Login   Register  
PHP Classes
elePHPant
Icontem

File: README_ENCRYPT.txt

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Ricky Robinson  >  TA_OpenSSL  >  README_ENCRYPT.txt  >  Download  
File: README_ENCRYPT.txt
Role: Documentation
Content type: text/plain
Description: Documentation File
Class: TA_OpenSSL
Encrypts and decrypts data using certificates
Author: By
Last change: Update to include information about derived class that encrypts large pieces of data.
Date: 2003-09-17 13:20
Size: 5,242 bytes
 

Contents

Class file image Download
	TA_OpenSSL Encrypts and Decrypts using the PHP OpenSSL extension
	and the RSA Algorithm. The only one php supports as of 4.3.3

        Quick Instructions:
          Download the tar.gz file
          Extract all files to same directory in a web folder
          Navigate to the openssl_test.html page

    Copyright (C) 2003  Terra Access 

    This program is free software; you can redistribute it and/or modify 
    it under the terms of the GNU General Public License as published by 
    the Free Software Foundation; either version 2 of the License, or 
    (at your option) any later version. 

    This program is distributed in the hope that it will be useful, 
    but WITHOUT ANY WARRANTY; without even the implied warranty of 
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the 
    GNU General Public License for more details. 

    You should have received a copy of the GNU General Public License 
    along with this program; if not, write to the Free Software 
    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA 
   A quick note:
      I also have a derived class that is able to encrypt large data
      sources. I haven't fully test it yet so I didn't release it here.
      If anyone is interested in obtaining a copy email me at dev@terraaccess.com and I will email you a copy.


  * Requires:   OpenSSL Extension Installed and working
  *             PHP 4.1 or higher ( Tested on 4.3.1, 4.1.2, 4.3.3 )
  *             Localization File: english_encrypt.php or translated file
  *             RSA Certificate and Key File
  *							Note: I included a public and private key with this
  *										distribution. The passphrase is 'testing'
  *								
  *								Private Key File: privkey_test.pem
  *								Public Key File:  cacert_test.pem
  *						
  * Localization Note:
  *   I've also made it compatible with localization. The english version
  *   is in file english_encrypt.php. To use other languages just save the
  *   english_encrypt.php file as [language]_encrypt.php. Translate the defines
  *   to the language of choice and change the require_once at the top of the class page.
  *   If you do we would appreciate it if you emailed us a copy of the new translation.
  *     Thanks <dev@terraaccess.com>
  *
  *
  *If you don't want to use the included keys...
  * Creating a Private Key:
  *   openssl genrsa -des3 -out privkey.pem 2048
  *   Note: this was taken straight from http://www.openssl.org/docs/HOWTO/keys.txt
  *         to create a key file without a passphrase remove the -des3 param
  *   Key Size: In the above example the key size is 2048 bits. The size of your data
  *         to encrypt is limited by this number. You can only encrypt data of the
  *         length:
  *               bytes - 11
  *               2048 bits / 8 bits per byte = 256 bytes
  *               256 - 11 = 245 byte Maximum size of data to encrypt
  *
  * Creating a Certificate (Public Key):
  *   openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
  *   Note: this was taken straight from http://www.openssl.org/docs/HOWTO/certificates.txt
  * 
  SECURITY NOTES:
  	You should keep your private key just that private. If you use a passphrase
  	when creating your private key noone can retrieve your data using the 
  	private key without the proper passphrase. I am open to suggestions from
  	anyone on the most reliable way to accomplish this.
  	
  Steps to Using Class:
  1. Include the class file in your source
  2. Create an instance of the class 
  3. Set the public key path
  4. Set the private key path
  5. Set the passphrase ( set to "" if passphrase not used in key generation)
  6. To Encrypt:
  		a. Call encrypt_data_public() to encrypt
  		b. Call get_encrypted_data() to retrieve data
  	 
  7. To Decrypt:
  	 	a. Call decrypt_data_private
  	 	b. Call get_decrypted_data() to retrieve data
  	 	
  See openssl_test.php for commented example
  	
  EXAMPLE CODE RESOURCE:
    This is the example code that I used to write this class.
    
    I retrieved it from the following page...
    http://si.php.net:8888/manual/en/function.openssl-public-encrypt.php
		webmaster@costarica-travelinfo.com
			
			<?php
			//STEP 1: Encryption with Public Key (you will need Private Key to decrypt - see step2)
			$string="Some Important Data";
			$fp=fopen ("cert.pem","r");
			$pub_key=fread ($fp,8192);
			fclose($fp);
			$PK="";
			$PK=openssl_get_publickey($pub_key);
			if (!$PK) {
			    echo "Cannot get public key";
			}
			$finaltext="";
			openssl_public_encrypt($string,$finaltext,$PK);
			if (!empty($finaltext)) {
			    openssl_free_key($PK);
			    echo "Encryption OK!";
			}else{
			    echo "Cannot Encrypt";
			}
			
			// STEP 2: Decription (Using Private Key)
			
			$fp=fopen ("pk.pem","r");
			$priv_key2=fread ($fp,8192);
			fclose($fp);
			$PK2=openssl_get_privatekey($priv_key2);
			$Crypted=openssl_private_decrypt($Data,$Decrypted,$PK2);
			if (!$Crypted) {
			    $MSG.="<p class='error'>Cannot Decrypt ($CCID).</p>";
			}else{
			    echo "Decrypted Data: " . $Decrypted;
			}
			?>