Page 1 of 1
php cannot hold large number
Posted: Wed Sep 12, 2007 3:25 am
by devendra-m
when I tried to use pow(234,456) ,it rounds off the number or it shows infinity. But for RSA encryption to work properly I need complete number without rounding off the number. Please help me if anybody have any idea about this.
Posted: Wed Sep 12, 2007 3:39 am
by crystal ship
I am also facing the same problem in php. Do php really can't handle large numbers?
Posted: Wed Sep 12, 2007 5:08 am
by Maugrim_The_Reaper
For cryptographic algorithms like RSA, , Diffie-Hellman you need to add an extra ingredient: a big integer extension.
The one you both likely have already, since it's a core extension, is BCMath. An alternative for Unix which is faster is the GMP extension. PECL also has a big_int extension available which has a ton of extra functions. But BCMath is usually enough.
PHP can only handle 32bit integers - above this you need to start representing Integers as Strings. To perform computations on such Stringy >32bit integers you need to use BCMath/GMP/big_int. I'm doing a lot of cryptographic development for the Zend Framework at the minute for OpenID Authentication and using something like BCMath is not too hard. I suggest you look up the PEAR Crypt_RSA, Crypt_DiffieHellman packages for examples using these extensions. Most of the time code will use a wrapper around all three extensions so you don't need to worry about which one is installed or not.
Note that PEAR also has an RSA implementation, and one is likely for the Zend Framework soon.
Posted: Wed Sep 12, 2007 6:06 am
by devendra-m
php 5 is not recognising the function bcpowmod. Does it require any module
Posted: Wed Sep 12, 2007 6:30 am
by Maugrim_The_Reaper
Okay, looks like your PHP version is missing it.
Do you have control over your PHP version? PHP5 needs to be compiled with the --enable-bcmath flag in order for BCMath functions to be available. Check your phpinfo() output in case you have GMP (though I doubt it if bcmath is missing altogether).
If nothing else, complain to your host if you don't control PHP - it's bad form leaving out the only solution to big integer support in PHP.
Posted: Wed Sep 12, 2007 6:37 am
by devendra-m
Thanks for your reply. Now I think my problem will be solved. But I have that same problem with javascript.
Posted: Wed Sep 12, 2007 7:26 am
by Maugrim_The_Reaper
http://www-cs-students.stanford.edu/~tjw/jsbn/
Might help you there - they've included an RSA implementation in pure Javascript also.
Posted: Wed Sep 12, 2007 11:29 pm
by devendra-m
What I am trying to do is to encrypt username and password in javascript before submiting the form using RSA encryption and decrypt using php