Home > database >  Encrypt Data buy using PEM files with PHP
Encrypt Data buy using PEM files with PHP

Time:04-27

I have P12 file and I convert it to two PEM files one is PK file and one is Private key file:

newfile.key.pem content:

 localKeyID: 20 16 8C 58 E4 DD BC 0D 99 6D A3 DF A5 D1 65 C9 D2 DE 49 15 
subject=/C=PL/ST=Silesia/L=Katowice/O=GAZT/CN=CommonName
issuer=/C=PL/ST=Silesia/L=Katowice/O=GAZT/CN=CommonName
-----BEGIN CERTIFICATE-----
MIIBmzCCAUECCQDQROomkk8YkDAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJQTDEQ
XXXXXXXXXX3xHgMeAXjgVpZftENoYAiB7
WFgx0hLuJTJbLpYCzpzdpWVOXrIr8g4XvtWKl02j1w==
-----END CERTIFICATE-----
Bag Attributes
 localKeyID: 20 16 8C 58 E4 DD BC 0D 99 6D A3 DF A5 D1 65 C9 D2 DE 49 15 
Key Attributes: <No Attributes>
-----BEGIN PRIVATE KEY-----
MIGEAgXXXXXXXXXXXXXXPXfA4zjpFRaOUNWUBNuU
-----END PRIVATE KEY-----

newfile.crt.pem content as public key:

Bag Attributes
    localKeyID: 20 16 8C 58 E4 DD BC 0D 99 6D A3 DF A5 D1 65 C9 D2 DE 49 15 
subject=/C=PL/ST=Silesia/L=Katowice/O=GAZT/CN=CommonName
issuer=/C=PL/ST=Silesia/L=Katowice/O=GAZT/CN=CommonName
-----BEGIN CERTIFICATE-----
MIIBmzCCAUECCQDQROomkk8YkDAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJQTDEQ
MA4GA1UECAwHUXXXXXXXXXXXXg4XvtWKl02j1w==
-----END CERTIFICATE-----

PHP Code:

// STEP 1: Encryption with Public Key (you will need Private Key to decrypt - see step2).
$PK="";

$fp=fopen ("newfile.crt.pem","r");
$pub_key=fread ($fp,8192);
fclose($fp);
$PK=openssl_get_publickey($pub_key);
$pub_key = "";
$string="Some Important Data";

if (!$PK) {
    echo "Cannot get public key";
}

$finaltext="";

openssl_public_encrypt($string, $finaltext, $PK);

 
if (!empty($finaltext)) {
    
    openssl_free_key($PK);
    
    echo "Encryption OK!";
    
  echo base64_encode($finaltext); 
    
}else{
    
    echo "Cannot Encrypt";
    
}

The encrypted is give me Encryption OK

but there is no echo output?

//STEP 2: Decription (Using Private Key)

$fp=fopen ("newfile.key.pem","r");

$priv_key2=fread ($fp,8192);

fclose($fp);

$priv_key2 = "";
$PK2=openssl_get_privatekey($priv_key2);

$Crypted=openssl_private_decrypt($finaltext,$Decrypted,$PK2);

if (!$Crypted) {
    echo "not decrypt";
    
}else{
    
    echo "Decrypted Data: " . $Decrypted;
    
}

What is the proper way to achieve it? because I need it to encrypt TLV values in QR code?

I am working on PHP 8.1 cloud shared server.

CodePudding user response:

I have modified your code only slightly, but I replaced your certificate bundle with a valid X509 certificate & private key. The public key is contained within the certificate. You can generate certificate and keyfile yourself with this command:

openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out sp.crt -keyout sp.pem -sha256

As you see, the code is identical except for the certificate and some line breaks.

$PK="";

$pub_key = "-----BEGIN CERTIFICATE-----
MIIDuzCCAqOgAwIBAgIJAKqQynuEYKHMMA0GCSqGSIb3DQEBCwUAMHQxCzAJBgNV
BAYTAkRFMQwwCgYDVQQIDANOUlcxEDAOBgNVBAcMB0NvbG9nbmUxEjAQBgNVBAoM
CVF1ZXN0YmFjazELMAkGA1UECwwCUFMxJDAiBgNVBAMMG2d6NDcyNy5jdXN0b21l
cnZvaWNlMzYwLmNvbTAeFw0xOTA4MTQxMDEwMjVaFw0yOTA4MTMxMDEwMjVaMHQx
CzAJBgNVBAYTAkRFMQwwCgYDVQQIDANOUlcxEDAOBgNVBAcMB0NvbG9nbmUxEjAQ
BgNVBAoMCVF1ZXN0YmFjazELMAkGA1UECwwCUFMxJDAiBgNVBAMMG2d6NDcyNy5j
dXN0b21lcnZvaWNlMzYwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANoltMPmQIM ARPefaJcMzIAdQ5xEAE2S xTwEvpnLROWvD2zzRWgjisLccP
M hK7cS5i92KtRoA55p66KQU Mh ki8cMKGOPjbiWWS/2Svk6SQs3Zm70mE6QqT4
hRP7WqTjIQsD7QiEBfBaWP1J9xwivUvQ1LUr G13Ma356Ckw6XsH u9mbFldD6Ia
H55nWe9xdXJrIiqJpahccgzbQrNQLRPVsOAV9rF3Pjo87Pq9cwi9qFhxnwuI7eTU
vH0W31fJINVi7o/Cnq2hQsseFpBd4gQ5lur2ql5abi9zey/bSli1Shc8iRV/9yZt
FS5nhKo81hN9gf2wUKBY9ER3xSkCAwEAAaNQME4wHQYDVR0OBBYEFEzeUwQz1KCl
HuEx46eupbh1MdDfMB8GA1UdIwQYMBaAFEzeUwQz1KClHuEx46eupbh1MdDfMAwG
A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBALCEMSu80dQlCGlt9NV6bd/b
7j9u3KEJUdSXUA QiimtRwtGym0qbH0QKTjltJD7sMSJGjTUJ7p68QlUxqF5C8TT
zfUGUNeJ5JTX4GPfeQdv01pqeUVGp ZRGuHquVNknItNzXgz5HSr9gd7FLnyGx0t
4X93yUi2Y2FJKPFyyKdaID9BbIED/hMcrkR/zOATNyu8Nsex2pRj4PmdmFz2yUvk
ksFbfLoKn2/8tJsHCx8o2AGycMACEFK9dB4NWj7lwZC5mUOPG0bMPI2CJHCgKEyN
/I/NZSkVS8oVR4O65pxcCmJVsN6u6J1qzlGE hFYxIbpTXBUcrLv9L0TImAFWuM=
-----END CERTIFICATE-----";

