PHP Openssl_pkey_get_private()结果取决于openssl

时间:2018-06-07 12:39:33

标签: php openssl signature

更新了openssl和奇迹开始了。 两个版本的openssl给出了不同的结果。 

openssl OpenSSL support => enabled 
OpenSSL Library Version => OpenSSL **0.9.8y** 5 Feb 2013
OpenSSL Header Version => OpenSSL 0.9.8y 5 Feb 2013

openssl OpenSSL support enabled  
OpenSSL Library Version OpenSSL **1.0.1f** 6 Jan 2014  
OpenSSL Header Version OpenSSL 0.9.8y 5 Feb 2013

PHP代码:

<?
$pkeyid = openssl_pkey_get_private("file:///certificate/bank_ee/private.key" , "dkcert");

openssl_pkey_export($pkeyid, $pkeyout);
var_dump($pkeyout);

来自控制台(0.9.8y)

string(891) "-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQC3RTUIY+ACV0luhdub8BSLjeVGqKNxQ+5BwEFw1EsOSANo/2bJ
o8Wr1YO8u+cJ2vTw3dc2MHssRgIAmWeRNhjdtXj/dZv70KTXvvY1xV8asth7Cxni
I2dFzTbhc5FKkF6XvjsM83P3fjHyk0W5CvaUlqfo1I5Q/kZFf1bcXMMaCQIDAQAB
AoGBAKyXOkg6djz+IqM44AXMZCzAZkjSi4khJgE5ouc0pbI/UybQTuZZmtAl9TgJ
5Jw9XSpwYDoiEf0xuLUDwqrXvTWEetk+zPXCAZhJz+tlX1RsdJGq1Ubwj6odAham
dIYX2OwjBdrmw9MWPPNKzjQNXYUwptVAnn1nEFJFLp2wnuxZAkEA6h4zvcr7nJyN
erfE9m3/47vgpKrki3Iy+7C+GF5+auj86J5L7Pl3Rbj0WPjBha9axcrWRtpypQt2
ZG2IwZzGAwJBAMhmXHssXC7bxgz1uRWT2B647bnArAWM8z3qgIhKHVozKfIIpCMD
VzS26BQ3fEnQ02/Neg3djgnubI+4iy7JmAMCQQCqrIPp6+2MGbEmcow7Xqu6uP+m
7BKa+hDi3dFncJPWmq2tY6FUS/VAtfokVoy2ScTyBtI5aw1C9t1Dj3qwMvtDAkB6
KzT7/jogcujVI8P2rI/XguOiFxyHsbrkJx6+d3hXcdODctMlaTbzswHeuUiy83TC
tuBOrZ+W3Fwgbd+j4VAjAkEAiW5FWW4R9ixUgTrVXqOgdR+T8LNL4qMNu7x/EYkr
u1z8Pou6VhOG1+4BZaSVsoCouk3ZbG/9sK5GsHpZIoURDA==
-----END RSA PRIVATE KEY-----

来自浏览器(1.0.1f)

  

string(916)“----- BEGIN PRIVATE KEY -----   MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBALdFNQhj4AJXSW6F   25vwFIuN5Uaoo3FD7kHAQXDUSw5IA2j / ZsmjxavVg7y75wna9PDd1zYweyxGAgCZ   Z5E2GN21eP91m / vQpNe + 9jXFXxqy2HsLGeIjZ0XNNuFzkUqQXpe + Owzzc / d + MfKT   RbkK9pSWp + jUjlD + RKV / VtxcwxoJAgMBAAECgYEArJc6SDp2PP4iozjgBcxkLMBm   SNKLiSEmATmi5zSlsj9TJtBO5lma0CX1OAnknD1dKnBgOiIR / TG4tQPCqte9NYR6   2T7M9cIBmEnP62VfVGx0karVRvCPqh0CFqZ0hhfY7CMF2ubD0xY880rONA1dhTCm   1UCefWcQUkUunbCe7FkCQQDqHjO9yvucnI16t8T2bf /菊+ CkquSLcjL7sL4YXn5q   6Pzonkvs + XdFuPRY + MGFr1rFytZG2nKlC3ZkbYjBnMYDAkEAyGZceyxcLtvGDPW5   FZPYHrjtucCsBYzzPeqAiEodWjMp8gikIwNXNLboFDd8SdDTb816Dd2OCe5sj7iL   LsmYAwJBAKqsg + nr7YwZsSZyjDteq7q4 / 6bsEpr6EOLd0Wdwk9aara1joVRL9UC1   + iRWjLZJxPIG0jlrDUL23UOPerAy + 0MCQHorNPv + OiBy6NUjw / asj9eC46IXHIex uuQnHr53eFdx04Ny0yVpNvOzAd65SLLzdMK24E6tn5bcXCBt36PhUCMCQQCJbkVZ   bhH2LFSBOtVeo6B1H5Pws0viow27vH8RiSu7XPw + i7pWE4bX7gFlpJWygKi6Tdls   b / 2wrkawelkihREM ----- END PRIVATE KEY -----“

为什么呢?相同的功能,相同的参数,相同的服务器。怎么会这样?

1 个答案:

答案 0 :(得分:0)

您看到的差异是openssl版本0.9.8y中使用的PKCS#1与openssl版本1.0.1f中的PKCS#8之间的默认RSA密钥格式更改的结果。

您可以使用此命令将旧格式密钥(0.9.8)转换为新格式(1.0.1):

openssl pkcs8 -topk8 -in prkey.opensslv098y -nocrypt

反之亦然,从1.0.1到0.9.8:

openssl rsa -in prkey.opensslv101f
相关问题
最新问题