function doGetCertStep2($data) { //todo s=>c enc by aes (privatekey,x509) //是否设置 if (isset($GLOBALS['CAPrivKeyStr'])) { //解密 $decryptData = RSADecrypt($data, $GLOBALS['CAPrivKeyStr']); //分割 $dataArray = preg_split("/,{1,1}/", $decryptData); $key = $dataArray[0]; $iv = $dataArray[1]; //生成证书 $newCert = requestSignCert(); //生成GUID $userGUID = create_guid(); //写入记录进入数据库 $certmodel = new certModel($userGUID, getip(), $newCert['publicX509'], ''); SQLAdopt::insert($certmodel); if (count($dataArray) == 3) { $clientIURL = $dataArray[2]; $acitveServermodel = new activeServerModel($userGUID, $clientIURL, ''); SQLAdopt::insert($acitveServermodel); } //返回数据 $returnStr = $userGUID . "," . $newCert['privateKey'] . "," . $newCert['publicX509'] . "," . getConfig_CAGUID(); //加密 echo AESEncrypt($returnStr, $key, $iv); } else { echo 'It look like is not CA'; } }
function AESEncryptOutData($targetGUID, $data) { $arr = get_ArrayAESKeyIV($targetGUID, 'out'); return AESEncrypt($data, @$arr->key, @$arr->iv); }