Recently I use openssl generate RSA Private Key to encrypted my data.
$private_key = "-----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQDGCn4a42xSG6Hs0h+BSWG/MQmXOpIqd6ptlfFxMFQeL9bvJ9jR j0842NyaWIAedxQrv/0+XC5pYF8ExrcGXCnWtCpUTK2M6cgkTLgkkptLz5N+z8jd AeSbakKkJuQEgEyKI1cIrjRhz6u6yfjoPKZAmVdlwEDN1u4TweZ1HDDxHQIDAQAB AoGANPgvfI+htGBxsf8NsC3peBLspsdiuvsg2YjGeGjdxukyyurUglCbdvACKUJM mlltSrpiSOCtBUBiicuAvrG9+pdjQb1gPui/xj83ZbNytfG6K8UFk6cokH6fEgON Pd3npWlhXwdrJUxcFLzlJzREq18VyAWwgsbH82//ineOF6ECQQD3HOpE+IQ2JDIL Kxna/rVnW5RSvImddKksC4KLk7IsMFqsfo+e/Vkf3D7vmsMDCXCNpt5+ttLF93lU 3Iz1j/bJAkEAzSnJ4kp9rsvf7X5OqLWOJjR6CDGK3RSwSXeSMoJSIvV6rSXXQryU ltiYct5A5Oi3g49cOYNuYMt1bw3uTEVNtQJBAKqR7e8fr3sDrvtgi99LE4I9h3s4 orDp1uANLdYUY9b2pZANaCtxavR//X08UUGmYWeVeFz06zY05S47cp0J+2kCQEyk CbixHxZHLtWnU3cOq5V2EQgyia9g5SHsuv6HVGuezD8WXb2eeNuI+hofEJrynGtX CJqrkHY0SyA7UgPH9+kCQQDRrxJ4plB0nWqhLpdc3OV74vW0m11LS8+270nMMVN1 IP08iRfF4ASWEXoe5A2LNEP4ydFw68Ve08WaRwSJ65kn -----END RSA PRIVATE KEY-----";
$pi_key = openssl_pkey_get_private($private_key);
var_dump($pikey."\n");
return:
string(1) "
"
I use it at my local wampserver,But I get return data is resource.
string(16) "Resource id #46
"
My openssl version:
OpenSSL is pretty picky when it comes to keys. All that base64-encoded data needs to span multiple lines, each of which is, at most, 64 lines long. I used phpseclib to convert you key and it worked fine for me after the conversion (whereas it didn't before):
<?php
include('Crypt/RSA.php');
$key = '-----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQDGCn4a42xSG6Hs0h+BSWG/MQmXOpIqd6ptlfFxMFQeL9bvJ9jR j0842NyaWIAedxQrv/0+XC5pYF8ExrcGXCnWtCpUTK2M6cgkTLgkkptLz5N+z8jd AeSbakKkJuQEgEyKI1cIrjRhz6u6yfjoPKZAmVdlwEDN1u4TweZ1HDDxHQIDAQAB AoGANPgvfI+htGBxsf8NsC3peBLspsdiuvsg2YjGeGjdxukyyurUglCbdvACKUJM mlltSrpiSOCtBUBiicuAvrG9+pdjQb1gPui/xj83ZbNytfG6K8UFk6cokH6fEgON Pd3npWlhXwdrJUxcFLzlJzREq18VyAWwgsbH82//ineOF6ECQQD3HOpE+IQ2JDIL Kxna/rVnW5RSvImddKksC4KLk7IsMFqsfo+e/Vkf3D7vmsMDCXCNpt5+ttLF93lU 3Iz1j/bJAkEAzSnJ4kp9rsvf7X5OqLWOJjR6CDGK3RSwSXeSMoJSIvV6rSXXQryU ltiYct5A5Oi3g49cOYNuYMt1bw3uTEVNtQJBAKqR7e8fr3sDrvtgi99LE4I9h3s4 orDp1uANLdYUY9b2pZANaCtxavR//X08UUGmYWeVeFz06zY05S47cp0J+2kCQEyk CbixHxZHLtWnU3cOq5V2EQgyia9g5SHsuv6HVGuezD8WXb2eeNuI+hofEJrynGtX CJqrkHY0SyA7UgPH9+kCQQDRrxJ4plB0nWqhLpdc3OV74vW0m11LS8+270nMMVN1 IP08iRfF4ASWEXoe5A2LNEP4ydFw68Ve08WaRwSJ65kn -----END RSA PRIVATE KEY-----';
$pi_key = openssl_pkey_get_private($key);
var_dump($pi_key);
echo "\r\n";
$rsa = new Crypt_RSA();
$rsa->loadKey($key);
$pi_key = openssl_pkey_get_private($rsa);
var_dump($pi_key);
echo "\r\n";
The first one output bool(false) and the second one returned resource(8) of type (OpenSSL key).
