8

When generating public key and then reading it with function openssl_pkey_get_public - $publicKeyResource = bool(false) and message: error:0906D06C:PEM routines:PEM_read_bio:no start line

$privateKey = openssl_pkey_new(array('private_key_bits' => 2048, 'private_key_type' => OPENSSL_KEYTYPE_RSA));

$keyDetails = openssl_pkey_get_details($privateKey);

$publicKeyResource = openssl_pkey_get_public($keyDetails['key']);

What is wrong?

P.S. 

privateKey = 

array(3) {
  ["bits"]=>int(2048)

  ["key"]=>
  string(451) "-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo5lpSuSQmAOXfqAmexj
IzjdGnd1X1gCKj5ko2DHgcR4XBlj1hbFNs1pzXx+R/UvLXTeF7dNQ+9AgXjEeRa6
71VbNxrUgvb/PHjEANwce7xBsnbu+dcSazyNHzx4ahWyEF4f3HyaJkGrT/Dgzcut
DO+yFAH9u8Hx26cj/8kyrtIHxazemnD+IDHRa3zOjKDmTfoDRKtOMTPVgFAsYBXn
tKcLyamCSBgpwfQwKfUUcYhfY1xD9UMhVXabSSiNQOiTMuOIZUHueO8UCp/tdK6a
LprUDBQ/tVmiV7ZMeZYMjh6XnK7higJ3WZp8RmD4PPeKbtG6j2AuGpbF/ddzD62T
XwIDAQAB
-----END PUBLIC KEY-----
"

  ["type"]=>
  int(0)
}
James
  • 24,676
  • 13
  • 84
  • 130
slamer
  • 105
  • 2
  • 2
  • 7
  • Are you sure ----BEGIN...--- and ----END...--- are part of the PEM format? – James Sep 01 '10 at 11:07
  • Yes. 1) This code generated by openssl_pkey_new for openssl library use. 2) http://dev.modmancer.com/index.php/2010/07/07/php-and-openssl-key-format/ – slamer Sep 01 '10 at 11:13
  • This is exactly the same question I asked few days ago: http://stackoverflow.com/questions/3598044/php-openssl-error-returned-but-correct-result Still want to know the solution... – BarsMonster Sep 01 '10 at 11:15

5 Answers5

5

Same answer as I gave in PHP + OpenSSL : error returned, but correct result: This is apparently caused by openssl_pkey_get_public() which wants a certificate containing your public key rather than the public key by itself – it seems to load the public key but still causes this error. See details there.

Community
  • 1
  • 1
Arc
  • 11,143
  • 4
  • 52
  • 75
2

You might have an easier time with phpseclib's Crypt_RSA. eg.

createKey(2048)); echo $publickey; ?>

More info:

http://phpseclib.sourceforge.net/

1

Most likely PHP's openSSL rejects key in PEM form. Try RSA form instead

Sidora Gleb
  • 11
  • 3
0

Reason:

This error is usually caused by one corrupt character at the beginning of the .crt file. So, the chances are that you have an extra space, an extra character, an extra line, etc. in either the SSL Certificate file (.crt) or the SSL key.

shamittomar
  • 46,210
  • 12
  • 74
  • 78
0

I suspect that this must be a bug in some version of either PHP or OpenSSL, because your posted code works fine for me (with PHP 5.2.6 and OpenSSL 0.9.8g).

caf
  • 233,326
  • 40
  • 323
  • 462
  • 1
    Very latest php_openssl gives same result. You may not see an error, if you are not checking for it. print(openssl_error_string()."
    ");     – BarsMonster Sep 03 '10 at 01:00
  • @BarsMonster: Nope, definitely no error. `$publicKeyResource` ends up with a valid public key resource, and there's no OpenSSL error set. I was actually thinking that the bug might have been something introduced in a *newer* version (of either PHP or OpenSSL), since mine is not particularly recent. – caf Sep 03 '10 at 01:18
  • Redeployed everything with recent versions of PHP, OpenSSL. Same error. Tried to generate public key out of working private one just before verification, still same result... – BarsMonster Sep 03 '10 at 05:00
  • @BarsMonster: I'd try *older* versions, since it could well be a regression. As another thought, could it be a character set issue of some kind? Are you using any kind of localisation? – caf Sep 03 '10 at 05:07
  • @caf: No localisation of any kind, plain vanilla PHP. I've already was on some 0.98? and 1.0.0a... Will try older... – BarsMonster Sep 03 '10 at 07:41
  • @BarsMonster: I tend to suspect PHP more than OpenSSL - what versions of PHP have you tested with? – caf Sep 04 '10 at 10:46
  • @caf: Some 5.2.x, currently 5.3.1 – BarsMonster Sep 05 '10 at 00:55