PHP Classes


Recommend this page to a friend!
  Classes of Ricky Robinson   TA_OpenSSL   README_ENCRYPT.txt   Download  
Role: Documentation
Content type: text/plain
Description: Documentation File
Class: TA_OpenSSL
Encrypts and decrypts data using certificates
Author: By
Last change: Update to include information about derived class that encrypts large pieces of data.
Date: 19 years ago
Size: 5,242 bytes


Class file image Download
TA_OpenSSL Encrypts and Decrypts using the PHP OpenSSL extension and the RSA Algorithm. The only one php supports as of 4.3.3 Quick Instructions: Download the tar.gz file Extract all files to same directory in a web folder Navigate to the openssl_test.html page Copyright (C) 2003 Terra Access This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA A quick note: I also have a derived class that is able to encrypt large data sources. I haven't fully test it yet so I didn't release it here. If anyone is interested in obtaining a copy email me at and I will email you a copy. * Requires: OpenSSL Extension Installed and working * PHP 4.1 or higher ( Tested on 4.3.1, 4.1.2, 4.3.3 ) * Localization File: english_encrypt.php or translated file * RSA Certificate and Key File * Note: I included a public and private key with this * distribution. The passphrase is 'testing' * * Private Key File: privkey_test.pem * Public Key File: cacert_test.pem * * Localization Note: * I've also made it compatible with localization. The english version * is in file english_encrypt.php. To use other languages just save the * english_encrypt.php file as [language]_encrypt.php. Translate the defines * to the language of choice and change the require_once at the top of the class page. * If you do we would appreciate it if you emailed us a copy of the new translation. * Thanks <> * * *If you don't want to use the included keys... * Creating a Private Key: * openssl genrsa -des3 -out privkey.pem 2048 * Note: this was taken straight from * to create a key file without a passphrase remove the -des3 param * Key Size: In the above example the key size is 2048 bits. The size of your data * to encrypt is limited by this number. You can only encrypt data of the * length: * bytes - 11 * 2048 bits / 8 bits per byte = 256 bytes * 256 - 11 = 245 byte Maximum size of data to encrypt * * Creating a Certificate (Public Key): * openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 * Note: this was taken straight from * SECURITY NOTES: You should keep your private key just that private. If you use a passphrase when creating your private key noone can retrieve your data using the private key without the proper passphrase. I am open to suggestions from anyone on the most reliable way to accomplish this. Steps to Using Class: 1. Include the class file in your source 2. Create an instance of the class 3. Set the public key path 4. Set the private key path 5. Set the passphrase ( set to "" if passphrase not used in key generation) 6. To Encrypt: a. Call encrypt_data_public() to encrypt b. Call get_encrypted_data() to retrieve data 7. To Decrypt: a. Call decrypt_data_private b. Call get_decrypted_data() to retrieve data See openssl_test.php for commented example EXAMPLE CODE RESOURCE: This is the example code that I used to write this class. I retrieved it from the following page... <?php //STEP 1: Encryption with Public Key (you will need Private Key to decrypt - see step2) $string="Some Important Data"; $fp=fopen ("cert.pem","r"); $pub_key=fread ($fp,8192); fclose($fp); $PK=""; $PK=openssl_get_publickey($pub_key); if (!$PK) { echo "Cannot get public key"; } $finaltext=""; openssl_public_encrypt($string,$finaltext,$PK); if (!empty($finaltext)) { openssl_free_key($PK); echo "Encryption OK!"; }else{ echo "Cannot Encrypt"; } // STEP 2: Decription (Using Private Key) $fp=fopen ("pk.pem","r"); $priv_key2=fread ($fp,8192); fclose($fp); $PK2=openssl_get_privatekey($priv_key2); $Crypted=openssl_private_decrypt($Data,$Decrypted,$PK2); if (!$Crypted) { $MSG.="<p class='error'>Cannot Decrypt ($CCID).</p>"; }else{ echo "Decrypted Data: " . $Decrypted; } ?>