Related
Currently I have a pkcs8 formatted private key and am trying to use openssl to sign data.
My code is as follows:
$data = "Data that I wsant to sign";
$private_key ="
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIlPwCxnroNJUCAggA
MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBDOK7DOSiWN/iSUIK1mfbZHBIIE
0PFuTznnLXVEz+iECw/jq+6VQf/cpGQRVbEFppzoxo6JqTUC/hjZsh8+9bdCNSvf
GsaTMixKvVgzi+9wF3tb0sTS2f8Qsd9acRsQ14e0qg4Efi2gUYcQKk+mZwzgwAFi
wZZdTNa6I/lB5dZoAaShkvyPQWpvG7oPNg0igF+ZJ79czdBEsdk0LfDfn1djBrOR
4+1fpD13ELkehG6VngEI26dkke6FKngVA9qlByNw6qzxh63Y5ftey3Gr4yJSjCm4
WIHOdMO0d/G9DtqdCaJkiu0V+6MhFIkhVI8GWaelsU6L50Z3GQXTkax2rMfMCjAL
gyNqRnMfQF0aGuMDreIsbJJyfPB118kcN4seqZwUFQ8v2XnU2bzZ46v/LIjm0EMT
Oj6MUSTGYz0NEGVCwD914wEQQ+IvpZQUrKLZvus2eas/H9SImmIotaZGaR66cMK3
ARGXLOGkamwmOWXaj5e4/Nqj1YPoyO1gCqLvqaifS3BKfe5emVQiFn37Yj2LUtFE
gaTmW+S7QhGkfNfiT0ihUeVWFKneR5ZVQ4ZWHXamc7QwUbKOZqD6CHKWtwudBJ/A
1BSC3geeKhND1XzAENtjOxwrNMbmtlBGgp/zOnaxNQE2J8x7ZWzGRAz1isXqOoXT
KCatixh918u2U0YfaRBGyOLBK83UjcMsfRSYyowx/AwR4iET4gORG7hai+6Jcujk
Jq2M1oJdlbtBzYoI9NGUsytiHz+BR6o/d3qqGaFobcbDzfQFhWQhprWBdq/Z5nsp
GRyBJJx3LA+bIkXgfQyMvh7BwOZ7p6Irp2+7Oj4Gh6zBFH6312cGesXbzDIu8uTP
m8UeWpNG8Oo3FB3xa/s7lm6+xFc8byXRSGxBx0akFBTI929Cjw4sscheodSYOXYo
rNwfhTBsggSIOwoGdolMgidFDovS64UjoXl1NkSgivdtTfEjLQx6bMohkoBPnHJu
V2yQiWllXKQ6TQyJfKQPILJUSXE4dKos5jLlduxSTy8hYDJ1W8TdB24axQf6RPlq
hkESP9SuKRQojizY7ne/hn56NYkjcjekjS31qfa1JyHzkZTKJB5uqdQdzXi5iyZq
mmjs4j1GOWfe2p8BMyPeE91h7EOGIKpJoCWLqdbU4gUKZb9kVrNenpxtd3lAoGAs
AVujiANdQhndmrb6gDfaRh6rT9Cu2TQsk27YD1Nmb05ihYmWkXJlMe2hN6nhIkEy
MSWCv+ZfuW3NSaBFRw1rCLEB1xfFnkmsBOmxgW6eJ0UxRONU2jQ8Hf233tJc1LaI
JI+F1coi9VGq4dVBZ5nupw0MSVbgOJO7fnH7uP47Va1tq5YM0pB4tMib/KsKDwPk
oDFMp/wfSs/Ctt5GJ7bzlcHUfQIEntzRDurdfPNSlsDk14KUudzQM+XK8HRPTaRA
yICJBmgvNq9IrK0/bNDyZyNNwUw0TDJKuSa0aNTM9s9ksodrgCGGbouCnXipD6GZ
aJtXy4I0rBSxh+EKtzkjHoD/Lik90NFlEPcASsQ9vFMVyOwbgMwZLtZ5nYhF9/bX
dgG8VLoIGJ9sMpbA+OJUOvbW6cgrADWfIZbpjjCgDW4aGJjJIPYmxDwWlfbuWA6j
0LLAp/Eqj68hoMEBGU6bYmIm8eHG+o1O3Df7ZkGudcEK
-----END ENCRYPTED PRIVATE KEY-----";
$binary_signature = "";
$algo = OPENSSL_ALGO_SHA256;
$pkey=openssl_get_privatekey( $private_key, 'password' );
openssl_sign($data, $binary_signature, $pkey, $algo);
$signature = base64_encode($binary_signature);
echo $timestamp = time();
echo "<br>";
print_r($signature);exit;
However, I'm getting openssl_sign(): Supplied key param cannot be coerced into a private key error
I can't seem to find any references that use pkcs8 formatted keys for signing data using PHP. Hoping someone could give me some insight into this.
