tonelm54
asked on
Encryption openssl in php not working (possibly too long)
Ive got a simple openssl function, which works for small phrases, but when I try with a large string, it seems to fail. Is there a limit to the size of the string I can encrypt?
My sample code is:-
The $original text is an quick google for "long paragraph", which I used for a quick example.
My key and certificate are personally signed simply from https://www.trustico.co.uk /ssltools/ create/cer tificate-p em/create- self-signe d-ssl-cert ificate.ph p
Any ideas what Im doing wrong
My sample code is:-
<?php
function EncryptData($source)
{
$fp=fopen("c:/Rob/cert.txt","r");
$pub_key=fread($fp,8192);
fclose($fp);
openssl_get_publickey($pub_key);
/*
* NOTE: Here you use the $pub_key value (converted, I guess)
*/
openssl_public_encrypt($source,$crypttext,$pub_key);
return(base64_encode($crypttext));
}
function DecryptData($source)
{
#print("number : $number");
$fp=fopen("c:/Rob/key.txt","r");
$priv_key=fread($fp,8192);
fclose($fp);
// $passphrase is required if your key is encoded (suggested)
//$res = openssl_get_privatekey($priv_key,$passphrase);
$res = openssl_get_privatekey($priv_key);
/*
* NOTE: Here you use the returned resource value
*/
$decoded_source = base64_decode($source);
openssl_private_decrypt($decoded_source,$newsource,$res);
return($newsource);
}
$originalText = "It may also be objected that my opening remark about the appealing character of Pyrrhonism is wrong or surprising, given that it is not possible for anyone to think that the stance I have presented is attractive and worth adopting. For instance, not only does the Skeptic not promise that the suspensive attitude will certainly make possible the attainment of ataraxia, but he does not even regard this as an aim that is intrinsic to his philosophy. To this objection, I would first reply that the appeal of Skepticism seems to lie in the sort of radical changes that this philosophy may entail in a person's life. For, if adopted, the cautious Pyrrhonean attitude will prevent one from making rash judgments about any topic that one has not examined or found final answers to, which in turn will prevent one from acting hastily. Another profound change consists in the fact that, even if at some point the Skeptic broke some of the most important moral rules of the society to which he belongs, he would perhaps experience some kind of discomfort, but he would not believe that he has done something objectively wrong. This would free him from the shame and remorse that those who believe that such an action is morally incorrect would experience in the same situation. In sum, the Pyrrhonean philosophy would produce, if adopted, profound changes in a person's thoughts, feelings, and actions; changes that at first glance seem to be beneficial. But secondly, I think that whether or not Pyrrhonism is an appealing philosophy cannot in the end be determined a priori. For it depends on whether one values such attitudes as caution, open-mindedness, and intellectual modesty; or, if one does, on whether these attitudes are preferred to, for example, the sense of assurance that one may experience when espousing philosophic systems or religious beliefs. This is why my opening comment was just that Pyrrhonism may still be found attractive and worth adopting.";
$encryptedText = EncryptData($originalText);
$dectyptedText = DecryptData($encryptedText);
echo $originalText . "<hr/>" . $encryptedText . "<hr/>" . $dectyptedText;
?>
The $original text is an quick google for "long paragraph", which I used for a quick example.
My key and certificate are personally signed simply from https://www.trustico.co.uk
Any ideas what Im doing wrong
ASKER
I think the code is correct, as this works fine:-
<?php
function EncryptData($source)
{
$fp=fopen("c:/Rob/cert.txt","r");
$pub_key=fread($fp,8192);
fclose($fp);
openssl_get_publickey($pub_key);
/*
* NOTE: Here you use the $pub_key value (converted, I guess)
*/
openssl_public_encrypt($source,$crypttext,$pub_key);
return(base64_encode($crypttext));
}
function DecryptData($source)
{
#print("number : $number");
$fp=fopen("c:/Rob/key.txt","r");
$priv_key=fread($fp,8192);
fclose($fp);
// $passphrase is required if your key is encoded (suggested)
//$res = openssl_get_privatekey($priv_key,$passphrase);
$res = openssl_get_privatekey($priv_key);
/*
* NOTE: Here you use the returned resource value
*/
$decoded_source = base64_decode($source);
openssl_private_decrypt($decoded_source,$newsource,$res);
return($newsource);
}
$originalText = "Hello, this is a test";
$encryptedText = EncryptData($originalText);
$dectyptedText = DecryptData($encryptedText);
echo $originalText . "<hr/>" . $encryptedText . "<hr/>" . $dectyptedText;
?>
Look at a function where you can Pass it a file handle for input and a filhandle for output instead of the string.
According to the function you are using, it seems to have a known limit
http://php.net/manual/en/function.openssl-public-encrypt.php
According to the function you are using, it seems to have a known limit
http://php.net/manual/en/function.openssl-public-encrypt.php
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You're on a windows platform.
You should always check whether your directives are successful or not. Reading in the keys might fail.........