3

(This question was originally posted on ServerFault - I have deleted it there and moved it here.)

I have a development machine running PHP 5.3.5 and a production machine running PHP 5.3.8.

The following code runs on the development machine:

<?php
$key = "-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0x+2RiQ+LCZNAUcl/Ecf1NrTr
lhjOiHaVC+w/y+UJevqVcDstD22OJGwT13B9T47OuQG9BmzcZQYLcShUMhVD/Owu
9+8PcK51EnBd0lym6+z/WixpnqfQonyKiqq5ytmYKUlUv39J8QQUI2geyvY9VpWS
wyNcFUs7wPl2zsLCPQIDAQAB
-----END PUBLIC KEY-----";

$data = "Hello, world!";

$key1 = openssl_get_publickey($key);
print_r ($key1);
echo "<p>";

$res = openssl_public_encrypt($data, $encrypted_data, $key1, OPENSSL_PKCS1_PADDING);

echo base64_encode($encrypted_data);

On my development machine, this code outputs a resource and an encoded string. I would copy it here, but of course it changes each time. On the production machine, this code produces the resource number and the following PHP errors:

PHP Warning:  openssl_public_encrypt(): Don't know how to get public key from this private key in C:\xxx\test.php on line 15
PHP Warning:  openssl_public_encrypt(): key parameter is not a valid public key in C:\xxx\test.php on line 15

Unfortunately, installing an older version of PHP on the production machine is not an option at the moment because of other applications that are running on it which require 5.3.8 as a minimum.

Would it help if I upgraded to 5.4.x?

I do know that the version of OpenSSL on 5.3.5 is 0.9.8 whereas the version in 5.3.8 is 1.0.0. I imagine that there might be a problem there. Is there any way to work around that?

I have tried to find out as much as I can from the OpenSSL.org site, and the PHP bug tracker, but I don't know what I'm looking for.

Regards,

Philip

Philip
  • 3,689
  • 3
  • 24
  • 35
  • Have you compared the settings of each php.ini configuration file? – Robert Jul 09 '12 at 17:02
  • @RobB: Superficially, yes. Both have the OpenSSL extension loaded. Neither file has any further OpenSSL settings. What else should I look for? – Philip Jul 09 '12 at 19:06
  • @RobB I've done a diff on the two php.ini files - there are no significant differences between the two that can't be explained by the fact that one is a production server and one is a development server. – Philip Jul 09 '12 at 19:18

2 Answers2

9

According to this post, the issue is related to different OpenSSL versions of Apache and PHP in the XAMPP/Windows installation. I had a similar issue with openssl_verify. I solved it by using the same OpenSSL version for both Apache and PHP (replacing DLLs). Here's a link to the solution.

"I found a solution for the problem, it seems there are 2 wrong files in /apache/bin/ in the default 1.7.7 installation that need to be replaced by the files existing in /php/ (libeay32.ddl and ssleay32.dll)"

Community
  • 1
  • 1
binwiederhier
  • 1,893
  • 1
  • 16
  • 23
  • Thanks. I can confirm that I replaced libeay32.dll and openssl.exe. From there, it seemed to work. Perhaps only the libeay32.dll needs to change? – Philip Jul 13 '12 at 15:57
0

You passed the wrong parameter of openssl_public_encrypt

openssl_public_encrypt($data, $encrypted_data, $key1, OPENSSL_PKCS1_PADDING)

where $key1 is the resource id use $key instead of $key1. You can use

openssl_public_encrypt($data, $encrypted_data, $key, OPENSSL_PKCS1_PADDING)

Philip
  • 3,689
  • 3
  • 24
  • 35
Ariful Islam Rajib
  • 37
  • 4