Currently I have a pkcs8 formatted private key and am trying to use openssl to sign data.
My code is as follows:
$data = "Data that I wsant to sign";
$private_key ="
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIlPwCxnroNJUCAggA
MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBDOK7DOSiWN/iSUIK1mfbZHBIIE
0PFuTznnLXVEz+iECw/jq+6VQf/cpGQRVbEFppzoxo6JqTUC/hjZsh8+9bdCNSvf
GsaTMixKvVgzi+9wF3tb0sTS2f8Qsd9acRsQ14e0qg4Efi2gUYcQKk+mZwzgwAFi
wZZdTNa6I/lB5dZoAaShkvyPQWpvG7oPNg0igF+ZJ79czdBEsdk0LfDfn1djBrOR
4+1fpD13ELkehG6VngEI26dkke6FKngVA9qlByNw6qzxh63Y5ftey3Gr4yJSjCm4
WIHOdMO0d/G9DtqdCaJkiu0V+6MhFIkhVI8GWaelsU6L50Z3GQXTkax2rMfMCjAL
gyNqRnMfQF0aGuMDreIsbJJyfPB118kcN4seqZwUFQ8v2XnU2bzZ46v/LIjm0EMT
Oj6MUSTGYz0NEGVCwD914wEQQ+IvpZQUrKLZvus2eas/H9SImmIotaZGaR66cMK3
ARGXLOGkamwmOWXaj5e4/Nqj1YPoyO1gCqLvqaifS3BKfe5emVQiFn37Yj2LUtFE
gaTmW+S7QhGkfNfiT0ihUeVWFKneR5ZVQ4ZWHXamc7QwUbKOZqD6CHKWtwudBJ/A
1BSC3geeKhND1XzAENtjOxwrNMbmtlBGgp/zOnaxNQE2J8x7ZWzGRAz1isXqOoXT
KCatixh918u2U0YfaRBGyOLBK83UjcMsfRSYyowx/AwR4iET4gORG7hai+6Jcujk
Jq2M1oJdlbtBzYoI9NGUsytiHz+BR6o/d3qqGaFobcbDzfQFhWQhprWBdq/Z5nsp
GRyBJJx3LA+bIkXgfQyMvh7BwOZ7p6Irp2+7Oj4Gh6zBFH6312cGesXbzDIu8uTP
m8UeWpNG8Oo3FB3xa/s7lm6+xFc8byXRSGxBx0akFBTI929Cjw4sscheodSYOXYo
rNwfhTBsggSIOwoGdolMgidFDovS64UjoXl1NkSgivdtTfEjLQx6bMohkoBPnHJu
V2yQiWllXKQ6TQyJfKQPILJUSXE4dKos5jLlduxSTy8hYDJ1W8TdB24axQf6RPlq
hkESP9SuKRQojizY7ne/hn56NYkjcjekjS31qfa1JyHzkZTKJB5uqdQdzXi5iyZq
mmjs4j1GOWfe2p8BMyPeE91h7EOGIKpJoCWLqdbU4gUKZb9kVrNenpxtd3lAoGAs
AVujiANdQhndmrb6gDfaRh6rT9Cu2TQsk27YD1Nmb05ihYmWkXJlMe2hN6nhIkEy
MSWCv+ZfuW3NSaBFRw1rCLEB1xfFnkmsBOmxgW6eJ0UxRONU2jQ8Hf233tJc1LaI
JI+F1coi9VGq4dVBZ5nupw0MSVbgOJO7fnH7uP47Va1tq5YM0pB4tMib/KsKDwPk
oDFMp/wfSs/Ctt5GJ7bzlcHUfQIEntzRDurdfPNSlsDk14KUudzQM+XK8HRPTaRA
yICJBmgvNq9IrK0/bNDyZyNNwUw0TDJKuSa0aNTM9s9ksodrgCGGbouCnXipD6GZ
aJtXy4I0rBSxh+EKtzkjHoD/Lik90NFlEPcASsQ9vFMVyOwbgMwZLtZ5nYhF9/bX
dgG8VLoIGJ9sMpbA+OJUOvbW6cgrADWfIZbpjjCgDW4aGJjJIPYmxDwWlfbuWA6j
0LLAp/Eqj68hoMEBGU6bYmIm8eHG+o1O3Df7ZkGudcEK
-----END ENCRYPTED PRIVATE KEY-----";
$binary_signature = "";
$algo = OPENSSL_ALGO_SHA256;
$pkey=openssl_get_privatekey( $private_key, 'password' );
openssl_sign($data, $binary_signature, $pkey, $algo);
$signature = base64_encode($binary_signature);
echo $timestamp = time();
echo "<br>";
print_r($signature);exit;
However, I'm getting openssl_sign(): Supplied key param cannot be coerced into a private key error
I can't seem to find any references that use pkcs8 formatted keys for signing data using PHP. Hoping someone could give me some insight into this.