$PK=openssl_get_publickey($pub_key);
$string="Some Important Data";

if (!$PK) {
    echo "Cannot get public key";
}

$finaltext="";

openssl_public_encrypt($string, $finaltext, $PK);

 
if (!empty($finaltext)) {
    
    openssl_free_key($PK);
    
    echo "Encryption OK!".PHP_EOL;
    
    echo 'base64Encoded: ' . base64_encode($finaltext).PHP_EOL; 
    
}else{
    
    echo "Cannot Encrypt".PHP_EOL;
    
}

###################################


$priv_key2 = "-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDaJbTD5kCDPgET
3n2iXDMyAHUOcRABNkvsU8BL6Zy0Tlrw9s80VoI4rC3HDzPoSu3EuYvdirUaAOea
euikFPjIfpIvHDChjj424llkv9kr5OkkLN2Zu9JhOkKk IUT 1qk4yELA 0IhAXw
Wlj9SfccIr1L0NS1K/htdzGt egpMOl7B/rvZmxZXQ iGh eZ1nvcXVyayIqiaWo
XHIM20KzUC0T1bDgFfaxdz46POz6vXMIvahYcZ8LiO3k1Lx9Ft9XySDVYu6Pwp6t
oULLHhaQXeIEOZbq9qpeWm4vc3sv20pYtUoXPIkVf/cmbRUuZ4SqPNYTfYH9sFCg
WPREd8UpAgMBAAECggEAe7bsmDjJl2SfmdQRLfXZ9t55hDIsoHNZhXJN2P9opnzV
aFigVA9HlLpYz85YYsGzrGCJ6J9Ua6XdsydHLl7SZGobn2n TnDr6ZZemhuPHyyX
57MmDZyOCCPRTdu/JQDkfCRvRd75G148O/4Q/7xlzugIsKmDKCgCoJn7a64RsuGE
fGSeV8R/hcC8rE7Wdocdn77whIZhsqzTc5QgzMQO/DwLqBYha3fcyv5PW1KEPxx7
SLJE6Q5hbomjnXlQgHV0J6wZF6Ur6EjOnYUNS6Vjg0YYjHpEkrZuV05H9l1ifQFn
Zek/IXs9ulu10cGjn6Xq7zIroWpWC6rKIiREkZ4PbQKBgQD/fh4AgJqz8YsDcO5e
O64BwdmBLbNv7GeWrIZxjM6sodc3oEc0nYxA0Hu6CY0y4Rf10bRrMnpiQgtF4zwk
 IzGpqwGdqjzYSamLFBR5YeZ3aFlnEF61QhFrKfrfbLcEc0CVm9rcm0WR8p8U4Eg
0KLMIbpweoakwmrkkk44uv6KlwKBgQDalJqckdXUZV3cWxRxEi48nSwr7QBxqXns
 4yvbmA/XLqNZyVr/JqVdzgZbKjeoQBGX3M3vTaxEWf8cYDNLO0xv7iVaLuRhshH
5FvMKMKYfi9Qb mAEc4tt5 aAVUADdXvoQMnZRosTzJ1T3ifQh3xGGb9yztfz52S
7GDaZTDmPwKBgQDEZmOTyUijKPvO4mIqyD/EFAsqVUJJuHYNCoSzByXc6PAzT59N
IAsvy9RAt5T2Vrh/e/vwJ7aSj hwifSzCunUz00QDuljZfw643e 7O3nZsrp/EsN
rHOWc9oFmfQDXh 1O1KdSzH2XauXFO3/lsJ nzLdwiJ8xwM6wAknbP 88wKBgEHO
qbnnwjv/BMI5/a6JLbh8DXdwFEkkIBw0I8gRcBLDhTrbSg338EZ9rTsiVrkoOd/2
DsdCRTwMJIWBWqjrFMJ8mUMKVCZdMOFMJEMUJnooy2/pMaCoO63R8dA5BHFOuRE7
JarvqnCaq3NcKNGx4zfaA /3BvoylJtOZV57RrybAoGAev6anKHw4aLjvjyIMbvk
82IKZFlsuL8Y8nO/mIsZAdujEfzo9UAsrW94oYsTckr3qNXb9HwU2JCFxiIPwttj
yNFjm7J/WVbkl5D1X1FgrryVTazYiFWx5 6ONDDnoiFllMYP tiipzy3moArseDV
JUWy 1Q54Jfz6qdVjm1f37Y=
-----END PRIVATE KEY-----
";
$PK2=openssl_get_privatekey($priv_key2);

$Crypted=openssl_private_decrypt($finaltext,$Decrypted,$PK2);

if (!$Crypted) {
    echo "not decrypt";
    
}else{
    
    echo "Decrypted Data: " . $Decrypted . PHP_EOL;
    
}
  • Related