Encryption openssl in php not working (possibly too long)

Ive got a simple openssl function, which works for small phrases, but when I try with a large string, it seems to fail. Is there a limit to the size of the string I can encrypt?

My sample code is:-
<?php
function EncryptData($source)
{
    $fp=fopen("c:/Rob/cert.txt","r");
    $pub_key=fread($fp,8192);
    fclose($fp);
    openssl_get_publickey($pub_key);
    /*
    * NOTE:  Here you use the $pub_key value (converted, I guess)
    */
    openssl_public_encrypt($source,$crypttext,$pub_key);
    return(base64_encode($crypttext));
}

function DecryptData($source)
{
    #print("number : $number");
    $fp=fopen("c:/Rob/key.txt","r");
    $priv_key=fread($fp,8192);
    fclose($fp);
    // $passphrase is required if your key is encoded (suggested)
    //$res = openssl_get_privatekey($priv_key,$passphrase);
    $res = openssl_get_privatekey($priv_key);
    /*
    * NOTE:  Here you use the returned resource value
    */
    $decoded_source = base64_decode($source);
    openssl_private_decrypt($decoded_source,$newsource,$res);
    return($newsource);
}

$originalText = "It may also be objected that my opening remark about the appealing character of Pyrrhonism is wrong or surprising, given that it is not possible for anyone to think that the stance I have presented is attractive and worth adopting. For instance, not only does the Skeptic not promise that the suspensive attitude will certainly make possible the attainment of ataraxia, but he does not even regard this as an aim that is intrinsic to his philosophy. To this objection, I would first reply that the appeal of Skepticism seems to lie in the sort of radical changes that this philosophy may entail in a person's life. For, if adopted, the cautious Pyrrhonean attitude will prevent one from making rash judgments about any topic that one has not examined or found final answers to, which in turn will prevent one from acting hastily. Another profound change consists in the fact that, even if at some point the Skeptic broke some of the most important moral rules of the society to which he belongs, he would perhaps experience some kind of discomfort, but he would not believe that he has done something objectively wrong. This would free him from the shame and remorse that those who believe that such an action is morally incorrect would experience in the same situation. In sum, the Pyrrhonean philosophy would produce, if adopted, profound changes in a person's thoughts, feelings, and actions; changes that at first glance seem to be beneficial. But secondly, I think that whether or not Pyrrhonism is an appealing philosophy cannot in the end be determined a priori. For it depends on whether one values such attitudes as caution, open-mindedness, and intellectual modesty; or, if one does, on whether these attitudes are preferred to, for example, the sense of assurance that one may experience when espousing philosophic systems or religious beliefs. This is why my opening comment was just that Pyrrhonism may still be found attractive and worth adopting.";

$encryptedText = EncryptData($originalText);
$dectyptedText = DecryptData($encryptedText);

echo $originalText . "<hr/>" . $encryptedText . "<hr/>" . $dectyptedText;

?>

Open in new window


The $original text is an quick google for "long paragraph", which I used for a quick example.

My key and certificate are personally signed simply from https://www.trustico.co.uk/ssltools/create/certificate-pem/create-self-signed-ssl-certificate.php

Any ideas what Im doing wrong
tonelm54Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
Can you check the output status of your commands, possibly using self sized certs they fail validation of trust.

You're on a windows platform.
You should always check whether your directives are successful or not.  Reading in the keys might fail.........
0
tonelm54Author Commented:
I think the code is correct, as this works fine:-
<?php
function EncryptData($source)
{
    $fp=fopen("c:/Rob/cert.txt","r");
    $pub_key=fread($fp,8192);
    fclose($fp);
    openssl_get_publickey($pub_key);
    /*
    * NOTE:  Here you use the $pub_key value (converted, I guess)
    */
    openssl_public_encrypt($source,$crypttext,$pub_key);
    return(base64_encode($crypttext));
}

function DecryptData($source)
{
    #print("number : $number");
    $fp=fopen("c:/Rob/key.txt","r");
    $priv_key=fread($fp,8192);
    fclose($fp);
    // $passphrase is required if your key is encoded (suggested)
    //$res = openssl_get_privatekey($priv_key,$passphrase);
    $res = openssl_get_privatekey($priv_key);
    /*
    * NOTE:  Here you use the returned resource value
    */
    $decoded_source = base64_decode($source);
    openssl_private_decrypt($decoded_source,$newsource,$res);
    return($newsource);
}

$originalText = "Hello, this is a test";

$encryptedText = EncryptData($originalText);
$dectyptedText = DecryptData($encryptedText);

echo $originalText . "<hr/>" . $encryptedText . "<hr/>" . $dectyptedText;

?>

Open in new window

0
arnoldCommented:
Look at a function where you can Pass it a file handle for input and a filhandle for output instead of the string.

According to the function you are using, it seems to have a known limit

http://php.net/manual/en/function.openssl-public-encrypt.php
0
gr8gonzoConsultantCommented:
Public/private key encryption (PKI) definitely does have limits. It becomes exponentially more CPU-intensive the longer the data is.

If you are going to encrypt a large amount of data using a public/private key system, the common way to do it is to generate a large random password (like 200 characters long) and use SYMMETRIC encryption (e.g. AES-128) to do the encryption, and then use the public/private key to encrypt the password.

The long password will make it unfeasible for anyone to try and brute force/hack the password, and you can still rely on public/private key encryption to properly and safely pass the password across an untrusted network.

This is basically how it works when you access a web page that is secured with SSL / HTTPS.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.