Thank you
New version of the code (Still having the same error)
$data = "Data that I want to sign";
$private_key ="
MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIlPwCxnroNJUCAggA MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBDOK7DOSiWN/iSUIK1mfbZHBIIE 0PFuTznnLXVEz+iECw/jq+6VQf/cpGQRVbEFppzoxo6JqTUC/hjZsh8+9bdCNSvf GsaTMixKvVgzi+9wF3tb0sTS2f8Qsd9acRsQ14e0qg4Efi2gUYcQKk+mZwzgwAFi wZZdTNa6I/lB5dZoAaShkvyPQWpvG7oPNg0igF+ZJ79czdBEsdk0LfDfn1djBrOR 4+1fpD13ELkehG6VngEI26dkke6FKngVA9qlByNw6qzxh63Y5ftey3Gr4yJSjCm4 WIHOdMO0d/G9DtqdCaJkiu0V+6MhFIkhVI8GWaelsU6L50Z3GQXTkax2rMfMCjAL gyNqRnMfQF0aGuMDreIsbJJyfPB118kcN4seqZwUFQ8v2XnU2bzZ46v/LIjm0EMT Oj6MUSTGYz0NEGVCwD914wEQQ+IvpZQUrKLZvus2eas/H9SImmIotaZGaR66cMK3 ARGXLOGkamwmOWXaj5e4/Nqj1YPoyO1gCqLvqaifS3BKfe5emVQiFn37Yj2LUtFE gaTmW+S7QhGkfNfiT0ihUeVWFKneR5ZVQ4ZWHXamc7QwUbKOZqD6CHKWtwudBJ/A 1BSC3geeKhND1XzAENtjOxwrNMbmtlBGgp/zOnaxNQE2J8x7ZWzGRAz1isXqOoXT KCatixh918u2U0YfaRBGyOLBK83UjcMsfRSYyowx/AwR4iET4gORG7hai+6Jcujk Jq2M1oJdlbtBzYoI9NGUsytiHz+BR6o/d3qqGaFobcbDzfQFhWQhprWBdq/Z5nsp GRyBJJx3LA+bIkXgfQyMvh7BwOZ7p6Irp2+7Oj4Gh6zBFH6312cGesXbzDIu8uTP m8UeWpNG8Oo3FB3xa/s7lm6+xFc8byXRSGxBx0akFBTI929Cjw4sscheodSYOXYo rNwfhTBsggSIOwoGdolMgidFDovS64UjoXl1NkSgivdtTfEjLQx6bMohkoBPnHJu V2yQiWllXKQ6TQyJfKQPILJUSXE4dKos5jLlduxSTy8hYDJ1W8TdB24axQf6RPlq hkESP9SuKRQojizY7ne/hn56NYkjcjekjS31qfa1JyHzkZTKJB5uqdQdzXi5iyZq mmjs4j1GOWfe2p8BMyPeE91h7EOGIKpJoCWLqdbU4gUKZb9kVrNenpxtd3lAoGAs AVujiANdQhndmrb6gDfaRh6rT9Cu2TQsk27YD1Nmb05ihYmWkXJlMe2hN6nhIkEy MSWCv+ZfuW3NSaBFRw1rCLEB1xfFnkmsBOmxgW6eJ0UxRONU2jQ8Hf233tJc1LaI JI+F1coi9VGq4dVBZ5nupw0MSVbgOJO7fnH7uP47Va1tq5YM0pB4tMib/KsKDwPk oDFMp/wfSs/Ctt5GJ7bzlcHUfQIEntzRDurdfPNSlsDk14KUudzQM+XK8HRPTaRA yICJBmgvNq9IrK0/bNDyZyNNwUw0TDJKuSa0aNTM9s9ksodrgCGGbouCnXipD6GZ aJtXy4I0rBSxh+EKtzkjHoD/Lik90NFlEPcASsQ9vFMVyOwbgMwZLtZ5nYhF9/bX dgG8VLoIGJ9sMpbA+OJUOvbW6cgrADWfIZbpjjCgDW4aGJjJIPYmxDwWlfbuWA6j 0LLAp/Eqj68hoMEBGU6bYmIm8eHG+o1O3Df7ZkGudcEK
";
$key = wordwrap($private_key, 64, "\n", true);
$key = <<<EOF
-----BEGIN ENCRYPTED PRIVATE KEY-----
$key
-----END ENCRYPTED PRIVATE KEY-----
EOF;
$private_key = openssl_pkey_get_private($key, 'password');
openssl_private_encrypt($data, $encrypted_data, $private_key);
Related
Introduction
Hello, when signing a simple string Hello World! I get a signature that is different from any other library I'm using. I already double checked padding, algorithm, key pair, hash and input text.
