openssl_pkey_new

(PHP 4 >= 4.2.0, PHP 5)

openssl_pkey_new — Generates a new private key

说明

resource openssl_pkey_new ([ array $configargs ] )

openssl_pkey_new() generates a new private and public key pair. The public component of the key can be obtained using openssl_pkey_get_public().

Note: 必须安装有有效的 openssl.cnf 以保证此函数正确运行. 参考安装的注释以获得更多信息.

参数

configargs: You can finetune the key generation (such as specifying the number of bits) using configargs. See openssl_csr_new() for more information about configargs.

返回值

Returns a resource identifier for the pkey on success, or FALSE on error.

PHP手册 - N: Generates a new private key

用户评论:

jthijssen at notloxic dot nl (11-Feb-2011 02:17)

If you want to change the default private key size (1024) too something else you can use the following code: <?php $config = array('private_key_bits' => 512); $privKey = openssl_pkey_new($config); ?> Mind though that the minimum number of bits is 384. Any lower will trigger an error.

Brad (02-Apr-2008 08:17)

It's easier than all that, if you just want the keys: <?php // Create the keypair $res=openssl_pkey_new(); // Get private key openssl_pkey_export($res, $privkey); // Get public key $pubkey=openssl_pkey_get_details($res); $pubkey=$pubkey["key"]; ?>

NOSPAM dot alchaemist at hiperlinux dot com dot ar (30-May-2004 08:17)

As you probably found, getting the public key is not as direct as you might think with this documentation. You can easily get into messages like: Warning: openssl_pkey_get_public(): Don't know how to get public key from this private key (the documentation lied) in D:\www\keys.php on line 4 The correct steps to get the whole thing seem to be these: <? $dn = array("countryName" => 'XX', "stateOrProvinceName" => 'State', "localityName" => 'SomewhereCity', "organizationName" => 'MySelf', "organizationalUnitName" => 'Whatever', "commonName" => 'mySelf', "emailAddress" => 'user@domain.com'); $privkeypass = '1234'; $numberofdays = 365; $privkey = openssl_pkey_new(); $csr = openssl_csr_new($dn, $privkey); $sscert = openssl_csr_sign($csr, null, $privkey, $numberofdays); openssl_x509_export($sscert, $publickey); openssl_pkey_export($privkey, $privatekey, $privkeypass); openssl_csr_export($csr, $csrStr); echo $privatekey; // Will hold the exported PriKey echo $publickey; // Will hold the exported PubKey echo $csrStr; // Will hold the exported Certificate ?> Now all you need to do is to make some research on each individual function.