RSA iOS encrypt & PHP decrypt

Question

As referring to this link http://blog.iamzsx.me/show.html?id=155002, I generated a pair of key using

$ openssl req -x509 -out public_key.der -outform der -new -newkey rsa:1024 -keyout private_key.pem -days 3650

this command. Then I get private_key.pem & public_key.der.

I follow the implementation what I get the encrypted data is

<ceaedf05 f39b69ab 8618f859 599926e9 c18d9233 342c58e0 534b66af 8b33dda3 375d6a11 b95ad821 11549637 ce4c26dc 760169c6 04096aff 9ec48938 1c6b149f 8180f9bb 8e1337ce 2b492af2 e0464e4c 9ab7aabd 9da53caf 1b5e5277 3c708b43 cb6515ee c9a18b02 4941416c 7f1e36d3 dcd3705b 66f8a159 ab8a7a3f a9db8306>

but what I want is

dXXEEADvRDdk4QVM6TU9dyYtuHe8RVzP3KsWAoDDSQ2w+NELVPOv4mSVW1jIhEhb+pLsmOvLzGIW1/2qkp91M1UoPuhgplV2JEgP8EvcBn8EY43n7wVASGP9heRK0lYMfENP54f35+GFP68nU5zbrmX0IN6DGGGSNdSewzLb6s4=

Actually what I want is the functions below:
in iOS:

- (NSString *)encryptedString:(NSString *)plainText

in PHP:

function decrypted_string()  
{
    $encrypted_string = $_POST['encrypted_string']; 
    // implementation
    return $plain_text;
}

How can I implement these functions?

I already googled for it, unfortunately, there is no solution that I want. Hopefully can get help in here. Thanks in advance.

score 2 · Answer 1 · edited May 23 '17 at 12:12

2

You need to base64 encode the NSData before sending to php. See the answer for the following post:

Creating a base-64 string from NSData

On php end, you can use openssl_private_decrypt to decrypt. Reference below:

http://php.net/manual/en/function.openssl-private-decrypt.php

Sample:

<?php
$fp=fopen("/path/to/private_key.pem","r");
$priv_key=fread($fp,8192);
fclose($fp);
$res = openssl_get_privatekey($priv_key, "myPassword");

$data = $_POST['encrypted_string']; 
if (openssl_private_decrypt(base64_decode($data), $decrypted, $res))
         echo "Decrypted:$decrypted";
?>

edited May 23 '17 at 12:12

Community

1
1

answered Dec 24 '12 at 09:44

user1885297

586
2
6

I follow your instruction here, I use `NSLog` to see the base64 encrypted string and paste to php. `$data = "6M0ZPRKSBcK5tet5D+zRcx3bbYAyIVZKSe/BkD7dMH4f6AnyPMI34raEOXYccsNe44uFxDoPpXCuYVvMbe61v0tCKvGTynl5MxZO2sPyTEzHCtZKGEGWbcfj6sVKSpp6fYNe/Lhr8LFKREPvVjoLGFRy8cvKBuEc3JBloglvi7E=";` unfortunately, `openssl_private_decrypt` return me `false`. Which part I'm doing wrong? – Js Lim Dec 26 '12 at 02:51
Could you check if the `fopen`, `fread` and `openssl_get_privatekey` functions are successful ? – user1885297 Dec 26 '12 at 03:00
`var_dump($fp); var_dump($priv_key); var_dump($res);` resource(6) of type (Unknown) string(963) "-----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,17134F3A80D12347 some private key -----END RSA PRIVATE KEY----- " resource(7) of type (OpenSSL key) should be ok right? – Js Lim Dec 26 '12 at 03:28
ok, Could you post your modified code ? Also, print the openssl error message obtained by calling `openssl_error_string` after the call to `openssl_private_decrypt`. – user1885297 Dec 26 '12 at 03:41
[here](https://dl.dropbox.com/u/30636914/decrypt.php) is my php file. the output is `error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is not 02` – Js Lim Dec 26 '12 at 03:52
The php end looks ok (I am using php 5.3.15). Have you made any changes at the ios end ? Are you using the exact same command as specified in the problem description and the RSA class in the url you have provided ? – user1885297 Dec 26 '12 at 07:29
i follow exactly like [this link](http://blog.iamzsx.me/show.html?id=155002). i have add more functions **`base64forData`** that you provided and `- (NSString *)encryptToString:(NSString *)content { return [self base64forData:[self encryptWithString:content]]; }` is that correct? – Js Lim Dec 27 '12 at 02:46

score 1 · Answer 2 · edited Jan 01 '13 at 05:02

My recommndation: use phpseclib, a pure PHP RSA implementation. eg.

<?php
include('Crypt/RSA.php');

$rsa = new Crypt_RSA();
$rsa->setPassword('abc123');
$rsa->loadKey('-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,927035AD39FA7CED