Code
<?php
/*
$config = array(
"digest_alg" => "sha256",
"private_key_bits" => 4096,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
);
$resource = openssl_pkey_new ($config);
// Extract the private key from $res to $privKey
openssl_pkey_export($resource, $privKey);
// Extract the public key from $res to $pubKey
$pubKey = openssl_pkey_get_details($resource);
$pubKey = $pubKey["key"];
echo var_dump($privKey) . "\n" . $pubKey;
*/
//require __DIR__ . '/../vendor/autoload.php';
require __DIR__ . '/../vendor/autoload.php';
use phpseclib\Crypt\RSA;
$privatekey = "-----BEGIN RSA PRIVATE KEY-----
MIIJJwIBAAKCAgEAn4CD0nFHCeM3DQkCWfXuqRVlX4rbqEk43lMgEns4DnTldrSl
1oaD9YOnwGktk7MaCf80AAZv2O4a9LIfvMxBf+LshgqTOAgvr1qy9bIkn0o/BBNY
bwOTCEnbvSha6uHlexpr31aRvzj8km4uzeBusUyJaXgF8ZMcp0UmThhdYlHhWP1E
uajkbXS8/zlD2F4TVaiPgvupIoWC62PMe5QvNWjrxOYSNwiV29QVxnHt8xm5Vx1J
ET1A4uUCVnOUQ5L+zBv+BYhCHr03j6aq+Z1aKHpEsYtCQPRCJJ/+r24+yd8tMJ2u
63feVCcSOfuZTYG8Qlr5wZICuGimneeKWpauOCqmb7osVDZfY7e2xSxnbjabtVqn
i43NWB0CcXwQ4fIbHX0/JdWmLbupIhTBJDzO6CCpyE506UZJGZOu7t16FBwGVLh3
jE1nLxwIbswv7oiN9fFBP+2eebvyuEvkSwYevGc16Mh4qfnHARwhiG0aflrUbf8h
ls2NrvCRTm7mRIjCBZe8rM7VWyZbUaA8DI8NE3/PnwjvRWLdmEqM2ShVBuDnDpeD
x46x58B1HZqeGx7HwfL/x/fSRG3uvBAG/lqKmq3o1E1gmauHm6jcnHOUftlt6nv0
xfqboScJYVgPkNT0l3rzKUtNwI3Bh0X/Yhy4ikEl9DTSFOhWa9ReUwYOqVMCAwEA
AQKCAgA3LG9tBj46j1xlp+4mTEooNvyAFjpxdhKz5TE8816qsYkGjOqo0JMpBEes
6TUY2GVze9HzCEb8VTEB3/PWjRlDMa37mADg6wQDtm4dS2gbqcUulbqLfEMKJPJb
9m+svENzV+pksT9tVDsaM/8AvFfOANmvoBL+Q5Mv0V20ufzjm8tFyyZQyrlpm24d
IyPy3mf1w38RIhiZlnF5F2aOgO3rncWgsK0wWEnuZui5YoObChTwq3KxAe1GD03F
teldjqWQ2UX/h+jHVVC44kBWZDXhtpm4iKF8coHGxYmGCa6yif7JyGHPlgFUPsex
QvT+uJf0pB+s8+L5A0pPaN6VA3Zz7sE1/XgLBj8qFhjsyPYL7Q4ikB4svtzLZ4vG
1wCP1v+V5KCl9d4jcIbm7ZxrRbFuFZimxE+/vUiaZQv30/fzOzppWYw1giGuMcQu
ttXsgfTkrq33hJI0u4RmYG5rknpZ2/a2QE2OZoTEMVnO3jn+Qz5grwH7oWQW85U0
GKwkHOP0GQ/JFgLeZ6oWDuR3tY75sQFoDORY3xYFXiz6L9jjIKCAsu8GwdnoaQwY
nzY7hi7BnaKaaSkI6myHWXg0k5o71HQiysUJzdbbWD/PvhTfkjolcGR1fRBu/L4U
8+DN0eJEvuwrwfDAIQJX+0bfi8pOhV4PmyvQSjSombv5g85L4QKCAQEA4QMbuiXf
Z1+nzFefwyz6lNq8zmek6PlakXiwDdH7WUtfeV0y9cn08TU9dLjqO0qXmfGjBhIz
OP3kHa3i3lHvnF964tq4cstU0juLwLjES4q3kdr+Np3C8lukoDPwcaQhL+/MOfGi
ZDHvCTQejzYmxpstwcAP9gITkH5CMvVTMInJKGXpSBbEAahTgklaoXMRLFKLqo0e
TJCCEdzVDYELjzk40G5fmombfFLN2wURMgkRf3aIttFNXoNKdK8VPmPHU0wVFi+Z
7pkVkhLV4B9UJZUwwVLO0rC4sIQ22SozZQ3m5ATYg7/tKgd7d9UeWXOKdjwUNUC+
