无法解密数据- openssl_private_decrypt()：key参数不是有效的私钥

Question

<?php
    ini_set('display_errors', 1);

    $config = array(
        "config" => "C:\wamp\bin\apache\Apache2.4.4\conf\openssl.cnf",
        "private_key_bits" => 2048,
        "private_key_type" => OPENSSL_KEYTYPE_RSA,
    );

    // Create the private and public key
    $res = openssl_pkey_new($config);

    if ($res === false) die('Failed to generate key pair.'."\n"); 

    if (!openssl_pkey_export($res, $privKey, "phrase", $config)) die('Failed to retrieve private key.'."\n"); 

    // Extract the private key from $res to $privKey
    openssl_pkey_export($res, $privKey, "phrase", $config);

    echo "<br/>";
    echo "Private Key = ".$privKey;
    echo "<br/>";

    // Extract the public key from $res to $pubKey
    $pubKey = openssl_pkey_get_details($res);
    $pubKey = $pubKey["key"];

    echo "<br/>";
    echo "Public Key = ".$pubKey;
    echo "<br/>";

    $data = 'plaintext data goes here';

    // Encrypt the data to $encrypted using the public key
    openssl_public_encrypt($data, $encrypted, $pubKey);
    echo "<br/>";
    echo "Encrypted Data = ".$encrypted;
    echo "<br/>";

    // Decrypt the data using the private key and store the results in $decrypted
    openssl_private_decrypt($encrypted, $decrypted, $privKey);

    echo "<br/>";
    echo "Decrypted Data = ".$decrypted;
    echo "<br/>";
?>

日志

私钥=-开始加密私钥- MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIr2acPfh8YYQCAggA MBQGCCqGSIb3DQMHBAiCvohdiWAZ4QSCBMjKJUXF5ShKfW3TazpKYTxEV8JmGYLf AJWXzxdi0GrDuddz4aW1FeGwvUm2t/41CTxFsWtgoQJrzCgAQETn54majdrDeF4u zCmvFMKSoVP4xsZKke15e1K1LPmFNNuKKyCqMwL+tpQJ7zquvDTKHapUnNzfNXpZ D2K1r2qZWeDN1d36DA9wkN5GbpZYAjuHqHUNzorhxIbHGp2WOg8YKdemoTuKIqYC DUKncWtxRUOx6IIZuey+uTBzH7Bn9K9a71QTjUdeWgQZFzy9yVpetB+XrJA92IWt vMeKXCXNhOgkOvkUPNXSuMOVrECNcbKDAKxmK3EQWqb+8zlYFqjmaL/sCep8ihio 1ZWpRaOd5HxnG5rpmz/BYzcF354mM8B4wAIk7MmFq/pHSKLjpr+2Ef1BpMmXfRpG Pj1jYDClSIQF6ovKOqhevFwfYrtl2jEOISyAggm/sbD750VBkwhbVAyQcarckAiI GlNcQPOC+JYZOV7o/9o+Tg24zwtAQ8y3hNvYyHjqYI5naVS9yuXEqB6zYoGivs/k bIblqTFebLEFtihjsa9wpXkyNzKD2NvdSa2oNC7IkCNi8TRNjy7MLylSmCIdhWAV YgL1hxShMgbnfiGjFQyYnKzZto9RqRlQBIoBOCfwP1EFnZjCJm02CCeGR+GHKXf7 rJ0n6lIUEvVnENirAPtOuiE2ccbzmyjWQ9f2vwBSUea5nPTMG4uTVHrQjrgNYIyU +vLV6tL+MDKF4JGQGgzBUeqTMobmrOK+V20QIasYaAWHJrL8itBwZ++C8lo7kySa SImMXakI4rjgEmj+HmUJygT1EZWz5yQqOiwAYLhQZg+m6+32Pvt6mIrAXbznrdHP JxHb/9HV88mQdRKPBTkSTl71Ics+3oybYPbhSQByXOdtsw6VLYNo4ikgj3tXCz01 DwVQqeQ5tLD4LY8/QaAHkOUq9K24yfkcN+aQh7cvR/HX53Ls6LsdUwkwSOWVj2na DwVQqeQ5tLD4LY8/QaAHkOUq9K24yfkcN+aQh7cvR/HX53Ls6LsdUwkwSOWVj2na JxHb/9HV88mQdRKPBTkSTl71Ics+3oybYPbhSQByXOdtsw6VLYNo4ikgj3tXCz01 JxHb/9HV88mQdRKPBTkSTl71Ics+3oybYPbhSQByXOdtsw6VLYNo4ikgj3tXCz01 JxHb/9HV88mQdRKPBTkSTl71Ics+3oybYPbhSQByXOdtsw6VLYNo4ikgj3tXCz01+vLV6tL+MDKF4JGQGgzBUeqTMobmrOK+V20QIasYaAWHJrL8itBwZ++C8lo7kySa SImMXakI4rjgEmj+HmUJygT1EZWz5yQqOiwAYLhQZg+m6+32Pvt6mIrAXbznrdHP JxHb/9HV88mQdRKPBTkSTl71Ics+3oybYPbhSQByXOdtsw6VLYNo4ikgj3tXCz01+vLV6tL+MDKF4JGQGgzBUeqTMobmrOK+V20QIasYaAWHJrL8itBwZ++C8lo7kySa SImMXakI4rjgEmj+HmUJygT1EZWz5yQqOiwAYLhQZg+m6+32Pvt6mIrAXbznrdHP JxHb/9HV88mQdRKPBTkSTl71Ics+3oybYPbhSQByXOdtsw6VLYNo4ikgj3tXCz01+vLV6tL+MDKF4JGQGgzBUeqTMobmrOK+V20QIasYaAWHJrL8itBwZ++C8lo7kySa SImMXakI4rjgEmj+HmUJygT1EZWz5yQqOiwAYLhQZg+m6+32Pvt6mIrAXbznrdHP JxHb/9HV88mQdRKPBTkSTl71Ics+3oybYPbhSQByXOdtsw6VLYNo4ikgj3tXCz01+vLV6tL+MDKF4JGQGgzBUeqTMobmrOK+V20QIasYaAWHJrL8itBwZ++C8lo7kySa SImMXakI4rjgEmj+HmUJygT1EZWz5yQqOiwAYLhQZg+m6+32Pvt6mIrAXbznrdHP JxHb/9HV88mQdRKPBTkSTl71Ics+3oybYPbhSQByXOdtsw6VLYNo4ikgj3tXCz01 JxHb/9HV88mQdRKPBTkSTl71Ics+3oybYPbhSQByXOdtsw6VLYNo4ikgj3tXCz01 JxHb/9HV88mQdRKPBTkSTl71Ics+3oybYPbhSQByXOdtsw6VLYNo4ikgj3tXCz01 nQ3zHDSYmRDKmTXBjCob3Vjg91LcMjg9dEH7aIFWit5dHK4ll/v1IiOFx8d4d/mV END 20 en22 en24 en26#-最终加密的私钥 公钥=-开始公钥- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriS8qflAjYSYhH2qgC5T yf98X1qoLMXIW9mMkhV8LcApBKOfNjUMc9xjD3a8CR/LYwa4MYhevoKcVfPG8XoE sDGyHh+h/vtYP0rORB1T3RULVUzDLjX558e2KqPrSN+rV+Jl1NB0SO5Of3JA+AKa 0Q3botcjOM3WuFa/s+RzsiCrMMhzOZSTBj+GTP/VcDipF5PM7+/Lxr+edjRXccT2 WQjsq0sUrtsmpzBE8Niph361RjfIisxKoksQGs7hC/Iv4yhBzZZIpRaZuvDj4ImP +4sUQgbdVVCso122kg34UtY5qchuSCcJfsGbD2zMw+8ZftIsJ7dfX1FxujgggDyn 0 0wIDAQAB

