Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

OpenSSL won't create private keys?

Tags:

php

private

key

openssl

encryption

Okay, well, this is my first time working with encryption on a project. I am using my hosting provider for SSL, but I also want to encrypt portions of the database that are sensitive. For this, I was told to use OpenSSL. I am testing it on my localhost (WAMP), and have installed OpenSSL and turned on the PHP and Apache SSL mods. Okay, so i've been following tutorials and, using several suggested methods, have been able to generate the public key and store it as a file. For some reason, I can't seem to generate the private key. I will post two versions of code that i've tried:

// generate private key
$privateKey = openssl_pkey_new(array(
    'private_key_bits' => 1024,
    'private_key_type' => OPENSSL_KEYTYPE_RSA,
));
// write private key to file
openssl_pkey_export_to_file($privateKey, 'private.key');
// generate public key from private key
$publicKey = openssl_pkey_get_details($privateKey);
// write public key to file
file_put_contents('public.key', $publicKey['key']);
// clear key
echo $privateKey;

?>

This generates a public.key file, but provides me the warnings "openssl_pkey_export_to_file(): cannot get key from parameter 1:" and " openssl_pkey_get_details() expects parameter 1 to be resource, boolean."

I also tried an alternative method:

$config = array(
    "config" => "E:/wamp/bin/apache/apache2.2.22/conf/openssl.cnf",
    "digest_alg" => "sha512",
    "private_key_bits" => 1024,
    "private_key_type" => OPENSSL_KEYTYPE_RSA,
);

// Create the private and public key
$res = openssl_pkey_new($config);

// Extract the private key from $res to $privKey
openssl_pkey_export($res, $privKey, NULL);
echo "Private Key: ".$privKey;
// Extract the public key from $res to $pubKey
$pubKey = openssl_pkey_get_details($res);
$pubKey = $pubKey["key"];
echo "Public Key: ".$pubKey;
$data = 'plaintext data goes here';
echo "Data: ".$data;
// Encrypt the data to $encrypted using the public key
openssl_public_encrypt($data, $encrypted, $pubKey);
echo "Encrypted: ".$encrypted;
// Decrypt the data using the private key and store the results in $decrypted
openssl_private_decrypt($encrypted, $decrypted, $privKey);

echo "Decrypted: ".$decrypted;

This was supposed to echo everything, unfortunately my result was a blank private key, a fine public key, plaintext, and encrypted text, and an error when trying to decrypt: "openssl_private_decrypt(): key parameter is not a valid private key"

Clearly, i'm having a problem with private key creation. I've searched the internet thoroughly and haven't been able to fix it, even though I've implemented simple code that seems to work for everyone else.

Thanks in advance, Elie Zeitouni

like image 809
Elie Zeitouni Avatar asked May 31 '13 22:05

Elie Zeitouni

2 Answers

I know that it has been a while and you may have already solved it but I think that my answer can be helpful for other people who faced the same problem (Like I did).

So if you take a look at the openssl_pkey_export() documentation you can find that it takes four different parameters. If we take a look at your second implementation we can see that you have only provided three.

openssl_pkey_export($res, $privKey, NULL);

This would be just as fine if only your server have the right environment variables for OPENSSL_CONF. Linking to the openssl.cnf file, which as quoted in the README-SSL.txt file that is downloaded with XAMPP is required to make use of CSR and key generation functions from PHP.

To use the CSR and key generation functions from PHP, you will need to install an openssl.cnf file. We have included a sample file that can be used for this purpose in this folder alongside this readme file.

For this reason just as you did for the openssl_pkey_new($config); you must create a associative array containing the config => '/path/to/openssl.cnf'. Just like this:

openssl_pkey_export($res, $privKey, NULL, $config);

I would like to also add that the path of openssl.cnf in my case is inside:

C:\xampp\php\extras\openssl\openssl.cnf

Inside here you will also be able to find a README-SSL.txt file which give a good explaination of how to configure OPENSSL.

Hope it helps. :)

like image 171
tabone Avatar answered Oct 07 '22 08:10

tabone

Banged around my head with getting this to work on windows10 with xampp php 5.5. Finally figured tabone's answer above was in the right direction EXCEPT path format needed to be forward slashed!

C:/xampp/php/extras/openssl/openssl.cnf

Hope this helps someone.

like image 29
pipepiper Avatar answered Oct 07 '22 06:10

pipepiper
Sign in to Comment

Related questions

If $_POST is empty function
Change css value with php
PDO Error: " Invalid parameter number: parameter was not defined"
PHP variable "default value"
Using md5 secured even its more difficult [duplicate]
UTF-8 Decode for php
How to force PDF to download beginner [duplicate]
Convert arrays into UTF-8 ? PHP JSON
PHP changing old mysql_query to PDO
Using photoshop files from web application
Using underscore (_) as a PHP function name
UPDATE last 10 records of PHP Mysql table
Symfony Unable to allocate memory for pool [duplicate]
ftp_login expects parameter 1 to be a resource
Failed to set unsafe attribute
checking if a number is float in PHP
Passing Javascript array to PHP file [duplicate]
is String an Object in PHP?
mb_detect_encoding detects ASCII as UTF-8?
PHP in_array ignoring leading zeros

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!