RSA encryption/decryption between Delphi and Php
Hi all. I have a "little" problem using RSA encryption in a compatible way between Delphi and Php. I found several class for Php and several cmponents for Delphi and they all work fine but when I try to decrypt with Php a string encrypted in Delphi (or viceversa) my code fails: simply returned string isn't the expected one. Googling I found that the problem (if I correctly understood) is the key-pair generation: it seems that Php and Delphi generate different key pairs and I don't know how to make them use the same keys.
Here at EE I found this thread (https://www.experts-exchange.com/questions/22448553/Decrypt-message-sent-for-applicatory-delphi-6-for-php.html) which seems to provide a solution but using suggested library and suggested components didn't solve my problem. I'm sure that is something I do wrong or I simply do not but what it is? Any suggestion will be appreciated.
Thanks to all.
Here at EE I found this thread (https://www.experts-exchange.com/questions/22448553/Decrypt-message-sent-for-applicatory-delphi-6-for-php.html) which seems to provide a solution but using suggested library and suggested components didn't solve my problem. I'm sure that is something I do wrong or I simply do not but what it is? Any suggestion will be appreciated.
Thanks to all.
ASKER
Thanks for your answer, Mahdi, but I knew that topic. There the problem was another one, concerning some difficult with DCPCrypt component, but I can get DCPCrypt working perfectly and I yet can encrypt/decrypt with Rjindael cypher using both Delphi and Php.
But I wish to use RSA encryption.
Cheers
But I wish to use RSA encryption.
Cheers
There should be two keys, one public and one private. The public key is used for encrypting, can be given to anyone. The private key is used for decrypting the encrypted data with that particular public key. Are you following this scenario in your tests. If yes, to ensure it is not a math issue in one of the implementations (Delphi or PHP) try to use that key to decrypt/encrypt in another different implementations to find out whether they agree with the Delphi or PHP results, or maybe none of them. At the end you can test them against each other to be certain about your doubts.
JavaScript:
1.
http://www.hanewin.net/encrypt/rsa/rsa-test.htm
Sourcecode:
http://www.hanewin.net/encrypt/rsa/rsa.htm
2.
http://islab.oregonstate.edu/koc/ece575/02Project/Mor/
3.
http://home.versatel.nl/MAvanEverdingen/Code/code.html
Details:
http://home.versatel.nl/MAvanEverdingen/Code/
JavaScript:
1.
http://www.hanewin.net/encrypt/rsa/rsa-test.htm
Sourcecode:
http://www.hanewin.net/encrypt/rsa/rsa.htm
2.
http://islab.oregonstate.edu/koc/ece575/02Project/Mor/
3.
http://home.versatel.nl/MAvanEverdingen/Code/code.html
Details:
http://home.versatel.nl/MAvanEverdingen/Code/
ASKER
Hi, jimiX. My problem is that. How pass the private key to other program? Let me explain. Suppose I want to encrypt a string in Delphi and decrypt it in Php: then I have to create the public key in Php and pass it to Delphi to encrypt in a way Php script can decrypt, right? But using, for instance, TurboPower LockBox in Delphi 7, I don't find a way to pass a key created by my php script: maybe this is one of that stupid things that I don't see if someone doesn't make me see them, but if you can help, I'll be very grateful.
Cheers
Cheers
use openssl instead. there is an import unit for openssl here: http://www.disi.unige.it/person/FerranteM/delphiopenssl/
to generate keypair in php:
<?php
$res = openssl_pkey_new();
openssl_pkey_export($res, $privkey);
$pubkey = openssl_pkey_get_details($
echo $privkey;
echo $pubkey["key"];
?>
you can create a script that passes public key to delphi, and stores private key into session data.
then, in Delphi you use openssl library to crypt data with public key; then invoke another script that decrypts data using private key stored into session.
tell me if you need more info I can write down a sample --
to generate keypair in php:
<?php
$res = openssl_pkey_new();
openssl_pkey_export($res, $privkey);
$pubkey = openssl_pkey_get_details($
echo $privkey;
echo $pubkey["key"];
?>
you can create a script that passes public key to delphi, and stores private key into session data.
then, in Delphi you use openssl library to crypt data with public key; then invoke another script that decrypts data using private key stored into session.
tell me if you need more info I can write down a sample --
ASKER
I'm sorry I'm late, lomo74, but I have some more urgent private issue to solve. Any way, can you provide some sample code about scripts you spoken about?
