0

I need to authenticate myself via PHP script on remote website, and website uses JS-based RSA encryption for passwords. Here's the code from website:

function rsa_encrypt(strPlainText) {
    var strModulus = "some_random_string";
    var strExponent = "10001";
    var rsa = new RSAKey();
    rsa.setPublic(strModulus, strExponent);
    var res = rsa.encrypt(strPlainText);
    if (res) {
        return res;
    }
    return false;
}

Browsed a lot of topics on this website, and found that the recommended way is to use phpseclib (if there's another one, let me know). However, using basic example from http://phpseclib.sourceforge.net/rsa/examples.html#encrypt,enc2 I get just an empty page. I entered some_random_string into $rsa->loadKey('...'); - not sure if I did it right? However, I can't see a place to enter strExponent (which is 10001) in this example.

So I tried another solution - Encrypt and Decrypt text with RSA in PHP and modified my code to look the following:

include('Crypt/RSA.php');

$privatekey = "some_random_string";

$rsa = new Crypt_RSA();
$rsa->loadKey($privatekey);

$plaintext = new Math_BigInteger('10001');
echo $rsa->_exponentiate($plaintext)->toBytes();

However, I get this error:

Fatal error: Call to a member function abs() on null in Math\BigInteger.php on line 1675

The solution was posted some time ago, so I guess something got changed in phpseclib library during this time, and I'm just not sure how to re-modify my code.

neubert
  • 15,947
  • 24
  • 120
  • 212
Mindaugas Li
  • 1,071
  • 5
  • 15
  • 37

1 Answers1

0

Popular formats for RSA keys typically contain both the exponent and the modulus within them. See, for example, my answer to I understand the mathematics of RSA encryption: How are the files in ~/.ssh related to the theory? for a more detailed discussion of one particular type of key format.

If you have the exponent and modulo as distinct values try doing this:

$rsa->loadKey([
    'e' => new Math_BigInteger('10001', 16),
    'n' => new Math_BigInteger('some_random_string', 16);
]);

Note the , 16 bit. 65537 (10001 in hex) is a common RSA exponent. Math_BigInteger assumes, by default, that the number being passed to it is in base-10, unless you specifically tell it otherwise. One requirement of RSA is that e be coprime to either phi(n) or lcm(n). 65537 is trivially coprime because it is prime. 10001 is not prime. It can be factored into 73*137.

Community
  • 1
  • 1
neubert
  • 15,947
  • 24
  • 120
  • 212