I received a message from Phillip saying > Are you sure that the PHP side is using PKCS1 padding? > > Phillip
The default padding for PHP is OPENSSL_PKCS1_PADDING. Interestingly, if I specify OPENSSL_NO_PADDING I don't get any encrypted output on the PHP side. I don't know if that gives any clues. Vince Beans57 wrote: > > Hi all > I'm trying to write some code to secure credit cards in a PHP based > website using openssl. I want to generate the public / private keys using > PHP. (This bit is fine). Then encrypt the card number using PHP. (This is > also fine as I've tested that I can decrypt it again using PHP). But > eventually I want to not store the private key on the webserver so I want > to decrypt in a Visual Studio C++ application and this is where it's going > wrong. In PHP I've used... > openssl_pkey_new . . . to generate new key pair > openssl_pkey_export . . . to export private key > openssl_public_encrypt . . . to encrypt using public key > openssl_private_decrypt . . . to check I get same data back > > Now in the Windows C++ side I've used... > BIO *bioPtr = BIO_new_mem_buf(privkey, privkeylen); > RSA *prvkey = PEM_read_bio_RSAPrivateKey(bioPtr, NULL, NULL, NULL); // No > errors reported > iRet = > RSA_private_decrypt(encryptedtextlen,encryptedtext,decryp,prvkey,RSA_PKCS1_PADDING); > > I've stripped all the error checking etc out for readability but > everything seems to go ok until RSA_private_decrypt which always > returns... > error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is > not 02 > Whatever I enter for encrypted text gives the same result so I think > really this result is saying my encrypted text is garbage/not understood. > I'm starting to think that maybe my approach is incorrect, that maybe I > can't use RSA_private_decrypt to decrypt data encrypted using > openssl_public_encrypt in PHP. If anyone has any pointers or advice I > would be very grateful. > > Vince > -- View this message in context: http://old.nabble.com/Encrypt-using-PHP-Decrypt-on-Windows-tp28759523p28777193.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
