Public/private key based encryption is very popular because of the strength it sets in encryption, specially above 1024 bits. Now there are external library to encrypt data using RSA encryption like RSA in phpclasses.org – the fun is we were also using this library in one of our ZF based project. But last week I’ve found that there is a hidden gem in the Library/Zend/Crypt folder (Zend_Crypt_Rsa) which can do the same thing using openssl library. The bad thing is that there is no official documentation on how to use this library
Thats why I’ve decided to write a blog post to show you how to use
Zend_Crypt_Rsa and encrypt your data with your public/private key and
decrypt to get it back in original form. Step 1: Create your RSA public/private key using ssh-keygen
1
2
| cd /path/to/keyfolder/ssh-keygen -t RSA |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
| ssh-keygen -t rsaGenerating public/private rsa key pair.Enter file in which to save the key (/Users/hasinhayder/.ssh/id_rsa): ./id_rsaEnter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in ./id_rsa.Your public key has been saved in ./id_rsa.pub.The key fingerprint is:c8:dc:cd:a8:90:98:67:42:65:45:20:f8:58:39:74:66 hasinhayder@hasin-hayders-macbook-pro.localThe key's randomart image is:+--[ RSA 2048]----+| oo.E+o ||. +B || +.. ||...o + o + || + = + S o || + . . || . || || |+-----------------+ |
Step 2: Encrypt data using your public key
As we have our RSA public and private keys in our hand, its time to start playing with these. We will now encrypt our data with our public key. In that way you can only decrypt it with your private key. I hope it is clear now that why we should encrypt using public key only? If now, let me clarify it a bit more. Your public key is “public” to the world. Now if you encrypt your data with your private key, anyone will be able to decrypt it with your public key – so that’s plain meaningless
1
2
3
4
5
6
7
8
| public function encAction(){ $this->_helper->viewRenderer->setNoRender(); $this->_helper->layout->disableLayout(); $zrsa =new Zend_Crypt_Rsa(array("passPhrase"=>"MySecretWord","pemPath"=>"/path/to/your/keyfolder/id_rsa")); //thats the path to the private key file $string = "Yeah, this is my SECRET MESSAGE"; $enc = $zrsa->encrypt($string, $zrsa->getPublicKey(),Zend_Crypt_Rsa::BASE64); echo "Secret Message: {$enc}";} |
– after you execute this action in your browser, you can see something like the following (it will differ based on your key)
1
2
3
4
5
6
7
| jYMRM4jQedQgCdN7T9y6gNfLYZ49F+cSMz2tgLPsflQOE2XhVg98yvoQ/PvUtBYGceEubYLuhYufgQE6VZpsOvvGcXt6WWE97HDGisQXXHhvnvQBzbQQyF0WphCGH/0y2JviVb5zcQGhFIQ6oazztHonIxtdF4Fgaa0M++jCymMSSI8vfOMUoL8s00fxVcqvJ7EVbYrFvUUMCH77HtBAYMziQotSYddiMzb5AqEl8cN0N5Aao7dpOSzzumyuiRRoAA0NGtXnSlqQr5hAfdQ0VvUKkqQHfd64Cfs+T8U9FmPTZUi7XE8jGgYFD0k4H9CJHl1EoVRNsqr3kt4CNntQ== |
Now its time to decrypt the ciphered text
Step 3: Decrypt the cipher
Well, now we have our encrypted string. Lets decrypt it
1
2
| $dec = $zrsa->decrypt($enc, $zrsa->getPrivateKey(),Zend_Crypt_Rsa::BASE64);echo $dec; |
So here is everything together
1
2
3
4
5
6
7
8
9
10
11
| public function encAction(){ $this->_helper->viewRenderer->setNoRender(); $this->_helper->layout->disableLayout(); $zrsa =new Zend_Crypt_Rsa(array("passPhrase"=>"MySecretWord","pemPath"=>"/path/to/your/keyfolder/id_rsa")); //thats the path to the private key file $string = "Yeah, this is my SECRET MESSAGE"; $enc = $zrsa->encrypt($string, $zrsa->getPublicKey(),Zend_Crypt_Rsa::BASE64); echo "Secret Message: {$enc}"; echo "<hr/>"; $dec = $zrsa->decrypt($enc, $zrsa->getPrivateKey(),Zend_Crypt_Rsa::BASE64); echo $dec;} |
references: http://hasin.me/
0 comments:
Post a Comment