Dear php users,
Is there any way to decrypt data encrypted using openssl_seal
_without_ using openssl_open, and instead using the openssl command-
line tools?
Here's how the data is encrypted (using openssl_seal). The function
'store_for_later()' just base64_encodes the data and writes to an
archive location. $keycert contains the x509 certificate.
###
$key = openssl_pkey_get_public($keycert);
openssl_seal($plaintext,
$sealed,
$envelope,
array($key));
store_for_later($sealed, $envelope[0]);
###
Retrieving the stored data using php, by base64_decoding it and
openssl_open'ing it works fine. However, this sequence of commands
fails using the OpenSSL command-line tools:
###
bt$ openssl base64 -A -d -in envelope | \
openssl rsautl -inkey key.pem -decrypt > data_key
bt$ openssl rc4 -A -d -in sealed -kfile data_key
bad magic number
bt$
###
What's 'bad magic number' mean? I tried using the -nosalt option to
openssl, and get garbage from openssl, but no 'bad magic number'
error message. I suspect it has something to do with the way php
creates the initial rc4 key, as I get the same plaintext key if I
decrypt the "envelope" from within php or from openssl command-line.
Regards,
William
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
