RSA cryptography in PHP (How To?)

Being security is one of the utmost considerations in current web site/ application development process, I am sure you have spent a lot of time writing codes to handle encryption in your applications.

In this article I am trying to present one of my favorite ways to solve this issue, the RSA encryption/ decryption handling in your PHP development.

This is quite straight forward as I am using PHPSecLib package. I was using openSSL library for PHP for few years and recently started dealing with this package. It is pretty cool implementation so I started loving it.

First of all you need to get the package, it is available to download[1] and it comes with MIT license[2], GPL compatible[3].

If your intention is to use PHPSecLib only for RSA encryption and decryption I suggest including only two directories which are Crypt and Math in your production environment.

First step towards the RSA encryption is to create the public and private keys. Note that I have secured the keys with a passphrase.

$rsa = new Crypt_RSA();
$rsa->setPassword('pa$$wrd5');
$keys=$rsa->createKey(1024);

echo $keys['privatekey'];
echo $keys['publickey'];

The code is self explaining. createKey() method is taking the bit value of the key and output an array which contains the Private and Public keys. setPassword() is optional, you can omit it if you dont want to create the keys with a passphrase. If you want to use 2048 bit key then provide 2048 as an argument in createKey() instead 1024.

Once keys are ready you can start the encryption. I am using using the public key. Passphrase is not required when encrypting.

$rsa->loadKey($keys['publickey']);
$plaintext = 'Text to be transmitted securely !!!';
$ciphertext = $rsa->encrypt($plaintext);
echo $ciphertext;

Decryption goes as follow (using the private key), note that the passphrase is mandatory:

$rsa->loadKey($keys['privatekey']);
$rsa->setPassword('pa$$wrd5');
$re_plaintText =  $rsa->decrypt($ciphertext);
echo $re_plaintText;

I have written a static class to demonstrate how encryption can be carried out. Please check the following:

***DO NOT use this code in your production env as the code lacks lot of fine tuning and security measures***

This is just to illustrate how the PHPSecLib can be used in a code


<?PHP

include('Crypt/RSA.php');

class myRSA
{
	public static $privateKey = '';
	public static $publicKey = '';
	public static $keyPhrase = '';
	
	public static function createKeyPair()
	{
		$rsa = new Crypt_RSA();
		$password = base64_encode(sha1(time().rand(100000,999999)));
		$rsa->setPassword($password );
		$keys=$rsa->createKey(2048);		
		myRSA::$privateKey=$keys['privatekey'];
		myRSA::$publicKey=$keys['publickey'];
		myRSA::$keyPhrase=$password;
	}

	public static function encryptText($text)
	{
		$rsa = new Crypt_RSA();
		$rsa->loadKey(myRSA::$publicKey);
		$encryptedText = $rsa->encrypt($text);
		return $encryptedText;
	}

	public static function decryptText($encryText)
	{
		$rsa = new Crypt_RSA();
		$rsa->setPassword(myRSA::$keyPhrase);
		$rsa->loadKey(myRSA::$privateKey);
		$plaintext = $rsa->decrypt($encryText);
		return $plaintext;
	}
}
?>

<?php

//create keys
myRSA::createKeyPair(1024);

//Text to encrypt
$text = "A secret lies here, send the text via a secure mode";
echo 'Text : '.$text;

$secureText = myRSA::encryptText($text);
echo 'Encrypted : '.$secureText;

$decrypted_text =  myRSA::decryptText($secureText);
echo 'Decrypted Text : '.$decrypted_text;
?>

PHPSecLib API Documentation is available here.[4] A handy reference to check when you get stuck or need more info on methods.

[1] http://phpseclib.sourceforge.net/index.html

[2] https://en.wikipedia.org/wiki/MIT_License

[3] https://www.gnu.org/licenses/license-list.html#X11License

[4] https://api.phpseclib.org/master/

Advertisements

2 thoughts on “RSA cryptography in PHP (How To?)

Please add your valuable idea below, will make a discussion, thanks !

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s