I've been playing about with javascript and php and wanted to try something out. I found this javascript app http://ohdave.com/rsa/ which can encrypt a string using an RSA exponents.
I want to generate a key in PHP perhaps using something like openSSL, send the public key to Java to encrypt the string and then decrypt it in PHP for the server to use.
The problem I have is that openSSL generates a private and public key, and the javascript app needs the individual exponents (n,e) to encrypt the data.
My understanding of the maths behind RSA is limited but I wondered if there is a way to compute the individual exponents from the openSSL keys? I'm thinking the answer is going to be no, or yes but it will take 1 million years.
Thanks
Javascript PHP RSA
Moderator: General Moderators
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: Javascript PHP RSA
What's wrong with the JS RSA you mentioned?
-
scatty1985
- Forum Newbie
- Posts: 24
- Joined: Fri Dec 18, 2009 8:57 am
Re: Javascript PHP RSA
To work the javascript uses this function which takes $key which is made up of 3 hex strings, 0 being the e exponent, 1 being the d exponent and 2 being the n exponent (modulus).
Where as openSSL produces a key like this:
I dont know how to convert the openSSL key e, d and n which is what the javascrip needs to work. Does that make sense? I did find a PHP class which can make a key which is made of e, d and n but it needs a prime number generator as the key gen function requries 2 primes to work.
Code: Select all
$key = new RSAKeyPair(
"c84dd5b9fdfbdc0818473391980de1b",
"450d061a9d53336bfbb24681d43c453",
"d91acc3da8dccfc7f728bc9c9588faf"
);
$c = encryptedString($key,"hello");Code: Select all
------ PUBLIC RSA KEY START ------- 24jhdf2iuhdf29323dy23d2837dy23dy2837dy382 ------ PUBLIC RSA KEY END -------- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: Javascript PHP RSA
Well at first I would think that the public key is n + e and the private key is the exponent d. I don't have OpenSSL on my laptop and time to test out, but I think you should ask somewhere on JavaScript forums, not PHP...
Are you doing this to encrypt traffic on your site (or for the sites powered by your software)? You should definitely buy an SSL certificate. JavaScript won't encrypt anything, but your body and there's plenty of things you need to do to before you gain some strength with this (like preventing the steal of the session identifier).
Register.com offers a certificate for $24/year: http://www.register.com/product/securit ... ntial.rcmx
That was a *hint*.
Are you doing this to encrypt traffic on your site (or for the sites powered by your software)? You should definitely buy an SSL certificate. JavaScript won't encrypt anything, but your body and there's plenty of things you need to do to before you gain some strength with this (like preventing the steal of the session identifier).
Register.com offers a certificate for $24/year: http://www.register.com/product/securit ... ntial.rcmx
That was a *hint*.
-
scatty1985
- Forum Newbie
- Posts: 24
- Joined: Fri Dec 18, 2009 8:57 am
Re: Javascript PHP RSA
Haha I'll look into it. This is not for any kind of project which requires secure connections I am just playing about in order to learn a few things. The more I've thought about it the more I realise that to have proper security and prevent evesdropping the only thing you can do is use SSL.
I need to start working on a website for a friend who wants to sell imported books but I think I'm going to rely on PayPal rather than set up secure payment processing and stuff like that!
I need to start working on a website for a friend who wants to sell imported books but I think I'm going to rely on PayPal rather than set up secure payment processing and stuff like that!