Need help with Public Key encryption

kenw232 · Jan 1, 2019

I have a strange problem I don't understand. I am trying to use openssl_public_encrypt() and openssl_private_decrypt() to secure text being stored in a database. It more or less works, but I have found that I can actually decrypt encrypted text with a wrong Private Key. If I change a character in my Private Key it still works. How can that be? Is that normal?

This is how I encrypt some larger plain text, which works:

function funcTextEncrypt($sText)   {
      global $sPublicKey;
      $publicKey = openssl_pkey_get_public($sPublicKey);
      $a_key = openssl_pkey_get_details($publicKey);
      $chunkSize = ceil($a_key['bits'] / 8) - 11;
      $sEncryptedText = '';
       while ($sText)
      {
          $chunk = substr($sText, 0, $chunkSize);
          $sText = substr($sText, $chunkSize);
          $sEncryptedTextTemp = '';
          if (!openssl_public_encrypt($chunk, $sEncryptedTextTemp, $publicKey)) { $sEncryptedText = ""; }
          $sEncryptedText .= $sEncryptedTextTemp;
      }
      openssl_free_key($publicKey);
      return(base64_encode($sEncryptedText));
   }

Added [code] tags ~ Mod.

NogDog · Jan 2, 2019

Not my area of expertise at all, but it looks like it may depend on which characters you change: https://crypto.stackexchange.com/questions/31807/why-does-my-ssh-private-key-still-work-after-changing-some-bytes-in-the-file

kenw232 · Jan 2, 2019

thanks for the link. seems like a strange problem. I've switched to libsodium anyway.

Need help with Public Key encryption

Kkenw232

NogDog

Kkenw232