ko82FFufVB1/WwKCAQEAtXfSODGK8EOwNMinI9xUkK3M9MOmzqNRIMQQwz1PcOkS
jE/c5LzKnTYVlVtaB7J7CsPXLFoVR+XUK0oCQ2kyN4rLPrpPwD0gvKPvXVnnAR/O
bI8iFwOuNVR5odU2XcGtXuGg+7SB+JqeUy50o65QP11pAzHXv4ptvCD2tk22dD8u
WmGl5bElzmWNVua33h+KISJoa4vBu3/rmfq+09qn5VfoNpxsE62udF6juhmbOz8z
H4pUpP5SYI0NfOdqI8a16wVHR4t3uMTGA7DdV8JAxzR95UBmZFsQbMvtj+HvfGmE
YKBeCRy+BuW8mrT+mat2o1xemG3ROCicDiXaQADXaQKCAQBh9Qt2H5TBmSgg0qjP
vF4evZdiuEZX0m52VDc43QhymFipKkTMMi67b7UggnwecdvL/iE9vGCmWAmeThwt
MziAOCT0a8nO1+xGVfwCW63BQVOnYNI5DrdW8USbJeFwZ8a26stbEnHi8sYgmJsR
N77ryZTC+403STIhPoYtTxX3VJTJTIyhgJ+2JQSt/KdDECgSxqDdD/B33pVxl1T9
OwfAQ2YTf2mJioyxNA9AYVVaFg6TEhR0mmv3UGryn2I9Ng0Jm162uORntido32BS
4PCuJ+QA1b8KhDrzRavnIPMc9E9nRyDHQp/KI1XCFnrO8Hj//inCATy16zjc5gJY
CTtvAoIBAClXHKr0jmRh5zh/JaSDwzgagACauduFVSwTvoXb58cfMbyJTRdG8xmR
gqU95GqwfFtddh2CgCqa7xTVjWJyCqCgm+C0bQqsYlLXPeaUXo3hAxO0H94CVqOL
lRILEpGVV7uvxw7QdnN+NedZQ/Ut9tYYn528sxvNm2YqVEn/tjsRUawBZtvG2YgF
lodflC+kG8GkpwkpE391iuTPPL3iqDEVL6+RPwXUoVOdY8s3nieHJExhJRtZXMbm
G1aDGakA0dyynSRtX17WZQ3eMu6VMFCxYqThYPIn1LwUURBgNkCvgRrKLeIBjEDi
AW91IDM93o8kseAj1G/owHRwpyHBj1ECggEAASOlqfGjCyRQPS4Cb4F87DOTl9bH
tPiFXqnARdajeMhbCKhhOhDMOQpqGMlskTcg2vOum1drvKGeTHtuQqlIyu2W5IRX
SxazFVscOmvQ1UbSlR7coL0NiXU7v1xuZYNUZyrgnYme4UsoegvTEYcHCXmsz3ji
HanMxaRzToSiNY2MOPYv1Obrr48IiktPz+XVSQYiiPOJeQuETdkiNVOS2+epVjbr
fVvRCtUbQl4akkpK7xK0gbD+TnMIeozwAK3aXDwiaLiHzmws1hWf6zDYGc8B9F8N
VqiqLc7ek40r66miDPnqHxLuvv+DKMYCxctqPAxikqDzYgvmzBlgrMRXZQ==
-----END RSA PRIVATE KEY-----
";
$publicKey = "-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAn4CD0nFHCeM3DQkCWfXu
qRVlX4rbqEk43lMgEns4DnTldrSl1oaD9YOnwGktk7MaCf80AAZv2O4a9LIfvMxB
f+LshgqTOAgvr1qy9bIkn0o/BBNYbwOTCEnbvSha6uHlexpr31aRvzj8km4uzeBu
sUyJaXgF8ZMcp0UmThhdYlHhWP1EuajkbXS8/zlD2F4TVaiPgvupIoWC62PMe5Qv
NWjrxOYSNwiV29QVxnHt8xm5Vx1JET1A4uUCVnOUQ5L+zBv+BYhCHr03j6aq+Z1a
KHpEsYtCQPRCJJ/+r24+yd8tMJ2u63feVCcSOfuZTYG8Qlr5wZICuGimneeKWpau
OCqmb7osVDZfY7e2xSxnbjabtVqni43NWB0CcXwQ4fIbHX0/JdWmLbupIhTBJDzO
6CCpyE506UZJGZOu7t16FBwGVLh3jE1nLxwIbswv7oiN9fFBP+2eebvyuEvkSwYe
vGc16Mh4qfnHARwhiG0aflrUbf8hls2NrvCRTm7mRIjCBZe8rM7VWyZbUaA8DI8N
E3/PnwjvRWLdmEqM2ShVBuDnDpeDx46x58B1HZqeGx7HwfL/x/fSRG3uvBAG/lqK
mq3o1E1gmauHm6jcnHOUftlt6nv0xfqboScJYVgPkNT0l3rzKUtNwI3Bh0X/Yhy4
ikEl9DTSFOhWa9ReUwYOqVMCAwEAAQ==
-----END PUBLIC KEY-----
";
$rsa = new RSA();
$rsa->loadKey($privatekey);
