0

I have a client which talks to a server and communication is encrypted using RSA and AES combination. The RSA key pair which I had generated was without passphrase. So, to make it secure I recently added the passphrase. Every thing works fine server side, but the Private key generated by PHP doesn't contain encryption info, due to which I can't load it client side. Following is the php code:

    $passphrase = 'Hello World';

    $config = array ("digest_alg" => "sha256","private_key_bits" => 2048,"private_key_type" => OPENSSL_KEYTYPE_RSA );
    // Create the private and public key
    $res = openssl_pkey_new ( $config );
    /* Extract the private key from $res to $privKey */
    openssl_pkey_export ( $res, $priv_key, $passphrase );
    /* Extract the public key from $res to $pubKey */
    $pub_key = openssl_pkey_get_details ( $res );
    $pub_key = $pub_key["key"];
    $pkey_pair = array ('priv_key' => $priv_key,'pub_key' => $pub_key );
    var_dump($pkey_pair);

You can try it on http://phpfiddle.org/ there is no enryption info, as if it is assuming that, since it works server side!

My client side code works only when no passphrase is used in RSA key generation.

try
    {
        Botan::AutoSeeded_RNG rng;
        Botan::DataSource_Memory privKeyMem(privKey);
        Botan::RSA_PrivateKey *rsaKey = dynamic_cast     <Botan::RSA_PrivateKey*> 
       (Botan::PKCS8::load_key(privKeyMem, rng, passphrase.c_str()));
        if(!rsaKey)
        {
             std::cout << "The loaded key is not a RSA key!\n";
             return false;
        }
        ....
        .....
    }
    catch(...)
    {
        cout<<"Exception: could not load private key";
        return false;
    }
adnan kamili
  • 8,967
  • 7
  • 65
  • 125

2 Answers2

1

Exporting an RSA key with a passphrase does not cause the generated key pair to be any different; it just encrypts the private key using that passphrase. If your client-side code cannot decrypt an encrypted key, don't use a passphrase.

Additionally, the client code you're currently using appears to be trying to load a PKCS8 format private key. This is incorrect here; openssl_pkey_export() generates the public and private key in PEM format.

  • The client code works perfect if no passphrase is used. PKCS8 is format but PEM is encoding and Botan uses PEM. http://botan.randombit.net/doxygen/namespaceBotan_1_1PKCS8.html – adnan kamili Feb 25 '15 at 19:11
0

Private keys should not be exported except possibly for backup/replication purposes for the same service. You should only export public keys of both client and server. Those keys need to be trusted somehow though. You could do this by embedding them in a certificate signed by a (self signed) CA that is trusted by both client and server.

Note that for transport protocols AES CBC encryption is not enough. You will need to add integrity and authenticity protection. This is usually done by adding a (H)MAC.

It seems you are trying to perform symmetric encryption using a single RSA key pair.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • Following is what I am doing http://security.stackexchange.com/questions/81013/rsa-and-aes-combination-in-offline-situation so I need to encrypt the clients private key. I do create a hash and sign it and verify it at the other end. – adnan kamili Feb 26 '15 at 04:34