Encrypted Data = Uš6/ùÅËæÝmL4²G¾'gr¨Ñ­Ä‰ï‚zêbÀ)[îR0s‹yÝ`t™õ°Þe­Ïd>×o¯rß9ÌÔÅAü!-†D·¨ÎVZ¼?¶éžäýöaØT~=‚Fan¢ºq{M”ƒ¹Cû5N3¹.Ð(·#*ÏRƹñß÷õƒ_ò9c-Ÿ% ×óè2Ꙃõ“ÂÐgNÈ-ˆd«…ºt§¼Ô}yŠ"7èPš(¶R¤ßJÚ_h¶ðÞK(Cj“7‘Y ÀŠþrôZƒ4)JU•˜„üˆ k0â§Êë^ÚºGÚªúVKø†ë8ÏLÚó  „Ÿ¦¿¤

( ! ) Warning: openssl_private_decrypt(): key parameter is not a valid private key in C:\wamp\www\android\pki_example.php on line 41
Call Stack
#   Time    Memory  Function    Location
1   0.0020  252696  {main}( )   ..\pki_example.php:0
2   0.2043  258032  openssl_private_decrypt ( ) ..\pki_example.php:41

Decrypted Data = 

Answer 1

// Decrypt the data using the private key and store the results in $decrypted
openssl_private_decrypt($encrypted, $decrypted, openssl_pkey_get_private($privKey, "phrase"));

echo "<br/>";
echo "Decrypted Data = ".$decrypted;
echo "<br/>";

openssl_private_decrypt函数可以使用PEM格式的私钥，但是您的密钥是加密的，而且该函数没有密码参数。您必须使用openssl_pkey_get_private代替。

Answer 2

不知道原因是什么。我想有人可以用确切的理由编辑这个。

当我在一行中使用私钥时，它会给出问题中提到的上述错误。但是，当我使用相同的私钥，将它分割成几行(每行64个字符)时，它就能工作了。这样就不需要使用openssl_pkey_get_private($privKey, "phrase")函数了。实际上我的私钥没有密码。

Answer 3

--请使用下面的代码

  // Create the keypair
    $privatefile = "data/privatekey.pem";
    $publicfile = "data/publickey.pem";
    $cleartextfile = "data/cleartext";
    $res = openssl_pkey_new();
    if (!$res) {
        echo "\nopenssl_pkey_new: " . openssl_error_string();
    }

    // Get private key
    openssl_pkey_export($res, $privatekey);
    if (!$privatekey) {
        echo "\nopenssl_pkey_export: " . openssl_error_string();
    }
    file_put_contents($privatefile, $privatekey);

    // Get public key
    $pkeydetails = openssl_pkey_get_details($res);
    if (!$pkeydetails) {
        echo "\nopenssl_pkey_get_details: " . openssl_error_string();
    }
    $publickey = $pkeydetails["key"];
    file_put_contents($publicfile, $publickey);
  // For getting Decrypted password
   $postedPassord= $_POST['password'];
    openssl_private_decrypt(base64_decode($postedPassord), 
     $decryptPassword, $privatekey);