$rsa->loadKey($publicKey);
$rsa->setHash('sha256');
$rsa->setMGFHash('sha256'); // Added to see if it made a difference. It made no difference
//$rsa->setSaltLength($sLen)
$rsa->setEncryptionMode(RSA::ENCRYPTION_PKCS1); // Added to see if it made a difference. It made no difference
$rsa->setSignatureMode(RSA::SIGNATURE_PKCS1);
$plaintext = 'Hello World!';
$signature = $rsa->sign($plaintext);
$rsa->verify($plaintext, $signature);
echo base64_encode($signature);
?>
Output vs expected output
Output: Zhy04W5K+Xjhd3isDi3rlqpUgGAmcTKpW7HEPQiG8eIaxqPVqOilw60zOcS1GDuPn2b5Z1UWyvBNbw3r5fK9JSxAXCGFtbe/Fd8nGtAsCe9RW9oQ14OCwpuqWFJwADdax0GAh0KC/2JpmHYu+GG8IfESgG4NPxwe36r861jdIW9icsmcRUQOpfCkIsKClbwBhS74oIQAmbxMl23hNqzue6I7+onlZxNqnVH1XLPsMZghx1CkkpVGnSm6bHmiz01AFTF9U5oHto5MLLy1UMIhFDOFOxNHwC4ISK8kC8vnfUkm3nM3GQMD+yvDYPKLse0dYBPUcmFwiErSOkG8guA5IG4nWCkM2V5GpBHPwsGFpckjKOUvsuq+8g3ILqkW5IZSBUDaTSsHUd0CxD05DzZOGOBQ5Lhm3vMm2kbO5uwlTYbZX5deLJLOJivCip56CGX4GpAfT/VRctLyl5NL2CwVE3zUKMTnOj/NLoU7Liqw4WaYKekB2vTCUWcse8mdX1ZiUNxW3EHiXiEGB1yzVxPE0QaLdcfK3pyVVpkd5cxHOdXI5Zg/5RkADYiueyO/1oIObzHPEcAvdoj5fxW5XKnFPux6KzjWdqnqVyZXKNSZquJodn0408n2NGLrEukOVlMaixnNgvj7lmHtz/UlN0FNRzCHwVDl4q3uOiVPfRmj+28=
Expected output: J8iGPq9MWUHnzHYJqNE3y/o41uZXTdr+JGOl7YN06qIv+vbylgL367Y8B0jA/LYPcPIJDpUs991DdHEgFAE/+JkVYcrKZpmGXSFvR3RWaTe3DQZMoeD07iaOElJXVn6XBWbU77hCDUMkWXwWHbH9Ybs9BDyq8VHCrhHXgo4zyRNHB+Hb4LLVPyFCv+nQ8d6wCbY14ecyMiL5xS27g78aAg+87uTaq/naLPiSUftKiq0/ih9/Jk6IxrSLsfF4XRD2uAe5jruUMe+wZmzzYeS1syl1nto2FX/28k/z2c8Bt1Rr7nl4E6uiEKO2jYknBkwvJ2MVmbiANpeal534GRvBWaHvTGU/kZa4hEjDkRbZJ/byvLIOMrafoCQfmHYVBLS1OkVEraa34LIqla38VAV7QQGtUrq4ehYsJ16daacysCkJcuvyYz0qNoSvBV9Knh727eEbkLHrYkjf7LjYvWkVXt82AwdohzlnbQb/Ge1BhR+tV0jmC5ztpHE6xzRqkjuNU3mYKjE/Jp+udKokNXcPZcbCrFhA8MY6ay/ldy8ySYl3vTdzE0d8FzIVn/z8fBJme/nCDLeP8/bRja+dpwKwWO0c9k/cyKs0M0YEyZ/PF/CYm/sPBMZHFY4cJacVqrkbnFgEWSAnEJ8SLCqLNXKQR/4hOhlC9sF3asMCkGszrgc=
Additional details
I'm sure I'm using:
RSA
SHA256
PKCS1
Hello World! as input text
You can check using openssl or 8gwifi RSA Signature/Generation & Validation (make sure you paste the keys provided and change the signature algorithm to SHA256withRSA)
Found the problem. When loading the keys you can't load both. You need to load the one you need, do whatever operation you need and then load the other one for the next operation.
