RSA and AES hybrid encryption/decryption with phpseclib fails

Question

I would like to encrypt and decrypt a string using a asymmetric key.

As the string can be larger, I decided to try a hybrid solution like this:

<?php

use phpseclib\Crypt\RSA;
use phpseclib\Crypt\Rijndael;
use phpseclib\Crypt\Random;


function generateKeys()
{
    $rsa = new RSA();

    return $rsa->createKey();
}

function encrypt($plaintext, $asym_key, $key_length = 150)
{
    $rsa = new RSA();
    $rij = new Rijndael();

    $sym_key = Random::string($key_length);

    $rij->setKey($sym_key);
    $ciphertext = $rij->encrypt($plaintext);
    $ciphertext = base64_encode($ciphertext);

    $rsa->loadKey($asym_key);
    $sym_key = $rsa->encrypt($sym_key);

    $sym_key = base64_encode($sym_key);
    $len     = strlen($sym_key);

    $len
         = dechex($len);
    $len = str_pad($len, 3, '0', STR_PAD_LEFT);

    $message = $len.$sym_key.$ciphertext;

    return $message;
}

function decrypt($message, $asym_key)
{
    $rsa = new RSA();
    $rij = new Rijndael();

    $len     = substr($message, 0, 3);
    $len     = hexdec($len);
    $sym_key = substr($message, 0, $len);

    $message    = substr($message, 3);
    $ciphertext = substr($message, $len);
    $ciphertext = base64_decode($ciphertext);

    $rsa->loadKey($asym_key);
    $sym_key = base64_decode($sym_key);
    $sym_key = $rsa->decrypt($sym_key);

    // Decrypt the message
    $rij->setKey($sym_key);
    $plaintext = $rij->decrypt($ciphertext);

    return $plaintext;
}

$keys      = generateKeys();
$encrypted = encrypt('test', $keys['publickey']);

print_r($encrypted);

$decrypted = decrypt($encrypted, $keys['privatekey']);

print_r($decrypted);

This is the result of my first try:

Public key

Private Key

Encrypted message

158uPq8BV2hi39h6aZw7nwjgi0AQG+mYZnrBcdBNztj3uoGEptY4Q5jeBR+BHVSiwhrUbCf0EiRGekFHRTmNnr+glafIMaTsJABWQRDoUCMefz9hPz8G/JcLcg9/7XhQmtOeceAIWG0lkh/lsUCP3uKvRBv5sbjHgJkhUDcbM9P/zrQLuP0Qq+wLPfxa1yE907DvXJ4dRUJVJF9F+esi51ucQMU5GYQS48ThlmBvh69zUCf0NX6s9k5cCzGT42RW7hF3yHEwcr9lOZLAhq1tn9Z8qM0pNrUdHAcB6N2Hv5qDbr/rFw9fX0vKts8DM782ljpi9CF4dTyMdzKpKrl4Sgu+w==0vwVKQT8cL0VEEa32bQuLw==

Now I'd like to decrypt it:

decrypt($encrypted, $keys['privatekey']);

returns this error:

PHP Notice: Decryption error in /home/vagrant/code/vendor/phpseclib/phpseclib/phpseclib/Crypt/RSA.php on line 2580

Answer 1

You are not decomposing the message correctly in decrypt :

$sym_key = substr($message, 0, $len);

This includes the length. You probably meant to write

$sym_key = substr($message, 3, $len);

RSA and AES hybrid encryption/decryption with phpseclib fails

Question

1 answers

solution1
3 ACCPTED 2019-08-05 13:39:43

RSA and AES hybrid encryption/decryption with phpseclib fails

Question

1 answers

solution1 3 ACCPTED 2019-08-05 13:39:43

solution1
3 ACCPTED 2019-08-05 13:39:43