Thanks for the help.
Thanks for the help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
one more thing, pay attention to the size of data you try to encrypt.
from openssl RSA_public_encrypt documentation:
"flen must be less than RSA_size(rsa) - 11 for the PKCS #1 v1.5 based padding modes"
it means that with a 1024 bit key (128 bytes) max size of data being encrypted is 116 bytes;
244 bytesfor 2048 bit key;
and so on...
from openssl RSA_public_encrypt documentation:
"flen must be less than RSA_size(rsa) - 11 for the PKCS #1 v1.5 based padding modes"
it means that with a 1024 bit key (128 bytes) max size of data being encrypted is 116 bytes;
244 bytesfor 2048 bit key;
and so on...
ASKER
Hi Lorenzo (are you italian?). I got this
requesting public key to the server...
got public key, reading it...
OOOPS! something went wrong!
error:0906D06C:PEM routines:PEM_read_bio:no start line
Can you understand what happened?
Cheers
requesting public key to the server...
got public key, reading it...
OOOPS! something went wrong!
error:0906D06C:PEM routines:PEM_read_bio:no start line
Can you understand what happened?
Cheers
yes, I'm italian :-)
you have to put the key.php script on a server
then change the base URL (in the client test program) as needed
I used http://acer.rete.local/rsa/key.php because I have a linux box on my LAN named acer.rete.local
if you haven't a server right now, try to change base URL to this one: http://www.lorenzomonti.it/key.php
I put the script on my web space, so you can test quickly
you have to put the key.php script on a server
then change the base URL (in the client test program) as needed
I used http://acer.rete.local/rsa/key.php because I have a linux box on my LAN named acer.rete.local
if you haven't a server right now, try to change base URL to this one: http://www.lorenzomonti.it/key.php
I put the script on my web space, so you can test quickly
ASKER
I'm italian too :-)... but we have to speak english :-(
In your server all works fine but in mine... My first trying was to use my own server http://localhost but I received error I shown before. Then I put script in my server on web but I received a 403 forbidden error. Finally I put it in httpsdocs and I received a 'IOHandler value is not valid' message. I'm a real newbie on encryption so I'm sorry to make you waste your time but if you can help. Anyway, your script is very interesting. Maybe I have to speak with my provider, right?
Cheers
Marco
In your server all works fine but in mine... My first trying was to use my own server http://localhost but I received error I shown before. Then I put script in my server on web but I received a 403 forbidden error. Finally I put it in httpsdocs and I received a 'IOHandler value is not valid' message. I'm a real newbie on encryption so I'm sorry to make you waste your time but if you can help. Anyway, your script is very interesting. Maybe I have to speak with my provider, right?
Cheers
Marco
Ciao Marco --
I'm coming back to you tomorrow, I'll be glad to help you.
today I'm busy with a customer --
hold on
- L -
I'm coming back to you tomorrow, I'll be glad to help you.
today I'm busy with a customer --
hold on
- L -
ASKER
Ciao, Lorenzo.
Hope you have a good day with your customer. I've fixed the problem on localhost and I'll give you the points: your code is very interesting. I only pray you for two things;
1. Suggest me some manual or resource (I prefer books but I'll agree online resources also) to learn something about your Delphi code: what is BIO*? Always I wish to learn and this argument is very interesting and so complex! All this efforts are to provide an anticrack protection to the new version of my software Clone Delphi Wizard: none never will try to crack it, probably, but I think it is a useful tool for Delphi programmers and the new version will increase very mutch its usefulness, so I would protect itas well as I can. It'strue, cracker always find the way to crack, but for me is an occasion to learn something about complex programming tecniques...
