问题描述
我想使用RESTful请求头的非对称加密,以验证系统发送请求的身份:即系统A加密它的名字,时间戳和服务名称使用它在给系统B.系统的请求公钥然后B使用系统A的公钥解密,证明请求的真实性。
I want to use asymmetric encryption of headers in RESTful requests to verify the identity of the system sending the request: i e System A encrypts it's name, timestamp, and the service name using it's public key in a request to System B. System B then uses the public key of System A to decrypt, proving the authenticity of the request.
1)是否PHP-mcrypt的支持呢?
1) Does php-mcrypt support this?
2)有没有人基准这种类型的操作?
2) Has anyone benchmarked this type of operation?
推荐答案
没有,mcrypt的就是对称分组密码。
No, mcrypt is just symmetric block ciphers.
然而,PHP OpenSSL的扩展支持非对称业务。你想要的往往和的。
However the PHP OpenSSL extension supports asymmetric operations. The ones you want are openssl_sign
and openssl_verify
.
(你有轻微的术语问题 - 在非对称系统的加密的用公钥做,的解密的私人密钥; 签署的是用私钥完成,验证的公共密钥不要混淆加密或解密签名 - 虽然底层的操作往往是相似的,它是不一样的事情,而混乱可能导致不安全的实现)
(You have a slight terminology issue - in asymmetric systems, encryption is done with public keys and decryption with private keys; signing is done with private keys and verification with public keys. Do not confuse signing with encryption or decryption - although the underlying operations are often similar, it is not the same thing, and the confusion can lead to insecure implementations).
当然,你可能只是做你的REST通过SSL,使用客户证书进行身份验证。
Of course, you could just do your REST over SSL, using client certificates for authentication.
这篇关于是否支持的mcrypt非对称加密?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!