key

php
<?php
$data = Secret message;

// Encrypt with public key
openssl_public_encrypt($data, $encrypted, $publicKey);
$encryptedBase64 = base64_encode($encrypted);

// Decrypt with private key
$encrypted = base64_decode($encryptedBase64);
openssl_private_decrypt($encrypted, $decrypted, $privateKeyStr);

echo Original: 、$data 、\n;
echo Encrypted (base64): 、$encryptedBase64 、\n;
echo Decrypted: 、$decrypted 、\n;
?

3、Sign Data and Verify Signature

php
<?php
$data = Data to sign;

// Sign with private key
openssl_sign($data, $signature, $privateKeyStr, OPENSSL_ALGO_SHA256);
$signatureBase64 = base64_encode($signature);

// Verify with public key
$signature = base64_decode($signatureBase64);
$isValid = openssl_verify($data, $signature, $publicKey, OPENSSL_ALGO_SHA256);

echo Signature valid: 、($isValid === 1 ? 'Yes' : 'No') 、\n;
?

4、Generate CSR (Certificate Signing Request)

php
<?php
$dn = [
countryName = US,
stateOrProvinceName = California,
localityName = San Francisco,
organizationName = My Company,
organizationalUnitName = IT Department,
commonName = 65.hk,
emailAddress = admin@65.hk
];

$csr = openssl_csr_new($dn, $privateKey, $config);
openssl_csr_export($csr, $csrStr);

echo CSR:\n 、$csrStr;
?

5、SSL/TLS Certificate Info from URL

php
<?php
$context = stream_context_create(['ssl' = ['capture_peer_cert' = true]]);
$stream = stream_socket_client(ssl://www.google.com:443, $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $context);
$params = stream_context_get_params($stream);
$cert = $params['options']['ssl']['peer_certificate'];

print_r(openssl_x509_parse($cert));
?

📌 Important Notes

Always handle keys securely — never expose private keys.
Use strong algorithms: Prefer RSA 2048+ bits, SHA-256/SHA-512.
For symmetric encryption, consider `openssl_encrypt()` / `openssl_decrypt()` with AES.
OpenSSL functions may return `false` on error — always check return values!

🧩 Symmetric Encryption Example (AES-256-CBC)

php
<?php
$data = Sensitive data;
$key = openssl_random_pseudo_bytes(32); // 256-bit key
$iv = openssl_random_pseudo_bytes(16); // 128-bit IV

// Encrypt
$encrypted = openssl_encrypt($data, 'AES-256-CBC', $key, 0, $iv);
$encryptedBase64 = base64_encode($encrypted 、'::' 、$iv);

// Decrypt
list($encryptedData, $iv) = explode('::', base64_decode($encryptedBase64), 2);
$decrypted = openssl_decrypt($encryptedData, 'AES-256-CBC', $key, 0, $iv);

echo Encrypted: 、$encryptedBase64 、\n;
echo Decrypted: 、$decrypted 、\n;
?

⚠️ Never use static IVs in production — always generate random IV per encryption and store/transmit it with ciphertext.

📘 Official Docs

🔗 [PHP Manual: OpenSSL Functions](https://www.php.net/manual/en/book.openssl.php)

Let me know if you want examples for:

Creating self-signed certificates
Reading `.pem` or `.crt` files
JWT signing/verification
TLS client/server contexts

Happy coding! 🔐

Ai作答

📣 商家广告：