How to convert rsa from python to php?

Question

I am trying to encrypt a password to sent to through an API for authentication. My situation is quite similar to another encrypt example

The python part is form see the get_pwd_rsa function

Python part:

import rsa

key = rsa.PublicKey(n, e)

encropy_pwd = rsa.encrypt(message, key)

binascii.b2a_hex(encropy_pwd)

And I have try using phpseclib to solve my problem, but the encrypt result is not correct:

use phpseclib\Crypt\RSA;

$rsa = new RSA();

$rsa->loadKey([
    'n' => new \phpseclib\Math\BigInteger($n, 16),
    'e' => new \phpseclib\Math\BigInteger($e, 16),
]);

$ciphertext = $rsa->encrypt($message);

return bin2hex($ciphertext);

The encrypt result is not correct and I'm not sure which part am I missing.

Answer 1

To add to what James said, my suspicion is that whatever Python library you're using is doing PKCS1 padding if it's doing any padding at all.

Contrast this with phpseclib which uses OAEP padding by default. PKCS1 padding can be enabled but it defaults to the more secure OAEP padding.

Further, both PKCS1 and OAEP encryption are randomized. I say that because I kinda wonder if you're saying the PHP code is wrong because it doesn't give the same result as the python code. It shouldn't. If you run a round of RSA encryption with phpseclib twice with the same plaintext and key each time you'll get a different ciphertext each time. PKCS1 and OAEP were designed this way to protect against known plaintext attacks.