Thank you
New version of the code (Still having the same error)
$data = "Data that I want to sign";
$private_key ="
MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIlPwCxnroNJUCAggA MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBDOK7DOSiWN/iSUIK1mfbZHBIIE 0PFuTznnLXVEz+iECw/jq+6VQf/cpGQRVbEFppzoxo6JqTUC/hjZsh8+9bdCNSvf GsaTMixKvVgzi+9wF3tb0sTS2f8Qsd9acRsQ14e0qg4Efi2gUYcQKk+mZwzgwAFi wZZdTNa6I/lB5dZoAaShkvyPQWpvG7oPNg0igF+ZJ79czdBEsdk0LfDfn1djBrOR 4+1fpD13ELkehG6VngEI26dkke6FKngVA9qlByNw6qzxh63Y5ftey3Gr4yJSjCm4 WIHOdMO0d/G9DtqdCaJkiu0V+6MhFIkhVI8GWaelsU6L50Z3GQXTkax2rMfMCjAL gyNqRnMfQF0aGuMDreIsbJJyfPB118kcN4seqZwUFQ8v2XnU2bzZ46v/LIjm0EMT Oj6MUSTGYz0NEGVCwD914wEQQ+IvpZQUrKLZvus2eas/H9SImmIotaZGaR66cMK3 ARGXLOGkamwmOWXaj5e4/Nqj1YPoyO1gCqLvqaifS3BKfe5emVQiFn37Yj2LUtFE gaTmW+S7QhGkfNfiT0ihUeVWFKneR5ZVQ4ZWHXamc7QwUbKOZqD6CHKWtwudBJ/A 1BSC3geeKhND1XzAENtjOxwrNMbmtlBGgp/zOnaxNQE2J8x7ZWzGRAz1isXqOoXT KCatixh918u2U0YfaRBGyOLBK83UjcMsfRSYyowx/AwR4iET4gORG7hai+6Jcujk Jq2M1oJdlbtBzYoI9NGUsytiHz+BR6o/d3qqGaFobcbDzfQFhWQhprWBdq/Z5nsp GRyBJJx3LA+bIkXgfQyMvh7BwOZ7p6Irp2+7Oj4Gh6zBFH6312cGesXbzDIu8uTP m8UeWpNG8Oo3FB3xa/s7lm6+xFc8byXRSGxBx0akFBTI929Cjw4sscheodSYOXYo rNwfhTBsggSIOwoGdolMgidFDovS64UjoXl1NkSgivdtTfEjLQx6bMohkoBPnHJu V2yQiWllXKQ6TQyJfKQPILJUSXE4dKos5jLlduxSTy8hYDJ1W8TdB24axQf6RPlq hkESP9SuKRQojizY7ne/hn56NYkjcjekjS31qfa1JyHzkZTKJB5uqdQdzXi5iyZq mmjs4j1GOWfe2p8BMyPeE91h7EOGIKpJoCWLqdbU4gUKZb9kVrNenpxtd3lAoGAs AVujiANdQhndmrb6gDfaRh6rT9Cu2TQsk27YD1Nmb05ihYmWkXJlMe2hN6nhIkEy MSWCv+ZfuW3NSaBFRw1rCLEB1xfFnkmsBOmxgW6eJ0UxRONU2jQ8Hf233tJc1LaI JI+F1coi9VGq4dVBZ5nupw0MSVbgOJO7fnH7uP47Va1tq5YM0pB4tMib/KsKDwPk oDFMp/wfSs/Ctt5GJ7bzlcHUfQIEntzRDurdfPNSlsDk14KUudzQM+XK8HRPTaRA yICJBmgvNq9IrK0/bNDyZyNNwUw0TDJKuSa0aNTM9s9ksodrgCGGbouCnXipD6GZ aJtXy4I0rBSxh+EKtzkjHoD/Lik90NFlEPcASsQ9vFMVyOwbgMwZLtZ5nYhF9/bX dgG8VLoIGJ9sMpbA+OJUOvbW6cgrADWfIZbpjjCgDW4aGJjJIPYmxDwWlfbuWA6j 0LLAp/Eqj68hoMEBGU6bYmIm8eHG+o1O3Df7ZkGudcEK
";
$key = wordwrap($private_key, 64, "\n", true);
$key = <<<EOF
-----BEGIN ENCRYPTED PRIVATE KEY-----
$key
-----END ENCRYPTED PRIVATE KEY-----
EOF;
$private_key = openssl_pkey_get_private($key, 'password');
openssl_private_encrypt($data, $encrypted_data, $private_key);
Problem Statement
I'm trying to decrypt data using private_key from PKCS12 formatted file by openssl_private_decrypt(). However I'm getting empty string in response.
