By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
425,763 Members | 1,609 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 425,763 IT Pros & Developers. It's quick & easy.

PHP Encrypt/Decrypt whith asymetrics keys

P: n/a
Hi,
I have generated two keys :
"C:>openssl req -nodes -new -x509 -keyout ben.key -out ben.crt -days
3650"
I try to encrypt/decrypt a string like "JOHN" with these asymetrics
keys. With the following code, it works.
I encrypt with the public key which is in the certificate.
I decrypt with the private key.
But why, the crypted message is different every time I start the
programm...?
__________________________________________________ _______
<?php
echo "---CRYPT---<BR>";
$source="JOHN";
echo "Message : $source<BR>";
$fp=fopen("./ben.crt","r");
$pub_key=fread ($fp,8192);
fclose($fp);
//echo $pub_key;
openssl_get_publickey($pub_key);
openssl_public_encrypt ($source,$sourcecrypt,$pub_key);
echo "Crypted message : ".$sourcecrypt."<BR><BR>";
$source="";
echo "---DECRYPT---<BR>";
echo "Crypted message : ".$sourcecrypt."<BR>";
$fp=fopen("./ben.key","r");
$priv_key=fread ($fp,8192);
fclose($fp);
$res=openssl_get_privatekey($priv_key);
openssl_private_decrypt ($sourcecrypt,$newsource,$res);
echo "Source decryptée : $newsource<BR><BR>";
?>
__________________________________________________ _________

Now here is my second question :
In fact I encrypt with a java programm where is my certificate and I
decrypt with a PHP programm like I've just explane before.

__________________________________________________ _________
public String crypt(String message) {

//Cert is in LDAP
Certificate cert =
userProvider.getUserCertificate(getCurrentUsername ());

PublicKey publicKey = cert.getPublicKey();

try{
Provider secProvider = Security.getProvider("BC");
if (secProvider == null) {
secProvider = new BouncyCastleProvider();
Security.addProvider(secProvider);
}
Cipher encryptCipher = Cipher.getInstance("RSA", secProvider);
encryptCipher.init(Cipher.ENCRYPT_MODE, publicKey);

//Crypt...
String resultCrypt = new String();
byte[] messageBytes = message.getBytes();
byte[] resultCryptBytes = encryptCipher.doFinal(messageBytes);
resultCrypt = arr2str(resultCryptBytes);

return resultCrypt ;

}catch(Exception e){
//throw ...
}
}
__________________________________________________ ______________

Why my programm PHP can't decrypt the message? I use evidently the
correct private key which corresponds with the public key.

Thanks for your answers...

Sep 19 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a
Benoît wrote:
Hi,
I have generated two keys :
"C:>openssl req -nodes -new -x509 -keyout ben.key -out ben.crt -days
3650"
I try to encrypt/decrypt a string like "JOHN" with these asymetrics
keys. With the following code, it works.
I encrypt with the public key which is in the certificate.
I decrypt with the private key.
But why, the crypted message is different every time I start the
programm...?
Sounds like a good thing, particularly with short strings - the system is
applying some reversible modification of the data before encoding to
specifically avoid repetition, e.g. instead of:

$encrypted=encrypt($data, $private_key);

the system is might be doing something like:

$modifier=rand(0,10000) . time();
$data=base64_encode($data) . ":" . base64_encode($modifier);
$encrypted=encrypt($data);

(actually even I could come up with something better if I spent some time
thinking about it - no doubt the openssl people did already).
....so the data is always recoverable but the encrypted message contains
random junk which is discarded.

Now here is my second question :
In fact I encrypt with a java programm where is my certificate and I
decrypt with a PHP programm like I've just explane before.


<snip>
In addition to the reason cited above, openSSL may do all sorts of strange
things to package up the encrypted data.

I would suggest that you start by meking sure you can implement compatable
encryption frm the command line using openSSL.exe (which I suspect will be
straightforward), then try to reproduce the behaviour in Java (I'm sure the
Java newsgroups can better advise you on your Java code).

HTH

C.

Sep 19 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.