0

I'm trying to setup data encryption between two domains because i'm building an API for authentication data.

Background info

After finally getting openssl to work (sort of) i'm now testing the encryption and decryption part.

The first part i tried runs with success. The data is first json_encoded to be in string format. After that i encrypt it using the public key of the target domain. This results in literally unreadable data

kQrkkd6X6yZ+nxeeq7U/EOMwsDJjZrILmsGOWnwY7A3ULhI1hXQYwhiPlHBYmM4T0xmlVcNTAJDaT0ryv0G7Ee70V+FsdK/sSw3bOjd/46BnqQVyoPJvUcOZjK3xvNS5wfHPW3KD6Sup+INZzd46KOKmqk1DuDW6RJf5lMSjlD+/xLkjtMspYns7wOVvXVGEDIr+FH7XoEraKvntVa/YtgSgfj2r4IWTqF/rYoEYp+wEMU8+GC3/CfgDX1fOq1c+THDOCDGKypqxuVwD1We+NrX+YiUV2i+o5yxnE78XWluADs+adKhNDpFQnmjuSVMS+tuTB0fefCzO2BpehWXjo0+YV8aOc2B4qVyW1418G977qSXZEaCADviF1zH1agj+u5SsjZ4qHyIhZARpvmtCdiRB9f4XzhI6f8HD98qHmYAKwuEAyZNftzVpfRzHR+o6hrtLOcmQMQEu8PfjeW7PyUF8ka3RZa8QLZSpdCM2kjIqJ6BsF0Iomatc2QYbNF3OoGjelBfGOevIDu+q6ed1MpsGqdnj+6+XOVnxfEwFL85jWtGvTGvvnJPh9DADTmdbnElvR9BOXQja07qUML+STOcubo+Kbf1XHI/KZIBNNuVkV1yewhfsyl2zOD9SwYlhPUhMAJvC9lL0N+Gf6jAPTb3cIupyS8q5/faK7PkmrvY=

After that i decrypt the content using the private key with from the target domain. This all works fine.

Main part

The trouble comes when i try two-way encryption. What i mean with that, i'm trying to use encryption to guarantee the data is coming from the domain it tells it coming from and it guarantees the data is only readable by the recieving domain.

To do that i do the following steps

  1. Json_encode that data
  2. Encrypt using private key of the sending domain
  3. Encrypt using the public key of the target domain
  4. Decrypt using the private key of the target domain
  5. Decrypt using the public key of the sending domain

However the $encrypted seems to be null on debug after the second encryption, the same (will) obvious count for $decrypted after that.

Code

/**
 * @param $content
 * @param string $key
 * @return string
 */
public function encryptWithPublic($content, $key = null)
{
    if (is_null($key)) $key = $this->publicKey;

    openssl_public_encrypt($content, $result, $key);
    return base64_encode($result);
}

/**
 * @param $content
 * @param string $key
 * @return string
 */
public function decryptWithPublic($content, $key = null)
{
    if (is_null($key)) $key = $this->publicKey;

    openssl_public_decrypt(base64_decode($content), $result, $key);
    return $result;
}

/**
 * @param $content
 * @param string $key
 * @return string
 */
public function encryptWithPrivate($content, $key = null)
{
    if (is_null($key)) $key = $this->privateKey;

    openssl_private_encrypt($content, $result, $key);
    return base64_encode($result);
}

/**
 * @param $content
 * @param string $key
 * @return string
 */
public function decryptWithPrivate($content, $key = null)
{
    if (is_null($key)) $key = $this->privateKey;

    openssl_private_decrypt(base64_decode($content), $result, $key);
    return $result;
}
Community
  • 1
  • 1
Multi-Cab
  • 11
  • 1
  • 7
  • When you encrypt the first time, the result is raw bytes, not a string. If you try to treat the cyphertext as a string you will get errors. Either treat the cyphertext as raw bytes, or else convert them to a string as Base64. You will need to reverse the Base64 conversion when decoding. – rossum Aug 25 '16 at 12:10
  • @rossum, it works partly the encrypt becomes indeed more readable but the second encryption turns to an empty string instead of null. my first encryption looks like this now: string(684) "4vNcL+YcTtmSjriFtswT5ijv7uV6WY"; (shorted). i used base64_encode for debugging the first encryption and before sending it in the second encryption. – Multi-Cab Aug 25 '16 at 12:31
  • Essentially the same issue as I've described here: http://stackoverflow.com/a/34128955/1816580 – Artjom B. Aug 25 '16 at 16:49

0 Answers0