PHP Encrypt/Decrypt whith asymetrics keys

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Benoît
    #1

    PHP Encrypt/Decrypt whith asymetrics keys

    Hi,
    I have generated two keys :
    "C:>openssl req -nodes -new -x509 -keyout ben.key -out ben.crt -days
    3650"
    I try to encrypt/decrypt a string like "JOHN" with these asymetrics
    keys. With the following code, it works.
    I encrypt with the public key which is in the certificate.
    I decrypt with the private key.
    But why, the crypted message is different every time I start the
    programm...?
    _______________ _______________ _______________ ____________
    <?php
    echo "---CRYPT---<BR>";
    $source="JOHN";
    echo "Message : $source<BR>";
    $fp=fopen("./ben.crt","r");
    $pub_key=fread ($fp,8192);
    fclose($fp);
    //echo $pub_key;
    openssl_get_pub lickey($pub_key );
    openssl_public_ encrypt ($source,$sourc ecrypt,$pub_key );
    echo "Crypted message : ".$sourcecrypt. "<BR><BR>";
    $source="";


    echo "---DECRYPT---<BR>";
    echo "Crypted message : ".$sourcecrypt. "<BR>";
    $fp=fopen("./ben.key","r");
    $priv_key=fread ($fp,8192);
    fclose($fp);
    $res=openssl_ge t_privatekey($p riv_key);
    openssl_private _decrypt ($sourcecrypt,$ newsource,$res) ;
    echo "Source decryptée : $newsource<BR>< BR>";
    ?>
    _______________ _______________ _______________ ______________

    Now here is my second question :
    In fact I encrypt with a java programm where is my certificate and I
    decrypt with a PHP programm like I've just explane before.

    _______________ _______________ _______________ ______________
    public String crypt(String message) {

    //Cert is in LDAP
    Certificate cert =
    userProvider.ge tUserCertificat e(getCurrentUse rname());

    PublicKey publicKey = cert.getPublicK ey();

    try{
    Provider secProvider = Security.getPro vider("BC");
    if (secProvider == null) {
    secProvider = new BouncyCastlePro vider();
    Security.addPro vider(secProvid er);
    }
    Cipher encryptCipher = Cipher.getInsta nce("RSA", secProvider);
    encryptCipher.i nit(Cipher.ENCR YPT_MODE, publicKey);

    //Crypt...
    String resultCrypt = new String();
    byte[] messageBytes = message.getByte s();
    byte[] resultCryptByte s = encryptCipher.d oFinal(messageB ytes);
    resultCrypt = arr2str(resultC ryptBytes);

    return resultCrypt ;

    }catch(Exceptio n e){
    //throw ...
    }
    }
    _______________ _______________ _______________ _______________ ____

    Why my programm PHP can't decrypt the message? I use evidently the
    correct private key which corresponds with the public key.

    Thanks for your answers...

    Tags: None
    • Colin McKinnon
      #2
      Re: PHP Encrypt/Decrypt whith asymetrics keys

      Benoît wrote:
      [color=blue]
      > Hi,
      > I have generated two keys :
      > "C:>openssl req -nodes -new -x509 -keyout ben.key -out ben.crt -days
      > 3650"
      > I try to encrypt/decrypt a string like "JOHN" with these asymetrics
      > keys. With the following code, it works.
      > I encrypt with the public key which is in the certificate.
      > I decrypt with the private key.
      > But why, the crypted message is different every time I start the
      > programm...?[/color]

      Sounds like a good thing, particularly with short strings - the system is
      applying some reversible modification of the data before encoding to
      specifically avoid repetition, e.g. instead of:

      $encrypted=encr ypt($data, $private_key);

      the system is might be doing something like:

      $modifier=rand( 0,10000) . time();
      $data=base64_en code($data) . ":" . base64_encode($ modifier);
      $encrypted=encr ypt($data);

      (actually even I could come up with something better if I spent some time
      thinking about it - no doubt the openssl people did already).
      ....so the data is always recoverable but the encrypted message contains
      random junk which is discarded.
      [color=blue]
      >
      > Now here is my second question :
      > In fact I encrypt with a java programm where is my certificate and I
      > decrypt with a PHP programm like I've just explane before.
      >[/color]

      <snip>
      In addition to the reason cited above, openSSL may do all sorts of strange
      things to package up the encrypted data.

      I would suggest that you start by meking sure you can implement compatable
      encryption frm the command line using openSSL.exe (which I suspect will be
      straightforward ), then try to reproduce the behaviour in Java (I'm sure the
      Java newsgroups can better advise you on your Java code).

      HTH

      C.

        Comment

        Previous template Next
        Working...