Exception
[
0 => "error:0909006C:PEM routines:get_name:no start line"
1 => "error:0407109F:rsa routines:RSA_padding_check_PKCS1_type_2:pkcs decoding error"
2 => "error:04065072:rsa routines:rsa_ossl_private_decrypt:padding check failed"
]
Files & Configuration
$pkcs12 = file_get_contents('/path/server.p12');
openssl_pkcs12_read($pkcs12, $p12, '123456');
if (false === openssl_private_decrypt($encrypted, $decrypted, $p12['pkey'], OPENSSL_PKCS1_PADDING))
{
$e = [];
while ($msg = openssl_error_string())
array_push($e, $msg);
dd($e);
}
Edit 1:
I've run the following command to generate CSR as well as private key for SSL certificates
$ openssl req -new -newkey rsa:2048 -nodes -keyout example.key -out example.csr
example.key (Private key in .key format)
example.csr (CSR)
Got certificate & files from CA.
example.crt
intermediate.crt
example.pem
Run below command to convert private key and certificate into to PKCS12 file.
$ openssl pkcs12 -export -in example.crt -inkey example.key -out example.p12 -certfile intermediate.crt
example.p12
Edit 2:
I've example.key header
"""
-----BEGIN PRIVATE KEY-----\n
aasdasdddddddddddddadsssssssjhjjjjjjjjjj\n
.
.
asddddddddasdkjabshjdhajskdhajgggggggggg\n
TtasdhjaskjZPqD0UcJAcP\n
-----END PRIVATE KEY-----\n
"""
Edit 3:
I've converted private key from .key to .pem using below command but still getting same error.
openssl rsa -in example.key -text > example.key.pem
Edit 4:
After some research I found out that '\n' could be the cause of this error as stated in #derN3rd.
1. Declaring local variable
$pkcs8pem = "-----BEGIN PRIVATE KEY-----
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
.
.
ZZZZZZZZZZZZZZZZZZZZZZZZ
-----END PRIVATE KEY-----";
dd($pkcs8pem);
Output:
"""
-----BEGIN PRIVATE KEY-----\n
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n
.
.
ZZZZZZZZZZZZZZZZZZZZZZZZ\n
-----END PRIVATE KEY-----\n
"""
2. Using str_replace()
$privateKey = $p12['pkey'];
$privateKeyClean = str_replace(array("\r", "\n"), '', $privateKey);
dd($privateKeyClean);
Output:
"-----BEGIN PRIVATE KEY-----
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA..ZZZZZZZZZZZZZZZZ-----END PRIVATE KEY-----"
Introduction
Hello, when signing a simple string Hello World! I get a signature that is different from any other library I'm using. I already double checked padding, algorithm, key pair, hash and input text.
