PHP RSA key creation

前端 未结 1 1444
萌比男神i
萌比男神i 2021-01-05 15:52

I have an issue with creating/using RSA keys created and used in PHP. Problem is, that the (public AND private) keys should be exchanged between different servers (e.g. when

1条回答
  •  梦毁少年i
    2021-01-05 16:30

    No configuration (unfortunatelly). Just PHP + OpenSSL version issue. BEGIN RSA PRIVATE KEY indicates PKCS#1 format. Without RSA it's PKCS#8.

    Generate private key RSA with PKCS1 (my older post to the same problem)

    what is the differences between "BEGIN RSA PRIVATE KEY" and "BEGIN PRIVATE KEY".

    You can try phpsec library or call openssl from command line (exec()). I know it does not help you but it seems there is not good solution yet.

    Edit

    I altered your test script a little bit and tested private key format on my windows 7.

     'sha512',
        "private_key_bits" => 4096,
        "private_key_type" => OPENSSL_KEYTYPE_RSA
    ));
    $privateKey = null;
    
    openssl_pkey_export($keyPair, $privateKey);
    
    echo sprintf("PHP: %s\n", phpversion());
    echo sprintf("OpenSSL: %s\n", OPENSSL_VERSION_TEXT);
    echo sprintf("Private key header: %s\n", current(explode("\n", $privateKey)));
    

     

    PHP: 5.4.44
    OpenSSL: OpenSSL 0.9.8zf 19 Mar 2015
    Private key header: -----BEGIN RSA PRIVATE KEY-----
    
    PHP: 5.5.28
    OpenSSL: OpenSSL 1.0.1p 9 Jul 2015
    Private key header: -----BEGIN PRIVATE KEY-----
    
    PHP: 5.6.12
    OpenSSL: OpenSSL 1.0.1p 9 Jul 2015
    Private key header: -----BEGIN PRIVATE KEY-----
    

    These results reproduce default behaviour of openssl according to its changelog.

    Changes between 0.9.8n and 1.0.0 [29 Mar 2010]

    Make PKCS#8 the default write format for private keys, replacing the traditional format. This form is standardised, more secure and doesn't include an implicit MD5 dependency. [Steve Henson]

    0 讨论(0)
提交回复
热议问题