I have problem with $public_key in RSA encryption
and i receive empty result no error
I am using phpseclib
Example:
include('Crypt/RSA.php');
$rsa = new Crypt_RSA();
$plaintext = 'test test';
$public_key = '-----BEGIN CERTIFICATE-----
MIIGQjCCBSqgAwIBAgIQNW5duJ7xtvmwd5qObmTdljANBgkqhkiG9w0BAQUFADB3MQswCQYDVQQG
EwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVt
IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRswGQYDVQQDExJDZXJ0dW0gTGV2ZWwgSVYgQ0EwHhcN
MTYwNjE1MDU0MTU4WhcNMTkwNjE1MDU0MTU4WjCBvjELMAkGA1UEBhMCUEwxHjAcBgNVBAoMFU1p
bmlzdGVyc3R3byBGaW5hbnNvdzEjMCEGA1UECwwaRGVwYXJ0YW1lbnQgSW5mb3JtYXR5emFjamkx
ETAPBgNVBAcMCFdhcnN6YXdhMRQwEgYDVQQIDAttYXpvd2llY2tpZTEjMCEGA1UEAwwadGVzdC1l
LWRva3VtZW50eS5tZi5nb3YucGwxHDAaBgkqhkiG9w0BCQEWDWpwa0BtZi5nb3YucGwwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6K/2lXWopQyScTXwXduIfWyk+8ZqrGLhUll1F0J7l
6gfyYx3rLzqAeFIn9tJSS8v1PKj6EQ61lEDZcLcbxsAzK3nYWHhn31Er4/9jrr02jy9TW+DH9jSN
hbeuEO7sEzv3S3wc+/vUSKAW1p5KDcykLD5gfj/79yF68NaG/p+a7rDS0au0Xuj/HMxpRzYa4p+Y
PHoPJRLCVIhcElxB6w29YRJBqjp+bhe3yhWzMzLEozP8HJKEdYRX8OmvvMgKFxDVlxMSogZlZCw2
H7b3Q89dE+Up8EGqXSHSY3N0w3S1WMcWeRI5jcjqcbBBArGPq1DOydn0wh5VqcDtotDGeM/LAgMB
AAGjggKAMIICfDAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFM1KRsoDZZDmMRAagsalHF7RUM8f
MB0GA1UdDgQWBBTnE41tuST6qUvjgrXYaE/sbbPGwjAOBgNVHQ8BAf8EBAMCBPAwYQYIKwYBBQUH
AQEEVTBTMCEGCCsGAQUFBzABhhVodHRwOi8vb2NzcC5jZXJ0dW0ucGwwLgYIKwYBBQUHMAKGImh0
dHA6Ly9yZXBvc2l0b3J5LmNlcnR1bS5wbC9sNC5jZXIwggE9BgNVHSAEggE0MIIBMDCCASwGCiqE
aAGG9ncCAgQwggEcMCUGCCsGAQUFBwIBFhlodHRwczovL3d3dy5jZXJ0dW0ucGwvQ1BTMIHyBggr
BgEFBQcCAjCB5TAgFhlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMAMCAQEagcBVc2FnZSBvZiB0
aGlzIGNlcnRpZmljYXRlIGlzIHN0cmljdGx5IHN1YmplY3RlZCB0byB0aGUgQ0VSVFVNIENlcnRp
ZmljYXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpIGluY29ycG9yYXRlZCBieSByZWZlcmVu
Y2UgaGVyZWluIGFuZCBpbiB0aGUgcmVwb3NpdG9yeSBhdCBodHRwczovL3d3dy5jZXJ0dW0ucGwv
cmVwb3NpdG9yeS4wHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBEGCWCGSAGG+EIBAQQE
AwIFoDAsBgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vY3JsLmNlcnR1bS5wbC9sNC5jcmwwGAYDVR0R
BBEwD4ENanBrQG1mLmdvdi5wbDANBgkqhkiG9w0BAQUFAAOCAQEAxno58NJnSvAD3eBWI8D2dVPQ
T8Heqg+dvH1okrrBPLg6OV0E+V/KYzWqFoOAFUsmVBw/B2P17brKecwyYCrHOK0aQsvsIeaABBkx
aMhBjkFVz0R4FJtA1/l3lbVRpSAKRHyqw3P7TOzJuAG+kzNxvs0GYOAMhKvUO/ZvghJsYXM4wQ8F
LTNOyrRwdy0OuV8f5ahHU9zWH7cEiaMsnn9bIE4clkY/kTm8b2nOsoadH83YV0MrmPKRCleLE1QW
7Ytj9b+exAXLoB5D2NJqiLJD+LX8Y7CGMWGGLOPwonN9stRew5pRVPhY4j8RCLn0Cpuay3rBoOWs
9mzRTV3IiZZFbw==
-----END CERTIFICATE-----';
$rsa->loadKey($public_key);
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
echo $ciphertext = $rsa->encrypt($plaintext);
var_dump($rsa->encrypt($plaintext));
but if I change key to this one:
$rsa->loadKey('-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0
FPqri0cb2JZfXJ/DgYSF6vUpwmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/
3j+skZ6UtW+5u09lHNsj6tQ51s1SdPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQAB
-----END PUBLIC KEY-----');
than it is working.