un9ayDNHNdXKtAzmGB0eCxJ+3z54qNTH2nejrvxVANqDHbOh5642hIWVxrNwD0LC
dbosArWk00bAi9HGgU0UnzN4So3XM2yVxejFh98k8VuB0zPiNWHLGYhaj81BEeob
eLI3QzPCyX7CR1KJwHJC/5xHJMKN+1TCnn/nBsP12JelBJBui6R90LShfqecdJAa
oDpGGcDtPchOaHxHkv8i4AFHKm7QBDbebZZe/Bu0tKr4DJYSeQxe+a+YoqSkdRs5
JoQiqTd+kT9RT+7Kf22xtlThJQ6mh/i7rF0N32eUQsNYgs2eHmjgu55cDI6/XC+x
zIiDAsk2prtVpMzVJDkTUVnY2+AcMfgk2Oxpsx+H/9pHYWp/qma8mmRR7ALdyzce
cVmzCh4NjSPXnlrv4LCY5mEc3ObanIx6ZirmtJWwBiqADVt+aByrLicO3AoN//UU
dUiEtvIC+cl2wZ+eRRUC4uUr47a0AakkXTjZERsJt/cTNpgFdra4mVOefNxnt1rk
lfS9dQyFrBaDiS6IwpK3I9gNuvSam9SIqhSx7WT038Lh50bKvWodDck8OHvl1FwI
FiLN/VehnTJTMDe5Ee7nC6jPqVdagH0nZkNJDlVyjKCbCEKlzYOBr9mYQUqV2lSL
fbpBJOjmHesQAhP4UJNHNOhcyHBQ5WV60y0lySKPUqu20x0N3E+ByleA8g28ijwv
F79RmcldG8x5X6Ur2W7mtKbGFfLC3CFRW9r6a0ycdpfkWo/gii/tQpbBPyYPrsWe
MNkbkzdVMLOIKZLVAd+i82UrDg3zor45JhSRsRhnLRhaZuMOukcqGQ==
-----END RSA PRIVATE KEY-----');

$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);

echo $rsa->decrypt(base64_decode('qieklzzWct0ab7UOows+uvlaI5VLEHwIED4+O9KjVKopGTPIVaB8ioSUNZKnh5LUepmc/gowrp4pM1X??J+e+rPlwqI98d56ijdWuDOOojGR5VCNilztPSxI6PIpQeL58y+B5EVUWv49dcTuGwuRiU/FL8APkNqdEE??k43SLKyhY7w='));

Thanks for help. `qieklzzWct0ab7UOows+uvlaI5VLEHwIED4+O9KjVKopGTPIVaB8ioSUNZKnh5LUepmc/gowrp4pM1XJ+e+rPlwqI98d56ijdWuDOOojGR5VCNilztPSxI6PIpQeL58y+B5EVUWv49dcTuGwuRiU/FL8APkNqdEEk43SLKyhY7w=` this is sample ciphertext, [public key](https://dl.dropbox.com/u/30636914/public_key.der) and [private key](https://dl.dropbox.com/u/30636914/private_key.pem) — Js Lim, Dec 31 '12 at 02:07
What's the password to the private key? In phpseclib you can provide the password by doing $rsa->setPassword('...') but for anyone here to test it the password will need to be posted as well.. — , Dec 31 '12 at 05:22
oh. forgot to post password to you. `abc123`. even I setPassword also get no output — Js Lim, Dec 31 '12 at 05:49
Works fine for me. I get "A test string. Decrypt it!!" as the result. I made a new post with the answer. — , Jan 01 '13 at 04:58

score 1 · Accepted Answer · answered Jan 01 '13 at 05:00

Expanding on neubert's answer..

<?php
include('Crypt/RSA.php');

$rsa = new Crypt_RSA();
$rsa->setPassword('abc123');
$rsa->loadKey('-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,927035AD39FA7CED

un9ayDNHNdXKtAzmGB0eCxJ+3z54qNTH2nejrvxVANqDHbOh5642hIWVxrNwD0LC
dbosArWk00bAi9HGgU0UnzN4So3XM2yVxejFh98k8VuB0zPiNWHLGYhaj81BEeob
eLI3QzPCyX7CR1KJwHJC/5xHJMKN+1TCnn/nBsP12JelBJBui6R90LShfqecdJAa
oDpGGcDtPchOaHxHkv8i4AFHKm7QBDbebZZe/Bu0tKr4DJYSeQxe+a+YoqSkdRs5
JoQiqTd+kT9RT+7Kf22xtlThJQ6mh/i7rF0N32eUQsNYgs2eHmjgu55cDI6/XC+x
zIiDAsk2prtVpMzVJDkTUVnY2+AcMfgk2Oxpsx+H/9pHYWp/qma8mmRR7ALdyzce
cVmzCh4NjSPXnlrv4LCY5mEc3ObanIx6ZirmtJWwBiqADVt+aByrLicO3AoN//UU
dUiEtvIC+cl2wZ+eRRUC4uUr47a0AakkXTjZERsJt/cTNpgFdra4mVOefNxnt1rk
lfS9dQyFrBaDiS6IwpK3I9gNuvSam9SIqhSx7WT038Lh50bKvWodDck8OHvl1FwI
FiLN/VehnTJTMDe5Ee7nC6jPqVdagH0nZkNJDlVyjKCbCEKlzYOBr9mYQUqV2lSL
fbpBJOjmHesQAhP4UJNHNOhcyHBQ5WV60y0lySKPUqu20x0N3E+ByleA8g28ijwv
F79RmcldG8x5X6Ur2W7mtKbGFfLC3CFRW9r6a0ycdpfkWo/gii/tQpbBPyYPrsWe
MNkbkzdVMLOIKZLVAd+i82UrDg3zor45JhSRsRhnLRhaZuMOukcqGQ==
-----END RSA PRIVATE KEY-----');

$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);

echo $rsa->decrypt(base64_decode('qieklzzWct0ab7UOows+uvlaI5VLEHwIED4+O9KjVKopGTPIVaB8ioSUNZKnh5LUepmc/gowrp4pM1X??J+e+rPlwqI98d56ijdWuDOOojGR5VCNilztPSxI6PIpQeL58y+B5EVUWv49dcTuGwuRiU/FL8APkNqdEE??k43SLKyhY7w='));

RSA iOS encrypt & PHP decrypt

3 Answers3