My question relates to the work by https://stackoverflow.com/users/1142256/nowgoo in an article Encrypt with Cryptico.js, Decrypt with OpenSSL I tried to comment on the original post by nowgoo but I don't have enough clout.
I have prepared a proof of concept that details my code and assocaited files at https://github.com/darrenwheatley/openssl_javascript This includes the index.php below and the modified cryptio.js file I am using, as well as the two keys in case there is a formatting issue.
The mission: Without entering into the politics of using encryption and javascript I wish to encrypt a string using javascript and then decrypt it using a server side technology, in this instance PHP, on my current environment.
The environment:
- Windows 8.1
- IIS7
- PHP 5.6.11
OpenSSL details from phpinfo
openssl
OpenSSL support enabled OpenSSL Library Version OpenSSL 1.0.1p 9 Jul 2015 OpenSSL Header Version OpenSSL 1.0.1p 9 Jul 2015
Directive openssl.cafile openssl.capath Local Value no value no value Master Value no value no value
The code:
<?php
// Code based on article https://stackoverflow.com/questions/16505963/encrypt-with-cryptico-js-decrypt-with-openssl
if (isset($_POST["codeEnc"]))
{
// Process the input
$keyPrivate = openssl_get_privatekey(file_get_contents('private2048.key'));
openssl_private_decrypt(base64_decode($_POST["codeEnc"]), $decrypted, $keyPrivate);
echo "Error Strong: ".openssl_error_string()."<br>\n";
echo "Decrypted code: ".$decrypted."<br>\n";
}
// Set up the encryption
$keyCert = openssl_get_publickey(trim(file_get_contents('public2048.pem')));
$detail = openssl_pkey_get_details($keyCert);
$n = base64_encode($detail['rsa']['n']);
$e = bin2hex($detail['rsa']['e']);
?>
<html>
<head><title>openssl test</title></head>
<body>
<form name="test" id="test" method="post" action="?">
<input id="code" name="code" type="text" value='Change this string'>
<input id="codeEnc" name="codeEnc" type="hidden">
<input id="submit_code" name="submit_code" type="button" value="Go" onClick="submitPage('test');">
</form>
<script src="modified_cryptico.js"></script>
<script>
function submitPage(formName)
{
// I had to change the next line because the output was {$n}|{$e} instead of the public key... php101 but I don't usually code this way. Perhaps this is the issue
//var publicKey = '{$n}|{$e}';
var publicKey = '<?php echo $n; ?>|<?php echo $e; ?>';
var pCode = document.getElementById('code');
var pCodeEnc = document.getElementById('codeEnc');
encrypted = cryptico.encrypt(pCode.value, publicKey);
pCodeEnc.value = encrypted.cipher;
pCode.value = '';
document.forms[0].submit();
}
</script>
</body>
</html>
The issue: When I run the code I get the following PHP error: [12-Nov-2015 16:03:20 country/state] PHP Warning: openssl_pkey_get_details() expects parameter 1 to be resource, boolean given in index.php on line 12
My assesment is that I have formed one of the keys incorrectly. As this is outside the example above I am stuck for an answer.
What I tried:
- Researching many ways of doing it without asking here first
- I regenerated each of the keys
- I tried to trim the raw .pem and .key files as I used them
- I tried to ensure the file was a windows compatible file
What does work (but this is all server side)?
$private_key = openssl_get_privatekey(file_get_contents('private4096.key'));
$public_key = openssl_get_publickey(file_get_contents('public4096.pem'));
$data = '{"data":"f80643f0-a298-46e5-a852-85caf305b34a"}';
$encrypted = $e = NULL;
$ret = openssl_seal($data, $encrypted, $e, array($public_key));
$sealed_data = base64_encode($encrypted);
$envelope = base64_encode($e[0]);
echo "sealed data:\n".$sealed_data."<br><br>\n\n";
echo "envelope:\n".$envelope."<br><br>\n\n";
$input = base64_decode($sealed_data);
$einput = base64_decode($envelope);
$plaintext = NULL;
openssl_open($input, $plaintext, $einput, $private_key);
echo "data out:\n".$plaintext."<br><br>\n";
Why have I deviated from the article? (error:02001003:system library:fopen:No such process) The following article describes another issue that I have. OpenSSL not working on Windows, errors 0x02001003 0x2006D080 0x0E064002
The use of .PEM and .KEY files gets around this issue for me. It may or may not be related to the issue at hand.
This is my first post so I apologise for anything missing.
Can anyone please assist me?
