|
jwe的 git: https://github.com/Spomky-Labs/jose
- <?php
- namespace Jose;
- use Jose\Factory\JWSFactory;
- use Jose\Factory\JWEFactory;
- use Jose\Factory\JWKFactory;
- use Jose\Loader;
- class fpspay
- {
- protected $_kid;
- private $_public_key;
- private $_private_key;
- public function __construct($kid)
- {
- $this->_kid = $kid;
- $jk = new JWKFactory();
- $this->_private_key = $jk->createFromKeyFile(
- __DIR__.'/cert/rsa_private_key.pem',
- null,
- array(
- 'kid' => $kid,
- 'use' => 'enc',
- 'alg' => 'RSA-OAEP-256'
- )
- );
- $this->_public_key = $jk->createFromKeyFile(
- __DIR__.'/cert/rsa_public_key.pem',
- null,
- array(
- 'kid' => $kid,
- 'use' => 'enc',
- 'alg' => 'RSA-OAEP-256'
- )
- );
- }
- public function rsa_encode($message)
- {
- $data = \GuzzleHttp\json_encode($message);
- //头签名
- $signature_header = array(
- 'alg' => 'RSA-OAEP-256',
- 'enc' => 'A256CBC-HS512',
- 'zip' => 'DEF',
- );
- $jws = JWSFactory::createJWS($data, true);
- $jws = $jws->addSignatureInformation($this->_private_key, $signature_header);
- $jws_str = serialize($jws);
- //加密内容
- $encode_header = [
- 'alg' => 'RSA-OAEP-256',//加密类型
- 'enc' => 'A128GCM',//加密方法
- 'zip' => 'DEF',
- ];
- $jwe = JWEFactory::createJWEToCompactJSON(
- $jws_str,
- $this->_public_key,
- $encode_header
- );
- return $jwe;
- }
- public function rsa_decode($message)
- {
- $loader = new Loader();
- $jwe = $loader->loadAndDecryptUsingKey(
- $message,
- $this->_private_key, // 秘钥 按照文档,这里使用dir
- ['RSA-OAEP-256'], // 秘钥加密算法 alg
- ['A128GCM'], // 内容加密算法 enc
- $result
- );
- $jwe_obj = unserialize($jwe->getPayload());
- //验证签名
- $sign = $jwe_obj->getSignatures();
- if($sign){
- $first_sign = $sign[0];
- $sign_key = $first_sign->getSignatureKey();
- //签名验证通过就返回内容
- if($this->_kid && $sign_key->get('kid') == $this->_kid){
- $result = $jwe_obj->getPayload();
- return $result;
- }
- }
- return false;
- }
- }
复制代码
demo.php :
- <?php
- $loader = require __DIR__.'/../vendor/autoload.php';
- $loader->add('Jose', __DIR__);
- use Jose\fpspay;
- $message = Array(
- "uname"=>"shaobaoer","upwd"=>"123456"
- );
- $kid = '0002';
- $fpspay = new fpspay($kid);
- $jwe_str = $fpspay->rsa_encode($message);
- echo $jwe_str;
- $jw = $fpspay->rsa_decode($jwe_str);
- var_dump(json_decode($jw,true));
复制代码
|
|