Beispiel #1
0
function doGetCertStep4($data)
{
    //解密
    $decryptData = RSADecrypt($data, $GLOBALS['CAPrivKeyStr']);
    //分割
    $usercert = SQLAdopt::getOne(new certModel($decryptData, '', '', ''));
    if (!empty($usercert)) {
        $keyII = md5(uniqid(mt_rand(), true));
        $ivII = md5(uniqid(mt_rand(), true));
        $_SESSION['AESKEY'] = $keyII;
        $_SESSION['AESIV'] = $ivII;
        save_AESKeyIV($decryptData, $keyII, $ivII, 'in');
        save_AESKeyIV($decryptData, $keyII, $ivII, 'out');
        echo RSAEncrypt($keyII . ',' . $ivII, $usercert->x509);
    } else {
        echo 'noEncrypt';
    }
}
Beispiel #2
0
function getCertFromCA($CAinterface = null, $CAPem = null)
{
    if (empty(getConfig_TempAESiv())) {
        setConfig_TempAESiv(create_RandomString());
    }
    if (empty(getConfig_TempAESKey())) {
        setConfig_TempAESKey(create_RandomString());
    }
    if (empty($CAinterface)) {
        $CAinterface = getConfig_CAIntertfaceURL();
    }
    if (empty($CAinterface)) {
        return 'CAinterface is empty';
    }
    if (empty($CAPem)) {
        $CAPem = getConfig_PublicX509FromCA();
    }
    if (empty($CAPem)) {
        return 'PublicX509FromCA is empty';
    }
    $getstr = DataTransport::go($CAinterface, 'action=doGetCertStep2&data=' . RSAEncrypt(getConfig_TempAESKey() . ',' . getConfig_TempAESiv() . "," . getConfig_SelfIntertfaceURL(), $CAPem));
    //getstr原型$returnStr=$userGUID.",".$newCert['privateKey'].",".$newCert['publicX509'];
    $decryptGetStr = AESDecrypt($getstr, getConfig_TempAESKey(), getConfig_TempAESiv());
    $arr = splitByComma($decryptGetStr);
    if (count($arr) == 4) {
        setConfig_SelfGUID($arr[0]);
        setConfig_SelfPrivateKey($arr[1]);
        setConfig_SelfPublicX509($arr[2]);
        setConfig_CAGUID($arr[3]);
        save_AESKeyIV(getConfig_CAGUID(), getConfig_TempAESKey(), getConfig_TempAESiv(), 'in');
        save_AESKeyIV(getConfig_CAGUID(), getConfig_TempAESKey(), getConfig_TempAESiv(), 'out');
        return true;
    } else {
        return 'error';
    }
}