Code
<?php
/*
$config = array(
"digest_alg" => "sha256",
"private_key_bits" => 4096,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
);
$resource = openssl_pkey_new ($config);
// Extract the private key from $res to $privKey
openssl_pkey_export($resource, $privKey);
// Extract the public key from $res to $pubKey
$pubKey = openssl_pkey_get_details($resource);
$pubKey = $pubKey["key"];
echo var_dump($privKey) . "\n" . $pubKey;
*/
//require __DIR__ . '/../vendor/autoload.php';
require __DIR__ . '/../vendor/autoload.php';
use phpseclib\Crypt\RSA;
$privatekey = "-----BEGIN RSA PRIVATE KEY-----
MIIJJwIBAAKCAgEAn4CD0nFHCeM3DQkCWfXuqRVlX4rbqEk43lMgEns4DnTldrSl
1oaD9YOnwGktk7MaCf80AAZv2O4a9LIfvMxBf+LshgqTOAgvr1qy9bIkn0o/BBNY
bwOTCEnbvSha6uHlexpr31aRvzj8km4uzeBusUyJaXgF8ZMcp0UmThhdYlHhWP1E
uajkbXS8/zlD2F4TVaiPgvupIoWC62PMe5QvNWjrxOYSNwiV29QVxnHt8xm5Vx1J
ET1A4uUCVnOUQ5L+zBv+BYhCHr03j6aq+Z1aKHpEsYtCQPRCJJ/+r24+yd8tMJ2u
63feVCcSOfuZTYG8Qlr5wZICuGimneeKWpauOCqmb7osVDZfY7e2xSxnbjabtVqn
i43NWB0CcXwQ4fIbHX0/JdWmLbupIhTBJDzO6CCpyE506UZJGZOu7t16FBwGVLh3
jE1nLxwIbswv7oiN9fFBP+2eebvyuEvkSwYevGc16Mh4qfnHARwhiG0aflrUbf8h
ls2NrvCRTm7mRIjCBZe8rM7VWyZbUaA8DI8NE3/PnwjvRWLdmEqM2ShVBuDnDpeD
x46x58B1HZqeGx7HwfL/x/fSRG3uvBAG/lqKmq3o1E1gmauHm6jcnHOUftlt6nv0
xfqboScJYVgPkNT0l3rzKUtNwI3Bh0X/Yhy4ikEl9DTSFOhWa9ReUwYOqVMCAwEA
AQKCAgA3LG9tBj46j1xlp+4mTEooNvyAFjpxdhKz5TE8816qsYkGjOqo0JMpBEes
6TUY2GVze9HzCEb8VTEB3/PWjRlDMa37mADg6wQDtm4dS2gbqcUulbqLfEMKJPJb
9m+svENzV+pksT9tVDsaM/8AvFfOANmvoBL+Q5Mv0V20ufzjm8tFyyZQyrlpm24d
IyPy3mf1w38RIhiZlnF5F2aOgO3rncWgsK0wWEnuZui5YoObChTwq3KxAe1GD03F
teldjqWQ2UX/h+jHVVC44kBWZDXhtpm4iKF8coHGxYmGCa6yif7JyGHPlgFUPsex
QvT+uJf0pB+s8+L5A0pPaN6VA3Zz7sE1/XgLBj8qFhjsyPYL7Q4ikB4svtzLZ4vG
1wCP1v+V5KCl9d4jcIbm7ZxrRbFuFZimxE+/vUiaZQv30/fzOzppWYw1giGuMcQu
ttXsgfTkrq33hJI0u4RmYG5rknpZ2/a2QE2OZoTEMVnO3jn+Qz5grwH7oWQW85U0
GKwkHOP0GQ/JFgLeZ6oWDuR3tY75sQFoDORY3xYFXiz6L9jjIKCAsu8GwdnoaQwY
nzY7hi7BnaKaaSkI6myHWXg0k5o71HQiysUJzdbbWD/PvhTfkjolcGR1fRBu/L4U
8+DN0eJEvuwrwfDAIQJX+0bfi8pOhV4PmyvQSjSombv5g85L4QKCAQEA4QMbuiXf
Z1+nzFefwyz6lNq8zmek6PlakXiwDdH7WUtfeV0y9cn08TU9dLjqO0qXmfGjBhIz
OP3kHa3i3lHvnF964tq4cstU0juLwLjES4q3kdr+Np3C8lukoDPwcaQhL+/MOfGi
ZDHvCTQejzYmxpstwcAP9gITkH5CMvVTMInJKGXpSBbEAahTgklaoXMRLFKLqo0e
TJCCEdzVDYELjzk40G5fmombfFLN2wURMgkRf3aIttFNXoNKdK8VPmPHU0wVFi+Z
7pkVkhLV4B9UJZUwwVLO0rC4sIQ22SozZQ3m5ATYg7/tKgd7d9UeWXOKdjwUNUC+