What is wrong with first key ?
Thanks for any help
The first key isn't a key - it's an X.509 cert. To encrypt something with the public key contained within an X.509 cert you'd need to use File_X509. Something like this (untested):
<?php
include('File/X509.php');
$x509 = new File_X509();
$x509->loadX509('...');
$rsa = $x509->getPublicKey();
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
$ciphertext = $rsa->encrypt($plaintext);
echo $ciphertext;
I try to encrypt data in perl and decrypt data in php using Crypt::OpenSSL:RSA.
I am able to decrypt in perl but get NULL in php.
perl code:
use strict;
use MIME::Base64;
use Crypt::OpenSSL::RSA;
print "Content-Type: text/html\n\n";
my $string = '123';
my $key_string = "-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2n9QlRt3ERZXt6CQ5ufb
eKIlzaJFqr7LxgxiRSy/ZdMnxvCdRoKtW4JbVM62WaEBuOVZIxlJRYRTplloDl9l
7yksxEfN5/AosIJzOPqjj1U1ICvoFS1ORS/8FwAqBd3HeL8BW3gIH+03WTh+bKE/
65u7hyTEi/bb3k1JtxUVSKI04EovCZVivR/nhAZ7lJrjhW23vmhTwlIoIijZfOre
ctE00rcJ9I5KY4V4djQM8mDGFWQTNrdBku+DpGt4//lw/i5w0/MCr9mHqSw3Nxty
/PnMG7dpiA+WjVA9W1TYCVcRZBD+Wsd3OjXxgl46OZYdI5dKYNLKE7BUMccEJj9l
eQIDAQAB
-----END PUBLIC KEY-----";
my $public = Crypt::OpenSSL::RSA->new_public_key($key_string);
$string = $public->encrypt($string);
$string = MIME::Base64::encode_base64($string);
print $string;
php code:
<?php
$encrypted = 'ZkEVc2US6/mqeix3409VYXSTmJtycVLxXztsKpCFpbb6Adp3MBRfYL4nblsWLND+17xaLhVqk4+h ZPw97gzAqlp8YNPA4vgCVdzamq84+kVd7Ykqot9UcDq9zRSpo7S/8EenZO8Cu9OlAwvTavb2pSnX z0w9a9mJqmIJ+zYtao6L1tV3+WlcMIYix9vaIiWU5qZigjNAlff+wT20pEh7Lqu2iAsd1h8aKt5l 3NBRqHG9M0WqTdhzrqk0Rvb9i/a2Zoo7XWC/jz9OR8FaThCM7Gyw8+jWL+z+aL2qveeAPW9e7Pwa GSk1SibTs1L0lTeQk8FmjtC2IW1j7Qn8NzUcZA==';
$encrypted = base64_decode($encrypted);
$key_content = "-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----";
$private_key_res = openssl_get_privatekey($key_content);
openssl_private_decrypt($encrypted, $decrypted, $private_key_res);
var_dump($decrypted);
?>
And I get NULL in PHP
solved the problem with add $public->use_sslv23_padding();
the encrypt data can decrypt in php.
Recently I use openssl generate RSA Private Key to encrypted my data.
$private_key = "-----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQDGCn4a42xSG6Hs0h+BSWG/MQmXOpIqd6ptlfFxMFQeL9bvJ9jR j0842NyaWIAedxQrv/0+XC5pYF8ExrcGXCnWtCpUTK2M6cgkTLgkkptLz5N+z8jd AeSbakKkJuQEgEyKI1cIrjRhz6u6yfjoPKZAmVdlwEDN1u4TweZ1HDDxHQIDAQAB AoGANPgvfI+htGBxsf8NsC3peBLspsdiuvsg2YjGeGjdxukyyurUglCbdvACKUJM mlltSrpiSOCtBUBiicuAvrG9+pdjQb1gPui/xj83ZbNytfG6K8UFk6cokH6fEgON Pd3npWlhXwdrJUxcFLzlJzREq18VyAWwgsbH82//ineOF6ECQQD3HOpE+IQ2JDIL Kxna/rVnW5RSvImddKksC4KLk7IsMFqsfo+e/Vkf3D7vmsMDCXCNpt5+ttLF93lU 3Iz1j/bJAkEAzSnJ4kp9rsvf7X5OqLWOJjR6CDGK3RSwSXeSMoJSIvV6rSXXQryU ltiYct5A5Oi3g49cOYNuYMt1bw3uTEVNtQJBAKqR7e8fr3sDrvtgi99LE4I9h3s4 orDp1uANLdYUY9b2pZANaCtxavR//X08UUGmYWeVeFz06zY05S47cp0J+2kCQEyk CbixHxZHLtWnU3cOq5V2EQgyia9g5SHsuv6HVGuezD8WXb2eeNuI+hofEJrynGtX CJqrkHY0SyA7UgPH9+kCQQDRrxJ4plB0nWqhLpdc3OV74vW0m11LS8+270nMMVN1 IP08iRfF4ASWEXoe5A2LNEP4ydFw68Ve08WaRwSJ65kn -----END RSA PRIVATE KEY-----";
$pi_key = openssl_pkey_get_private($private_key);
var_dump($pikey."\n");
return:
string(1) "
"
I use it at my local wampserver,But I get return data is resource.
