0

I am developing a solution of two parts : part one is SMS encrypting which will be android based. while part two is to be concerned about the issuing and exchanging public / private keys.

Everything was alright, until i faced this problem : if you are using java cryptography classes, which provide the mod and exp of a key to generate the key object. While all of what i am getting from the server which generates the keys is a pre-computed public key. so, can't get mod nor exp from the server, where i am using phpseclib.

after doing some research: i came with three options, which i need to decide which of them is the best.

1) if there is a way to access the mod & exp from phpseclib , problem will be solved with less amount of time, right ?

2) replacing the native cryptography class in java, with third party like bouncy castle that will take the public key is one parameter.

3) changing the server side language to be JSP. then, i could use the same classes on two sides.

Which one of those solutions will be the easiest to adopt .. ?

Thank you very much.

Improve this question
2
  • What's the format of the "key" the server sends? - The cryptographic parameters needed will be encoded therein and only need to be extracted. Commented Oct 29, 2011 at 16:12
  • i think it is CRYPT_RSA_PUBLIC_FORMAT_PKCS1 by default , stated in phpseclib documentation. the output from sever like : -----BEGIN PUBLIC KEY----- MIGfAoGXCsLnyw64KfYTd4hjhq6sS+4AhnwgnAm/N/jMEaXtFCMVDfkY48dg5nMcOxjRmuJSK4Qr xDIjCtRyNkBj6nVDjwDGVe4vF5+s7dkI1lwlfOM2kl/zuuUveeYaT1pSehh2gs2j32deIR8o1zhI 0+bCebB+yC+mGND5Ro0dgc6z8AFevSEO12Ww9GP1ZFlTuwRAIt0/e3ZrIQIDAQAB -----END PUBLIC KEY----- Commented Oct 29, 2011 at 16:30

2 Answers 2

Reset to default
1

i answered my own question for future reference to everyone .

1) by contacting the author of the phpseclib he told me

The latest SVN version adds support for the following: CRYPT_RSA_PRIVATE_FORMAT_XML CRYPT_RSA_PUBLIC_FORMAT_XML CRYPT_RSA_PRIVATE_FORMAT_PUTTY"

which should solve any problem like mine.

2) For me, i overcame the situation (which happened before the above response) by generating the Public and Private keys from Java's native library of RSA then storing the to a web database server runs with codeigniter. you can make a simple API for yourself .Make android (java) URLConnection and pass URL with the values you want to store then parse it the other side.

it may looks like this : http://localhost/myApp/index.php/AndroidisTalking/registerKeys/VAR1/VAR2 Note VAR1, VAR2 are the generated keys.

Hope it helps. and thanks to Hanno Bender for the great help.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Ok, just had a look at http://phpseclib.sourceforge.net/documentation/misc_crypt.html#misc_crypt_rsa_format.

An easy approach would be to use CRYPT_RSA_PRIVATE_FORMAT_XML, doing some XML parsing on android.

Edit: forget that :)

Another format - CRYPT_RSA_PUBLIC_FORMAT_RAW - is stored as an array with two indexes - one for the modulus and one for the exponent.

and

getPublicKey() has an optional parameter - $type - that sets the format.

With this, you should receive an array of two elements, modulus and exponent, which you can then transfer any way you like from the server to your client.

Improve this answer

6 Comments

Thanks, i know that i should pass the type as $rsa->setPublicKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_XML); my code looks like this $rsa = new Crypt_RSA(); $array = $rsa->createKey(1204, 60); $rsa->setPublicKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_XML); extract($array); echo $publickey; and just not get things right, i get the old format.
it is clear now, just got RAW format working, you should put setPublicKeyFomat(CRYPT_RSA_PUBLIC_FORMAT_RAW) before createKey() Thanks Hanno :)
if you may, how can i generate the public key as an xml sheet ?
I don't know, but have you tried the optional $type parameter with getPublicKey()?
yes, i tried but did not work. also, the documentation says that you should not use this method. Another Problem : there is no method for setting the private key as RAW format . :( what a petty.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.