I was having a heck of a time finding help on making asynchronous encryption/decryption using private key/public key systems working, and I had to have it for creating a credit card module that uses recurring billing.
You'd be a fool to use normal, 'synchronous' or two-way encryption for this, so the whole mcrypt library won't help.
But, it turns out OpenSSL is extremely easy to use...yet it is so sparsely documented that it seems it would be incredibly hard.
So I share my day of hacking with you - I hope you find it helpful!
<?php
if (isset($_SERVER['HTTPS']) )
{
echo 'SECURE: This page is being accessed through a secure connection.<br><br>';
}
else
{
echo 'UNSECURE: This page is being access through an unsecure connection.<br><br>';
}
// Create the keypair
$res=openssl_pkey_new();
// Get private key
openssl_pkey_export($res, $privatekey);
// Get public key
$publickey=openssl_pkey_get_details($res);
$publickey=$publickey['key'];
echo 'Private Key:<BR>$privatekey<br><br>Public Key:<BR>$publickey<BR><BR>';
$cleartext = '1234 5678 9012 3456';
echo 'Clear text:<br>$cleartext<BR><BR>';
openssl_public_encrypt($cleartext, $crypttext, $publickey);
echo 'Crypt text:<br>$crypttext<BR><BR>';
openssl_private_decrypt($crypttext, $decrypted, $privatekey);
echo 'Decrypted text:<BR>$decrypted<br><br>';
?>
Many thanks to other contributors in the docs for making this less painful.
Note that you will want to use these sorts of functions to generate a key ONCE - save your privatekey offline for decryption, and put your public key in your scripts/configuration file. If your data is compromised you don't care about the encrypted stuff or the public key, it's only the private key and cleartext that really matter.
Good luck!
Php Openssl Generate Encryption Key Software
First, you will need to generate a pseudo-random string of bytes that you will use as a 256 bit encryption key. The requested length will be 32 (since 32 bytes = 256 bits). The requested length will be 32 (since 32 bytes = 256 bits). Opensslprivateencrypt encrypts data with private key and stores the result into crypted. Encrypted data can be decrypted via opensslpublicdecrypt. This function can be used e.g. To sign data (or its hash) to prove that it is not written by someone else. This small tutorial will show you how to use the openssl command line to encrypt and decrypt a file using a public key. We will first generate a random key, encrypt that random key against the public key of the other person and use that random key to encrypt the actual file with using symmetric encryption.