2

I was searching for RSA in php. Encrypt/decrypt text with RSA in php and in this site I found what I where searching for: Encrypt and Decrypt text with RSA in PHP

But the first and second answer is different! The first answer is a library (external file) but the second answer is a build-in command, openssl_public_encrypt(); .

So what the different about the library (external file) and the openssl_public_encrypt(); . Because the library (external file) can encrypt with RSA and only RSA, but the second one is openssl! I don't understand what got openssl with RSA doing!

Community
  • 1
  • 1
tor
  • 191
  • 11

2 Answers2

1

Both PHP OpenSSL and phpseclib are libraries. The OpenSSL library for PHP of course always uses the external library written in C. With phpseclib you seem to have a choice of using PHP code or the OpenSSL external library (after taking a small look at the source provided by 1615903).

Note that OpenSSL is an extensive project, consisting of an implementation of SSL (e.g. used by the mod_ssl module of the Apache web server), a rather generic cryptographic library with support for PKI and CMS as well as a command line that uses those functions. So maybe that's what confused you; OpenSSL is used for this project as cryptographic library, it's not called by command line interface.

OpenSSL is a library that is extensively used (and you would hope for better security than it actually seems to provide). C-code is much faster than PHP code for cryptographic operations; most scripting languages are not that well suited to crypto operations.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
1

phpseclib has two advantages over OpenSSL where RSA is concerned. at least that i can think of off the top of my head:

  • better key format support. OpenSSL only supports PKCS1 or PKCS8 formatted keys. phpseclib supports those and PuTTY formatted keys and XML Signature keys. And raw keys too.
  • you can use phpseclib's Crypt_RSA objects with it's SSH, SFTP and X.509 implementations
brainyst
  • 11
  • 1