2

I have this test code in php:

function genPGP() {
    // Create the keypair
    $res=openssl_pkey_new();
    // Get private key
    openssl_pkey_export($res, $prK, bin2hex(mcrypt_create_iv(100, MCRYPT_DEV_URANDOM)));
    // Get public key
    $puK = openssl_pkey_get_public($prK);
    return array($prK,$puK);
}

function prKeyDecrypt($data,$key){
    if (openssl_private_decrypt($data, $r, $key)) {
       return $r;
    }
}

$keys = genPGP();
$prK = $keys[0];
$puK = $keys[1];
$data = 'abc123';
openssl_public_encrypt($data,$encrypted,$puK); 
echo prKeyDecrypt($encrypted,$prK);

I'm getting two errors, both of them similar, and they are:

Warning: openssl_public_encrypt(): key parameter is not a valid public key in test2.php on line 23

Warning: openssl_private_decrypt(): key parameter is not a valid private key in test2.php on line 14

I'm not sure what constitutes a "valid ... key." Is there a different way I'm supposed to be getting the keys? This seems accurate according to the manual and what I've read.

Improve this question
2
  • 1
    Just a note: your code has no relation to PGP. Commented Jun 21, 2014 at 16:50
  • Thanks for the clarification. It's not really a "Secure Sockets Layer" either. I had been referring to public/private key cryptography as PGP. This is essentially PGP (particularly in the way it's implemented), I think, it's just managed differently and doesn't use the same verification/trust system (per this page). I wish there was an easier/simpler term for public/private key cryptography. Commented Jun 21, 2014 at 20:22

1 Answer 1

Reset to default
2

You are very close. First, don't encrypt your private key with a passphrase. Second, get the public key directly from the resource. I.e.:

function genPGP0() {
    // Create the keypair
    $res=openssl_pkey_new();
    // Get private key
    openssl_pkey_export($res, $prK);
    // Get public key
    $puK = openssl_pkey_get_details($res)["key"];
    return array($prK,$puK);
}

If you want to use a passphrase (you are going to store the private key), you can use something like:

function genPGP() {
    // Create the keypair
    $res=openssl_pkey_new();
    // Get private key
    $pass = bin2hex(mcrypt_create_iv(100, MCRYPT_DEV_URANDOM));
    openssl_pkey_export($res, $prK_encrypted, $pass);
    $prK = openssl_pkey_get_private($prK_encrypted, $pass);
    // Get public key
    $puK = openssl_pkey_get_details($res)["key"];
    return array($prK,$puK);
}
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

As an extension of that question, if that's permissible on SO, how would I store $prK in a session variable, such as $_SESSION['prK']. The simple assignment $_SESSION['prK']=$keys[0] stores the number 0 and the same thing happens when assigning it as a reference, e.g. $_SESSION['prK']=&$keys[0].
You should ask a new question. I don't use PHP -- I prefer Ruby, so I'm not familiar with session variables in PHP. Cheers!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.