如何解密 OpenSSL 上之前通过 Crypto++ 加密的字符串?

发布于 2024-09-28 06:34:29 字数 1742 浏览 6 评论 0原文

编辑:我发现按键并不是我在评论中所说的问题。我可以毫无问题地使用它们来加密和解密 OpenSSL 上的数据。

但是我需要解密 OpenSSL 上之前通过 Crypto++ 加密的字符串 这不起作用。

我稍后会发布更多详细信息。

嗨,我已经使用 Crypto++ 生成的 RSA 公钥加密了一个字符串,现在我正在尝试(仍然不成功)通过 PHP 和 OpenSSL 对其进行解密。

这就是我正在做的事情:

  • 不是base64或十六进制编码的私钥存储在名为“rsa-private.key”的文件中
  • 加密的消息存储在“message.txt”(十六进制编码)中

步骤1:加载通过以下方式获取私钥: $key = file_get_contents("rsa-private.key");

步骤 2:使用以下函数将密钥转换为 PEM 格式:(

<?php
function pkcs8_to_pem($der) {

    static $BEGIN_MARKER = "-----BEGIN PRIVATE KEY-----";
    static $END_MARKER = "-----END PRIVATE KEY-----";

    $value = base64_encode($der);

    $pem = $BEGIN_MARKER . "\n";
    $pem .= chunk_split($value, 64, "\n");
    $pem .= $END_MARKER . "\n";

    return $pem;
    }

    $PEMprivatekey = pkcs8_to_pem($key); 
?>

stackoverflow.com/questions/1357569/ )

步骤 3:准备密钥供 OpenSSL 进一步使用:(没有任何问题)

<?php
$privateKey = openssl_get_privatekey($PEMprivatekey);
if (!$privateKey) {
    echo "Cannot get public key";
}
?>

步骤 4:获取消息并使用以下函数解码消息:

<?php
function hex_to_str($hex){

    for ($i=0; $i < strlen($hex)-1; $i+=2) {
    $string .= chr(hexdec($hex[$i].$hex[$i+1])); }
    return $string;
}

$message = file_get_contents("message.txt");` 
$encryptedstring = hex_to_str($message);
?>

步骤 5:解密字符串:(不起作用)

<?php
openssl_private_decrypt($encryptedstring, $decrypteddata, $privateKey);
if (!$decrypteddata) {
    echo "........"; } else { echo $decrypteddata; }
?>

$decrypteddata 始终为空。

我不明白为什么它不起作用。有人注意到我做错了什么吗?

EDIT: I found out that the keys aren't the problem like I said in the comments. I can use them without any issues to encrypt and decrypt data on OpenSSL.

But I need to decrypt a string on OpenSSL that was previously encrypted via Crypto++
and that's not working.

I'll post additional details later.

Hi, I have encrypted a string using an RSA public key generated with Crypto++ and now I'm trying (still unsuccessful) to decrypt it via PHP and OpenSSL.

That is what I'm doing:

  • The private key which is NOT base64 or hex encoded is stored in a file called "rsa-private.key"
  • The encrypted message is stored in "message.txt" (hex encoded)

STEP 1: Load the private key via: $key = file_get_contents("rsa-private.key");

STEP 2: Convert the key into PEM format using the following function:

<?php
function pkcs8_to_pem($der) {

    static $BEGIN_MARKER = "-----BEGIN PRIVATE KEY-----";
    static $END_MARKER = "-----END PRIVATE KEY-----";

    $value = base64_encode($der);

    $pem = $BEGIN_MARKER . "\n";
    $pem .= chunk_split($value, 64, "\n");
    $pem .= $END_MARKER . "\n";

    return $pem;
    }

    $PEMprivatekey = pkcs8_to_pem($key); 
?>

( stackoverflow.com/questions/1357569/ )

STEP 3: Prepare the key for further use by OpenSSL: (without any problems)

<?php
$privateKey = openssl_get_privatekey($PEMprivatekey);
if (!$privateKey) {
    echo "Cannot get public key";
}
?>

STEP 4: Get the message and decode the message using the following function:

<?php
function hex_to_str($hex){

    for ($i=0; $i < strlen($hex)-1; $i+=2) {
    $string .= chr(hexdec($hex[$i].$hex[$i+1])); }
    return $string;
}

$message = file_get_contents("message.txt");` 
$encryptedstring = hex_to_str($message);
?>

STEP 5: Decrypt the string: (does not work)

<?php
openssl_private_decrypt($encryptedstring, $decrypteddata, $privateKey);
if (!$decrypteddata) {
    echo "........"; } else { echo $decrypteddata; }
?>

$decrypteddata is always empty.