ko82FFufVB1/WwKCAQEAtXfSODGK8EOwNMinI9xUkK3M9MOmzqNRIMQQwz1PcOkS
jE/c5LzKnTYVlVtaB7J7CsPXLFoVR+XUK0oCQ2kyN4rLPrpPwD0gvKPvXVnnAR/O
bI8iFwOuNVR5odU2XcGtXuGg+7SB+JqeUy50o65QP11pAzHXv4ptvCD2tk22dD8u
WmGl5bElzmWNVua33h+KISJoa4vBu3/rmfq+09qn5VfoNpxsE62udF6juhmbOz8z
H4pUpP5SYI0NfOdqI8a16wVHR4t3uMTGA7DdV8JAxzR95UBmZFsQbMvtj+HvfGmE
YKBeCRy+BuW8mrT+mat2o1xemG3ROCicDiXaQADXaQKCAQBh9Qt2H5TBmSgg0qjP
vF4evZdiuEZX0m52VDc43QhymFipKkTMMi67b7UggnwecdvL/iE9vGCmWAmeThwt
MziAOCT0a8nO1+xGVfwCW63BQVOnYNI5DrdW8USbJeFwZ8a26stbEnHi8sYgmJsR
N77ryZTC+403STIhPoYtTxX3VJTJTIyhgJ+2JQSt/KdDECgSxqDdD/B33pVxl1T9
OwfAQ2YTf2mJioyxNA9AYVVaFg6TEhR0mmv3UGryn2I9Ng0Jm162uORntido32BS
4PCuJ+QA1b8KhDrzRavnIPMc9E9nRyDHQp/KI1XCFnrO8Hj//inCATy16zjc5gJY
CTtvAoIBAClXHKr0jmRh5zh/JaSDwzgagACauduFVSwTvoXb58cfMbyJTRdG8xmR
gqU95GqwfFtddh2CgCqa7xTVjWJyCqCgm+C0bQqsYlLXPeaUXo3hAxO0H94CVqOL
lRILEpGVV7uvxw7QdnN+NedZQ/Ut9tYYn528sxvNm2YqVEn/tjsRUawBZtvG2YgF
lodflC+kG8GkpwkpE391iuTPPL3iqDEVL6+RPwXUoVOdY8s3nieHJExhJRtZXMbm
G1aDGakA0dyynSRtX17WZQ3eMu6VMFCxYqThYPIn1LwUURBgNkCvgRrKLeIBjEDi
AW91IDM93o8kseAj1G/owHRwpyHBj1ECggEAASOlqfGjCyRQPS4Cb4F87DOTl9bH
tPiFXqnARdajeMhbCKhhOhDMOQpqGMlskTcg2vOum1drvKGeTHtuQqlIyu2W5IRX
SxazFVscOmvQ1UbSlR7coL0NiXU7v1xuZYNUZyrgnYme4UsoegvTEYcHCXmsz3ji
HanMxaRzToSiNY2MOPYv1Obrr48IiktPz+XVSQYiiPOJeQuETdkiNVOS2+epVjbr
fVvRCtUbQl4akkpK7xK0gbD+TnMIeozwAK3aXDwiaLiHzmws1hWf6zDYGc8B9F8N
VqiqLc7ek40r66miDPnqHxLuvv+DKMYCxctqPAxikqDzYgvmzBlgrMRXZQ==
-----END RSA PRIVATE KEY-----
";
$publicKey = "-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAn4CD0nFHCeM3DQkCWfXu
qRVlX4rbqEk43lMgEns4DnTldrSl1oaD9YOnwGktk7MaCf80AAZv2O4a9LIfvMxB
f+LshgqTOAgvr1qy9bIkn0o/BBNYbwOTCEnbvSha6uHlexpr31aRvzj8km4uzeBu
sUyJaXgF8ZMcp0UmThhdYlHhWP1EuajkbXS8/zlD2F4TVaiPgvupIoWC62PMe5Qv
NWjrxOYSNwiV29QVxnHt8xm5Vx1JET1A4uUCVnOUQ5L+zBv+BYhCHr03j6aq+Z1a
KHpEsYtCQPRCJJ/+r24+yd8tMJ2u63feVCcSOfuZTYG8Qlr5wZICuGimneeKWpau
OCqmb7osVDZfY7e2xSxnbjabtVqni43NWB0CcXwQ4fIbHX0/JdWmLbupIhTBJDzO
6CCpyE506UZJGZOu7t16FBwGVLh3jE1nLxwIbswv7oiN9fFBP+2eebvyuEvkSwYe
vGc16Mh4qfnHARwhiG0aflrUbf8hls2NrvCRTm7mRIjCBZe8rM7VWyZbUaA8DI8N
E3/PnwjvRWLdmEqM2ShVBuDnDpeDx46x58B1HZqeGx7HwfL/x/fSRG3uvBAG/lqK
mq3o1E1gmauHm6jcnHOUftlt6nv0xfqboScJYVgPkNT0l3rzKUtNwI3Bh0X/Yhy4
ikEl9DTSFOhWa9ReUwYOqVMCAwEAAQ==
-----END PUBLIC KEY-----
";
$rsa = new RSA();
$rsa->loadKey($privatekey);
$rsa->loadKey($publicKey);
$rsa->setHash('sha256');