2. Don't stop to monitor this question, so I'll can contact you to inform if I'm going to post some other related question, do you agree?
Ciao e grazie mille.
Hope you have a good day with your customer. I've fixed the problem on localhost and I'll give you the points: your code is very interesting. I only pray you for two things;
1. Suggest me some manual or resource (I prefer books but I'll agree online resources also) to learn something about your Delphi code: what is BIO*? Always I wish to learn and this argument is very interesting and so complex! All this efforts are to provide an anticrack protection to the new version of my software Clone Delphi Wizard: none never will try to crack it, probably, but I think it is a useful tool for Delphi programmers and the new version will increase very mutch its usefulness, so I would protect itas well as I can. It'strue, cracker always find the way to crack, but for me is an occasion to learn something about complex programming tecniques...
2. Don't stop to monitor this question, so I'll can contact you to inform if I'm going to post some other related question, do you agree?
Ciao e grazie mille.
ASKER
Thanks so mutch! Please, Lorenzo, read my last post. Bye
Marco:
briefly, my knowledge on the subject comes mainly from documents found on the internet and from personal experimentation.
I can't remember useful links right now but I'll send them to you as soon as I gain access to my workstation --
What about contacting me, so we can stay in touch and speak italian :-)
You can click on the hire me button on my page if you want --
bye - L -
briefly, my knowledge on the subject comes mainly from documents found on the internet and from personal experimentation.
I can't remember useful links right now but I'll send them to you as soon as I gain access to my workstation --
What about contacting me, so we can stay in touch and speak italian :-)
You can click on the hire me button on my page if you want --
bye - L -
ok --
here are some resources
https://developer.mozilla.org/en/Introduction_to_Public-Key_Cryptography
http://ospkibook.sourceforge.net/docs/OSPKI-2.4.7/OSPKI-html/ospki-book.htm
the openssl website, particularly function reference is a must if you want to use openssl
http://www.openssl.org/docs/crypto/
if I find more I'll send to you --
now about BIO... docs say "BIO is an I/O abstraction" - in other words it is something similar to a stream...
you create BIO's, connect them together, read or write through them, and so on
read here http://www.openssl.org/docs/crypto/bio.html
oh, I realized my use of BIO's wasn't very clear... maybe this is clearer:
data written to b64 is base64 encoded, then written to mem.
then I get a pointer to mem's data, where I find base64 encoded data that I transfer into a string.
ciao, - Lorenzo -
here are some resources
https://developer.mozilla.org/en/Introduction_to_Public-Key_Cryptography
http://ospkibook.sourceforge.net/docs/OSPKI-2.4.7/OSPKI-html/ospki-book.htm
the openssl website, particularly function reference is a must if you want to use openssl
http://www.openssl.org/docs/crypto/
if I find more I'll send to you --
now about BIO... docs say "BIO is an I/O abstraction" - in other words it is something similar to a stream...
you create BIO's, connect them together, read or write through them, and so on
read here http://www.openssl.org/docs/crypto/bio.html
oh, I realized my use of BIO's wasn't very clear... maybe this is clearer:
...
//create a base64 BIO
b64 := BIO_new(BIO_f_base64);
mem := BIO_new(BIO_s_mem);
BIO_push(b64, mem);
try
//encode data to base64
BIO_write(b64, buf, len);
BIO_flush(b64);
...
finally
BIO_free_all(b64);
end;data written to b64 is base64 encoded, then written to mem.
then I get a pointer to mem's data, where I find base64 encoded data that I transfer into a string.
ciao, - Lorenzo -
ASKER
Thank you very mutch, Lorenzo, I'll study carefully the resources you have provided. Thank you for having explained your code also: yes, now it's clearer.
Bye
Bye
https://www.experts-exchange.com/questions/26402183/Rijndael-128-bit-Encryption-with-Delphi-and-PHP.html