string(16) "Resource id #46
"
My openssl version:
OpenSSL is pretty picky when it comes to keys. All that base64-encoded data needs to span multiple lines, each of which is, at most, 64 lines long. I used phpseclib to convert you key and it worked fine for me after the conversion (whereas it didn't before):
<?php
include('Crypt/RSA.php');
$key = '-----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQDGCn4a42xSG6Hs0h+BSWG/MQmXOpIqd6ptlfFxMFQeL9bvJ9jR j0842NyaWIAedxQrv/0+XC5pYF8ExrcGXCnWtCpUTK2M6cgkTLgkkptLz5N+z8jd AeSbakKkJuQEgEyKI1cIrjRhz6u6yfjoPKZAmVdlwEDN1u4TweZ1HDDxHQIDAQAB AoGANPgvfI+htGBxsf8NsC3peBLspsdiuvsg2YjGeGjdxukyyurUglCbdvACKUJM mlltSrpiSOCtBUBiicuAvrG9+pdjQb1gPui/xj83ZbNytfG6K8UFk6cokH6fEgON Pd3npWlhXwdrJUxcFLzlJzREq18VyAWwgsbH82//ineOF6ECQQD3HOpE+IQ2JDIL Kxna/rVnW5RSvImddKksC4KLk7IsMFqsfo+e/Vkf3D7vmsMDCXCNpt5+ttLF93lU 3Iz1j/bJAkEAzSnJ4kp9rsvf7X5OqLWOJjR6CDGK3RSwSXeSMoJSIvV6rSXXQryU ltiYct5A5Oi3g49cOYNuYMt1bw3uTEVNtQJBAKqR7e8fr3sDrvtgi99LE4I9h3s4 orDp1uANLdYUY9b2pZANaCtxavR//X08UUGmYWeVeFz06zY05S47cp0J+2kCQEyk CbixHxZHLtWnU3cOq5V2EQgyia9g5SHsuv6HVGuezD8WXb2eeNuI+hofEJrynGtX CJqrkHY0SyA7UgPH9+kCQQDRrxJ4plB0nWqhLpdc3OV74vW0m11LS8+270nMMVN1 IP08iRfF4ASWEXoe5A2LNEP4ydFw68Ve08WaRwSJ65kn -----END RSA PRIVATE KEY-----';
$pi_key = openssl_pkey_get_private($key);
var_dump($pi_key);
echo "\r\n";
$rsa = new Crypt_RSA();
$rsa->loadKey($key);
$pi_key = openssl_pkey_get_private($rsa);
var_dump($pi_key);
echo "\r\n";
The first one output bool(false) and the second one returned resource(8) of type (OpenSSL key).
I have a RSA private key and a RSA public key.
both rsa keys are in xml version ( <RSAKeyValue><Modulus>.... );
I need to make a PKCS8 signature from private key and test it by publik key in php
I used this snippet for making signature:
$content = "test string";
include('Crypt/RSA.php');
$rsa = new Crypt_RSA();
$rsa->loadKey(file_get_contents("private.txt"));
$pem_format = $rsa->getPrivateKey();
$pvk_res = openssl_get_privatekey($pem_format);
$sig = '';
openssl_sign($content , $sig, $pvk_res, OPENSSL_ALGO_SHA1);
$signature = base64_encode($sig);
is this right way for making signature ??
now how use public key to test accuracy of signature ??
PKCS8 concerns key formats - not signatures.
Also, I see you're using phpseclib to convert the key to pem and then using openssl. Why not just use phpseclib for everything? At that point you could use this example:
http://phpseclib.sourceforge.net/rsa/examples.html#sign,sign2
<?php
include('Crypt/RSA.php');
$rsa = new Crypt_RSA();
//$rsa->setPassword('password');
$rsa->loadKey('...'); // private key
$plaintext = '...';
$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
$signature = $rsa->sign($plaintext);
$rsa->loadKey('...'); // public key
echo $rsa->verify($plaintext, $signature) ? 'verified' : 'unverified';
?>