$rsa->setMGFHash('sha256'); // Added to see if it made a difference. It made no difference
//$rsa->setSaltLength($sLen)
$rsa->setEncryptionMode(RSA::ENCRYPTION_PKCS1); // Added to see if it made a difference. It made no difference
$rsa->setSignatureMode(RSA::SIGNATURE_PKCS1);
$plaintext = 'Hello World!';
$signature = $rsa->sign($plaintext);
$rsa->verify($plaintext, $signature);
echo base64_encode($signature);
?>
Output vs expected output
Output: Zhy04W5K+Xjhd3isDi3rlqpUgGAmcTKpW7HEPQiG8eIaxqPVqOilw60zOcS1GDuPn2b5Z1UWyvBNbw3r5fK9JSxAXCGFtbe/Fd8nGtAsCe9RW9oQ14OCwpuqWFJwADdax0GAh0KC/2JpmHYu+GG8IfESgG4NPxwe36r861jdIW9icsmcRUQOpfCkIsKClbwBhS74oIQAmbxMl23hNqzue6I7+onlZxNqnVH1XLPsMZghx1CkkpVGnSm6bHmiz01AFTF9U5oHto5MLLy1UMIhFDOFOxNHwC4ISK8kC8vnfUkm3nM3GQMD+yvDYPKLse0dYBPUcmFwiErSOkG8guA5IG4nWCkM2V5GpBHPwsGFpckjKOUvsuq+8g3ILqkW5IZSBUDaTSsHUd0CxD05DzZOGOBQ5Lhm3vMm2kbO5uwlTYbZX5deLJLOJivCip56CGX4GpAfT/VRctLyl5NL2CwVE3zUKMTnOj/NLoU7Liqw4WaYKekB2vTCUWcse8mdX1ZiUNxW3EHiXiEGB1yzVxPE0QaLdcfK3pyVVpkd5cxHOdXI5Zg/5RkADYiueyO/1oIObzHPEcAvdoj5fxW5XKnFPux6KzjWdqnqVyZXKNSZquJodn0408n2NGLrEukOVlMaixnNgvj7lmHtz/UlN0FNRzCHwVDl4q3uOiVPfRmj+28=
Expected output: J8iGPq9MWUHnzHYJqNE3y/o41uZXTdr+JGOl7YN06qIv+vbylgL367Y8B0jA/LYPcPIJDpUs991DdHEgFAE/+JkVYcrKZpmGXSFvR3RWaTe3DQZMoeD07iaOElJXVn6XBWbU77hCDUMkWXwWHbH9Ybs9BDyq8VHCrhHXgo4zyRNHB+Hb4LLVPyFCv+nQ8d6wCbY14ecyMiL5xS27g78aAg+87uTaq/naLPiSUftKiq0/ih9/Jk6IxrSLsfF4XRD2uAe5jruUMe+wZmzzYeS1syl1nto2FX/28k/z2c8Bt1Rr7nl4E6uiEKO2jYknBkwvJ2MVmbiANpeal534GRvBWaHvTGU/kZa4hEjDkRbZJ/byvLIOMrafoCQfmHYVBLS1OkVEraa34LIqla38VAV7QQGtUrq4ehYsJ16daacysCkJcuvyYz0qNoSvBV9Knh727eEbkLHrYkjf7LjYvWkVXt82AwdohzlnbQb/Ge1BhR+tV0jmC5ztpHE6xzRqkjuNU3mYKjE/Jp+udKokNXcPZcbCrFhA8MY6ay/ldy8ySYl3vTdzE0d8FzIVn/z8fBJme/nCDLeP8/bRja+dpwKwWO0c9k/cyKs0M0YEyZ/PF/CYm/sPBMZHFY4cJacVqrkbnFgEWSAnEJ8SLCqLNXKQR/4hOhlC9sF3asMCkGszrgc=
Additional details
I'm sure I'm using:
RSA
SHA256
PKCS1
Hello World! as input text
You can check using openssl or 8gwifi RSA Signature/Generation & Validation (make sure you paste the keys provided and change the signature algorithm to SHA256withRSA)
Found the problem. When loading the keys you can't load both. You need to load the one you need, do whatever operation you need and then load the other one for the next operation.
I try to encrypt data in perl and decrypt data in php using Crypt::OpenSSL:RSA.
