| Vávra Jan 2006-12-18, 8:01 am |
| |Hello, I'd like to add note to openssl_private_encrypt function,
but it always alerts it is a spam.
I think I handle the math of elementary school to fill out the control
questions ;-)
I appended the note.
JV
========================================
================
If you want to encrypt message larger than approx. 200 bytes, you must
split message into blocks. Precisly:
Let $RSA_KEY_SIZE is size of private key (I have $RSA_KEY_SIZE=256, this
is key length of 2048 bits)
Let $msg is source message,
$msgCrypt is encrypted message by private key
This code demonstrate encoding of larger messages:
$enclen=$RSA_KEY_SIZE-12;
for ($i=0; $i<(int)(strlen($msg)/$enclen); $i++) {
$sub=substr($msg,$i*$enclen,$enclen);
openssl_private_encrypt($sub, $cryptpart,$privateServer,
OPENSSL_PKCS1_PADDING);
$msgCrypt=$msgCrypt.$cryptpart;
}
$sub=substr($msg,$i*$enclen,strlen($msg)
%$enclen);
openssl_private_encrypt($sub, $cryptpart, $privateServer,
OPENSSL_PKCS1_PADDING);
$msgCrypt=$msgCrypt.$cryptpart;
The magic constant -12 in $enclen definition is according the openssl
manual: http://www.openssl.org/docs/crypto/...e_encrypt.html#
In public decryption, you should split into $RSA_KEY_SIZE blocks.
In public encryption use RSA_PKCS1_OAEP_PADDING and split into
$RSA_KEY_SIZE-42, private decryption: $RSA_KEY_SIZE blocks|
|