openssl_private_decrypt

(PHP 4 >= 4.0.6, PHP 5, PHP 7, PHP 8)

openssl_private_decrypt 使用私钥解密数据

说明

openssl_private_decrypt ( string $data , string &$decrypted , mixed $key , int $padding = OPENSSL_PKCS1_PADDING ) : bool
Caution

本函数并不会生成安全加密的值,不应用于加密用途。若需要安全加密的值,考虑使用 random_int()random_bytes()openssl_random_pseudo_bytes() 替代。

openssl_private_decrypt() 解密先前通过 openssl_public_encrypt() 函数加密的 data 并将结果保存至decrypted变量中。

你可以用该函数来解密只对你可用的数据。

参数

data

decrypted

key

key 必须是和用来加密数据所用公钥对应的私钥。

padding

padding 可以是如下值: OPENSSL_PKCS1_PADDING, OPENSSL_SSLV23_PADDING, OPENSSL_PKCS1_OAEP_PADDING, OPENSSL_NO_PADDING.

返回值

成功时返回 true, 或者在失败时返回 false

参见

User Contributed Notes

Anonymous 27-Mar-2021 02:33
<?php

// Generate keys in console:
// $ openssl genrsa -out private_key 8192
// $ openssl rsa -in private_key -out public_key.pem -pubout -outform PEM

// Test data
$data = 'Hello world';

// Encrypt data with public key
$publicKey = file_get_contents('public_key.pem');
$encrypted = null;

openssl_public_encrypt($data, $encrypted, $publicKey);

echo
'Encrypted data', PHP_EOL;
echo
base64_encode($encrypted), PHP_EOL;

echo
PHP_EOL;

// Decrypt data with private key
$privateKey = file_get_contents('private_key');
$decrypted = null;

openssl_private_decrypt($encrypted, $decrypted, $privateKey);

echo
'Decrypted data', PHP_EOL;
echo
$decrypted, PHP_EOL;
tjusongchao at gmail dot com 08-Apr-2015 10:45
of course you have to add the openssl extension to you php environment.
wfredkNOSPAM at L5DevelopmentNOSPAM dot com 08-Mar-2002 03:58
Encrypt using public key, decrypt using private key.

Use this to store stuff in your database: Unless someone
has your private key, the database contents are useless.

Also, use this for sending to a specific individual:  Get
their public key, encrypt the message, only they can use
their private key to decode it.

<?php
echo "Source: $source";
$fp=fopen("/path/to/certificate.crt","r");
$pub_key=fread($fp,8192);
fclose($fp);
openssl_get_publickey($pub_key);
/*
 * NOTE:  Here you use the $pub_key value (converted, I guess)
 */
openssl_public_encrypt($source,$crypttext,$pub_key);
echo
"String crypted: $crypttext";

$fp=fopen("/path/to/private.key","r");
$priv_key=fread($fp,8192);
fclose($fp);
// $passphrase is required if your key is encoded (suggested)
$res = openssl_get_privatekey($priv_key,$passphrase);
/*
 * NOTE:  Here you use the returned resource value
 */
openssl_private_decrypt($crypttext,$newsource,$res);
echo
"String decrypt : $newsource";
?>