I am able to decrypt in perl but get NULL in php.
perl code:
use strict;
use MIME::Base64;
use Crypt::OpenSSL::RSA;
print "Content-Type: text/html\n\n";
my $string = '123';
my $key_string = "-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2n9QlRt3ERZXt6CQ5ufb
eKIlzaJFqr7LxgxiRSy/ZdMnxvCdRoKtW4JbVM62WaEBuOVZIxlJRYRTplloDl9l
7yksxEfN5/AosIJzOPqjj1U1ICvoFS1ORS/8FwAqBd3HeL8BW3gIH+03WTh+bKE/
65u7hyTEi/bb3k1JtxUVSKI04EovCZVivR/nhAZ7lJrjhW23vmhTwlIoIijZfOre
ctE00rcJ9I5KY4V4djQM8mDGFWQTNrdBku+DpGt4//lw/i5w0/MCr9mHqSw3Nxty
/PnMG7dpiA+WjVA9W1TYCVcRZBD+Wsd3OjXxgl46OZYdI5dKYNLKE7BUMccEJj9l
eQIDAQAB
-----END PUBLIC KEY-----";
my $public = Crypt::OpenSSL::RSA->new_public_key($key_string);
$string = $public->encrypt($string);
$string = MIME::Base64::encode_base64($string);
print $string;
php code:
<?php
$encrypted = 'ZkEVc2US6/mqeix3409VYXSTmJtycVLxXztsKpCFpbb6Adp3MBRfYL4nblsWLND+17xaLhVqk4+h ZPw97gzAqlp8YNPA4vgCVdzamq84+kVd7Ykqot9UcDq9zRSpo7S/8EenZO8Cu9OlAwvTavb2pSnX z0w9a9mJqmIJ+zYtao6L1tV3+WlcMIYix9vaIiWU5qZigjNAlff+wT20pEh7Lqu2iAsd1h8aKt5l 3NBRqHG9M0WqTdhzrqk0Rvb9i/a2Zoo7XWC/jz9OR8FaThCM7Gyw8+jWL+z+aL2qveeAPW9e7Pwa GSk1SibTs1L0lTeQk8FmjtC2IW1j7Qn8NzUcZA==';
$encrypted = base64_decode($encrypted);
$key_content = "-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----";
$private_key_res = openssl_get_privatekey($key_content);
openssl_private_decrypt($encrypted, $decrypted, $private_key_res);
var_dump($decrypted);
?>
And I get NULL in PHP
solved the problem with add $public->use_sslv23_padding();
the encrypt data can decrypt in php.
How could I remove passphase from RSA private key using PHP
I know that in OpenSSL it is this way:
openssl rsa -in key.key -out key.key
and I am searching equivalent command to this one in PHP.
RSA command requires the pass
OpenSSL> rsa -in key2.key -out key2.key
Enter pass phrase for key2.key:
Using phpseclib, a pure PHP RSA implementation:
<?php
include('Crypt/RSA.php');
$rsa = new Crypt_RSA();
$rsa->setPassword('password');
$rsa->loadKey('...');
$rsa->setPassword();
echo $rsa->getPrivateKey();
?>
This would accomplish the same operation using the openssl extension:
$key = file_get_contents('key2.key');
$password = 'your password or pass phrase';
if (false === ($pkey = openssl_pkey_get_private($key, $password))) {
die(openssl_error_string());
}
openssl_pkey_export($pkey, $out_key);
file_put_contents('key2.key', $out_key);
A concrete example:
$key = <<<EOS
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,775352C44A559B6C
V8EuwC29zy4yuY7Ie+HvyygjKJx4G+VF/SgjjCQR+Q/iLaXcoXhIMBmP9ugQpywu
Tgmg25PruaXl3Mabs2h03aUwLyFEEjcnaVz4IFYGflqDIBbSb/Y4Q9Ef0OjbCwCJ
5pEnD0ATPtb+bptHk7VitvyK9vIN4zrqDeWdpGkqhYZx4SkUDLBhcYYYA3eY8P7y
/yeUmHt2p12W7xF4OWflNj0ot7N2GoofKrAomW0vHVAAlVHj4OVyZYeOEG/8gm2A
a3xo+LS9D2tFJjCtnP5ytczWnsoe18bKlWbjV/IimlkVEqR6jx0jC99eCUHyaSvm
OfU/DHHcooBIJxXB5VfxFbRzjyWYgsAiVf2lThvusRb+j8/Ey28t5CWx8ME2hgmk
hrTPmCFor+Lx/7++cmOFWSNvJU8MrC6jH+q2R3xIPuY=
-----END RSA PRIVATE KEY-----
EOS;
$password = 'superman';
if (false === ($pkey = openssl_pkey_get_private($key, $password))) {
die(openssl_error_string());
}
openssl_pkey_export($pkey, $out_key);
echo $out_key;