Challenging! RSA Asymmetric decryption without open ssl

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
attilio
Forum Newbie
Posts: 1
Joined: Wed May 26, 2010 5:43 am

Challenging! RSA Asymmetric decryption without open ssl

Post by attilio »

Firstly,
I'm interfacing a .NET webservice from PHP. Encryption is handled in .NET.

PHP client forwards a public RSA key in the XML Format, <RSAKeyValue><Modulus>public key</Modulus><Exponent>AQAB</Exponent>

The PHP client successfully forwards the Key to the .NET Webservice and the webservice encrypts a Symmetric key with the supplied public key.

The encrypted symmetric key is received successfully however my private key is also in XML Format containing lots of elements, and included the public key?

Code: Select all

<RSAKeyValue><Modulus>public key</Modulus><Exponent>AQAB</Exponent><P>xxxxx</P><Q>xxxxx</Q><DP>xxxxx</DP><DQ>xxxxxx</DQ><InverseQ>xxxxx</InverseQ><D>xxxxxx</D></RSAKeyValue>

I need to decrypt the response from the server using RSA TripleDES decrpytion and the above key. I've been searching the internet all morning without getting much help on this. What is the best approach to take?

Should I split all these values up and run a decrypt function on it? What methods are there that I can use for this already written, if any.
I do not have openSSL on the webserver.

Thanks in advance for any help
User avatar
yacahuma
Forum Regular
Posts: 870
Joined: Sun Jul 01, 2007 7:11 am

Re: Challenging! RSA Asymmetric decryption without open ssl

Post by yacahuma »

why dont you use the standard secury header?
Post Reply