OpenSSl + PHP how to implement it [closed]

Answer 1

If you are simply wanting to post form data via HTTPS, Apache should be able to handle that for you. However, if you are wanting to use OpenSSL and PHP to generate key pairs and encrypt data, this two-part article that I wrote might be of use to you:

http://3stepsbeyond.co.uk/company-blog/coding/openssl-and-php-part-one

http://3stepsbeyond.co.uk/company-blog/coding/openssl-and-php-part-two

Answer 2

Do you want to generate a pair of keys with php?

$NEW_KEY = openssl_pkey_new(array(
    'private_key_bits' => 1024,
    'private_key_type' => OPENSSL_KEYTYPE_RSA,
        ));

openssl_pkey_export_to_file($NEW_KEY, 'private.key');

$NEW_KEY_DETAILS = openssl_pkey_get_details($NEW_KEY);
file_put_contents('public.key', $NEW_KEY_DETAILS['key']);

openssl_free_key($NEW_KEY);

Do you already have the keys ?

$public = "-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfmlc2EgrdhvakQApmLCDOgP0n
NERInBheMh7J/r5aU8PUAIpGXET/8+kOGI1dSYjoux80AuHvkWp1EeHfMwC/SZ9t
6rF4sYqV5Lj9t32ELbh2VNbE/7QEVZnXRi5GdhozBZtS1gJHM2/Q+iToyh5dfTaA
U8bTnLEPMNC1h3qcUQIDAQAB
-----END PUBLIC KEY-----";

$private = "-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDfmlc2EgrdhvakQApmLCDOgP0nNERInBheMh7J/r5aU8PUAIpG
XET/8+kOGI1dSYjoux80AuHvkWp1EeHfMwC/SZ9t6rF4sYqV5Lj9t32ELbh2VNbE
/7QEVZnXRi5GdhozBZtS1gJHM2/Q+iToyh5dfTaAU8bTnLEPMNC1h3qcUQIDAQAB
AoGAcbh6UFqewgnpGKIlZ89bpAsANVckv1T8I7QT6qGvyBrABut7Z8t3oEE5r1yX
UPGcOtkoRniM1h276ex9VtoGr09sUn7duoLiEsp8aip7p7SB3X6XXWJ9K733co6C
dpXotfO0zMnv8l3O9h4pHrrBkmWDBEKbUeuE9Zz7uy6mFAECQQDygylLjzX+2rvm
FYd5ejSaLEeK17AiuT29LNPRHWLu6a0zl923299FCyHLasFgbeuLRCW0LMCs2SKE
Y+cIWMSRAkEA7AnzWjby8j8efjvUwIWh/L5YJyWlSgYKlR0zdgKxxUy9+i1MGRkn
m81NLYza4JLvb8/qjUtvw92Zcppxb7E7wQJAIuQWC+X12c30nLzaOfMIIGpgfKxd
jhFivZX2f66frkn2fmbKIorCy7c3TIH2gn4uFmJenlaV/ghbe/q3oa7L0QJAFP19
ipRAXpKGX6tqbAR2N0emBzUt0btfzYrfPKtYq7b7XfgRQFogT5aeOmLARCBM8qCG
tzHyKnTWZH6ff9M/AQJBAIToUPachXPhDyOpDBcBliRNsowZcw4Yln8CnLqgS9H5
Ya8iBJilFm2UlcXfpUOk9bhBTbgFp+Bv6BZ2Alag7pY=
-----END RSA PRIVATE KEY-----";

if (!$privateKey = openssl_pkey_get_private($private)) die('Loading Private Key failed');
if (!$publicKey = openssl_pkey_get_public($public)) die('Loading Public Key failed');

$encrypted = '';
$decrypted = '';

$plaintext = 'This is just some text to encrypt';

echo '<p>$plaintext = ' . $plaintext . '<p>';

if (!openssl_public_encrypt($plaintext, $encrypted, $publicKey))    die('Failed to encrypt data');

echo '<p>$encrypted = ' . $encrypted . '<p>';

if (!openssl_private_decrypt($encrypted, $decrypted, $privateKey))  die('Failed to decrypt data');

echo '<p>$decrypted = ' . $decrypted . '<p>';

There you go, Enjoy!

Answer 3

HTTPS is usually implemented at the web server, not in scripting languages. For example, if you are deploying this project to an Apache server, you might check out the Apache documents relating to SSL.

Answer 4

Here are some examples on how to use openssl and php:

function encryptData($source, $privateKey)
{
    $maxLength = 117;

    $output = "";
    while ($source)
    {
        $slice = substr($source, 0, $maxLength);
        $source = substr($source, $maxLength);

        openssl_private_encrypt($slice, $encrypted, $privateKey);
        $output .= $encrypted;
    }

    return $output;
}

function decryptData($source, $publicKey)
{
    $maxLength = 128;

    $output = "";
    while ($source)
    {
        $slice = substr($source, 0, $maxLength);
        $source = substr($source, $maxLength);

        openssl_public_decrypt($slice, $decrypted, $publicKey);

        $output .= $decrypted;
    }

    return $output;
}

// usage
$myPrivateKey = ""; // your generated private key
$myPublicKey = "";  // your generated public key

$rawText = "lorem ipsum";

$crypted = encryptData($rawText, $myPrivateKey);
$decrypted = decryptData($crypted, $myPublicKey);

to generate your private/public key pair, just execute the following commands:

openssl genrsa -out private_key.pem 1024
openssl rsa -pubout -in private_key.pem -out public_key.pem

you will found two key on your current directory. If you need to add them onto variable, beware the whitespaces.