I can't figure out why it's not working. Anyone noticed something I'm doing wrong?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

自在安然 2024-10-05 06:34:29

phpseclib 与 OpenSSL 完全可互操作,并且通常被认为更易于使用。以下 URL 提供了如何与 OpenSSL 互操作的几个示例:

在 PHP 中进行 RSA 加密以在 .NET 中解密

phpseclib is fully interoperable with OpenSSL and is generally regarded as being much easier to use. The following URL provides several examples of how to inter-operate with OpenSSL:

RSA Encrypt in PHP to decrypt in .NET

素食主义者 2024-10-05 06:34:29

好吧,我不知道这是否是问题所在,但我想目前任何事情都有帮助。

我创建了一个小型 openssl/php 测试脚本,并建议使用 2 个公钥-私钥对进行测试。

openssl genrsa -des3 -out private.pem 1024
openssl rsa -in private.pem -out public.pem -outform PEM -pubout

openssl genrsa -out master.key 1024
openssl rsa -in master.key -pubout -out master.pub

第一对使用短语“短语”,

将两对与此脚本一起使用来测试

$source = "FAIL";
echo "<pre>Source: $source";
$fp=fopen("./keys/master.pub","r");
$pub_key=fread($fp,8192);
fclose($fp);
openssl_get_publickey($pub_key);
openssl_public_encrypt($source,$crypttext,$pub_key);
echo "\n\nString crypted: $crypttext";
flush();
$fp=fopen("./keys/master.key","r");
$priv_key=fread($fp,8192);
fclose($fp);
// phrase is required if your key is encoded (suggested)
$res = openssl_get_privatekey($priv_key, 'phrase');
openssl_private_decrypt($crypttext,$newsource,$res);
while($error = openssl_error_string()) {
    echo "\n" , $error;
}
echo "\n\nString decrypt : $newsource";

error:0906D06C:PEMroutines:PEM_read_bio:no start line 错误消息旁边的输出,一切正常,

但是当我混合时密钥(只是为了查看将创建什么错误消息)猜测 openssl_error_string 返回什么错误:

error:0906D06C:PEM routines:PEM_read_bio:no start line
error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is not 02
error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed

这样您就可以检查您的消息是否使用正确的公钥加密

Ok, i dont know if this is the issue, but i guess at this point anything is helpful.

I've created a small openssl/php test script and for testing proposes 2 public-private-key pairs.

openssl genrsa -des3 -out private.pem 1024
openssl rsa -in private.pem -out public.pem -outform PEM -pubout

openssl genrsa -out master.key 1024
openssl rsa -in master.key -pubout -out master.pub

the first pair uses an phrase "phrase"

used both pairs with this script to test the output

$source = "FAIL";
echo "<pre>Source: $source";
$fp=fopen("./keys/master.pub","r");
$pub_key=fread($fp,8192);
fclose($fp);
openssl_get_publickey($pub_key);
openssl_public_encrypt($source,$crypttext,$pub_key);
echo "\n\nString crypted: $crypttext";
flush();
$fp=fopen("./keys/master.key","r");
$priv_key=fread($fp,8192);
fclose($fp);
// phrase is required if your key is encoded (suggested)
$res = openssl_get_privatekey($priv_key, 'phrase');
openssl_private_decrypt($crypttext,$newsource,$res);
while($error = openssl_error_string()) {
    echo "\n" , $error;
}
echo "\n\nString decrypt : $newsource";

beside an error:0906D06C:PEM routines:PEM_read_bio:no start line error-message all went fine

BUT when i mix the keys (just to see what error-message will be created) guess what errors openssl_error_string returns:

error:0906D06C:PEM routines:PEM_read_bio:no start line
error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is not 02
error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed

so you could check if your message is encrypted with the right public key

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文